The following Fedora 23 Security updates need testing: Age URL 234 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23 192 https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe miniupnpc-1.9-6.fc23 165 https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324 jbig2dec-0.12-2.fc23 115 https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1 python-pymongo-3.0.3-1.fc23 115 https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8 thttpd-2.25b-37.fc23 80 https://bodhi.fedoraproject.org/updates/FEDORA-2016-637618fcd4 mingw-nsis-2.50-1.fc23 35 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b8f91621c7 optipng-0.7.6-1.fc23 18 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7c48036d73 community-mysql-5.6.30-1.fc23 10 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f2aae0dbc5 botan-1.10.13-1.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-78ad11154f ocaml-4.02.2-5.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f2e2b178ea jackson-dataformat-xml-2.5.0-3.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6f479decc6 owncloud-8.2.4-1.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ff070e8faa imlib2-1.4.9-1.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-609627f8f5 ioprocess-0.15.1-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-286bacdbfb moodle-2.9.6-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c9d560e23a pgpdump-0.31-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-879977eea0 cacti-0.8.8h-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f5c4242b81 openvpn-2.3.11-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f2b1f07256 qemu-2.4.1-9.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e1234b65a2 mingw-openssl-1.0.2h-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b3b9407940 squid-3.5.10-4.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cf91320535 wordpress-4.5.2-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f36247d441 php-symfony-2.7.13-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b0e67c88b5 glibc-2.22-16.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0b989bd135 kernel-4.5.3-200.fc23 The following Fedora 23 Critical Path updates have yet to be approved: Age URL 21 https://bodhi.fedoraproject.org/updates/FEDORA-2016-88778482ea lorax-23.21-1.fc23 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0a2ca2016e xulrunner-44.0-6.fc23 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-afa56613ca lxsession-0.5.2-9.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-035c5cc546 taglib-1.11-1.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b23268e0fc xdg-utils-1.1.1-4.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ff070e8faa imlib2-1.4.9-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-69054084ad kde-baseapps-16.04.1-1.fc23 kde-runtime-16.04.1-1.fc23 kdelibs-4.14.20-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b785febb27 kf5-knotifications-5.21.0-3.fc23 kf5-knotifyconfig-5.21.0-2.fc23 phonon-4.9.0-3.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0b989bd135 kernel-4.5.3-200.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b0e67c88b5 glibc-2.22-16.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-04b6927459 python-multilib-1.1-4.fc23 koji-1.10.1-8.fc23 The following builds have been pushed to Fedora 23 updates-testing corebird-1.2.1-1.fc23 cross-binutils-2.26-8.fc23 glibc-2.22-16.fc23 homebank-5.0.7-1.fc23 ibus-typing-booster-1.4.4-1.fc23 kernel-4.5.3-200.fc23 koji-1.10.1-8.fc23 lbd-0.4-1.fc23 libreoffice-5.0.6.2-4.fc23 logwatch-7.4.1-7.20150731svn293.fc23 man-pages-4.00-8.fc23 mingw-filesystem-101-1.fc23 mingw-gtk3-3.18.9-1.fc23 mingw-harfbuzz-1.2.7-1.fc23 mingw-openssl-1.0.2h-1.fc23 mingw-qt5-qt3d-5.6.0-2.fc23 mingw-qt5-qtactiveqt-5.6.0-1.fc23 mingw-qt5-qtbase-5.6.0-3.fc23 mingw-qt5-qtdeclarative-5.6.0-1.fc23 mingw-qt5-qtgraphicaleffects-5.6.0-1.fc23 mingw-qt5-qtimageformats-5.6.0-1.fc23 mingw-qt5-qtlocation-5.6.0-1.fc23 mingw-qt5-qtmultimedia-5.6.0-1.fc23 mingw-qt5-qtquick1-5.5.1-3.fc23 mingw-qt5-qtscript-5.6.0-1.fc23 mingw-qt5-qtsensors-5.6.0-1.fc23 mingw-qt5-qtsvg-5.6.0-1.fc23 mingw-qt5-qttools-5.6.0-2.fc23 mingw-qt5-qttranslations-5.6.0-1.fc23 mingw-qt5-qtwebsockets-5.6.0-1.fc23 mingw-qt5-qtwinextras-5.6.0-1.fc23 mingw-qt5-qtxmlpatterns-5.6.0-1.fc23 nagios-plugins-lcgdm-0.9.6-1.fc23 netmonitor-0.5-18.fc23 openvpn-2.3.11-1.fc23 osbs-client-0.23-1.fc23 pam_yubico-2.21-3.fc23 perl-Config-Perl-V-0.26-1.fc23 perl-Crypt-RandPasswd-0.06-2.fc23 perl-Email-Template-0.02-2.fc23 perl-ExtUtils-MakeMaker-7.04-348.fc23 perl-IPC-Cmd-0.94-3.fc23 php-phpdocumentor-reflection-1.0.7-1.fc23 php-symfony-2.7.13-1.fc23 python-multilib-1.1-4.fc23 python-nitrate-1.3-2.fc23 qemu-2.4.1-9.fc23 qt-creator-4.0.0-1.fc23 squid-3.5.10-4.fc23 tomoe-gtk-0.6.0-24.fc23 uriparser-0.8.4-3.fc23 werken-xpath-0.9.4-15.beta.12.7.fc23 wordpress-4.5.2-1.fc23 ykclient-2.15-1.fc23 Details about builds: ================================================================================ corebird-1.2.1-1.fc23 (FEDORA-2016-7611b38011) Native GTK Twitter client -------------------------------------------------------------------------------- Update Information: Corebird 1.2.1 release. - Fix a11y labelling of several switches in the settings dialog - Fix an input window clipping bug in the tweet info page - Fix a few cases of overlapping widgets into window borders - Remove the "Save as" context menu from inline media. This ha not been working in a while but the context menu was still there. - Rename the .sidebar style class to .topbar. This was used in corebird before gtk+ used it, but now that the sidebar is at the top, the .sidebar style from gtk+ themes collides with the horizontal alignment we use, so use the more fitting '.topbar'. - Show a focus outline in the topbar again. We are setting a custom background color here, so we also need to set a fitting outline color. - Fix a coloring but in the topbar, where wildcard selectors in themes would overrde our foreground color. -------------------------------------------------------------------------------- ================================================================================ cross-binutils-2.26-8.fc23 (FEDORA-2016-c071ab54c4) A GNU collection of cross-compilation binary utilities -------------------------------------------------------------------------------- Update Information: Sync with binutils-2.26-21. This includes a fix for building the arm target on some arches (including ppc64/pcc64le and s390(x)) (bug #1333695). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1333695 - gcc build inconsistency - FTBFS in gas/config/tc-arm.c https://bugzilla.redhat.com/show_bug.cgi?id=1333695 -------------------------------------------------------------------------------- ================================================================================ glibc-2.22-16.fc23 (FEDORA-2016-b0e67c88b5) The GNU libc libraries -------------------------------------------------------------------------------- Update Information: This update addresses a minor security bug (CVE-2016-3706) and works around a bug in Address Sanitizer (ASAN) which would cause ASAN-enabled binaries to fail after the update to glibc-2.22-16.fc23 (Fedora#1335011). Locale updates are included as well. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1282011 - first_weekday wrong for hr_HR locale https://bugzilla.redhat.com/show_bug.cgi?id=1282011 [ 2 ] Bug #1204521 - fr_CH LC_TIME has wrong first day of week https://bugzilla.redhat.com/show_bug.cgi?id=1204521 [ 3 ] Bug #1330888 - CVE-2016-3706 glibc: stack (frame) overflow in getaddrinfo() when called with AF_INET, AF_INET6 (incomplete fix for CVE-2013-4458) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1330888 [ 4 ] Bug #1335011 - dlsym (RTLD_NEXT)/dlerror fix breaks Adress Sanitizer (ASAN) https://bugzilla.redhat.com/show_bug.cgi?id=1335011 -------------------------------------------------------------------------------- ================================================================================ homebank-5.0.7-1.fc23 (FEDORA-2016-2c5f7a4fba) Free easy personal accounting for all -------------------------------------------------------------------------------- Update Information: Rebuilt for new upstream version 5.0.7, fixes rhbz #1312448 #1334339 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1312448 - [abrt] homebank: gtk_widget_get_ancestor(): homebank killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1312448 [ 2 ] Bug #1334339 - homebank-5.0.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1334339 -------------------------------------------------------------------------------- ================================================================================ ibus-typing-booster-1.4.4-1.fc23 (FEDORA-2016-2711130eb4) A typing booster engine for the IBus platform -------------------------------------------------------------------------------- Update Information: update to 1.4.4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1334579 - [abrt] ibus-typing-booster: hunspell_table.py:243:update_transliterated_strings:KeyError: 't-latn-post' https://bugzilla.redhat.com/show_bug.cgi?id=1334579 -------------------------------------------------------------------------------- ================================================================================ kernel-4.5.3-200.fc23 (FEDORA-2016-0b989bd135) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 4.5.3 stable rebase contains enhanced hardware support, additional features, and a number of important fixes across the tree. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1334303 - CVE-2016-4558 kernel: bpf: refcnt overflow https://bugzilla.redhat.com/show_bug.cgi?id=1334303 [ 2 ] Bug #1334307 - CVE-2016-4557 kernel: Use after free vulnerability via double fdput https://bugzilla.redhat.com/show_bug.cgi?id=1334307 [ 3 ] Bug #1333712 - CVE-2016-4581 kernel: Slave being first propagated copy causes oops in propagate_mnt https://bugzilla.redhat.com/show_bug.cgi?id=1333712 [ 4 ] Bug #1333309 - CVE-2016-4485 kernel: Information leak in llc module https://bugzilla.redhat.com/show_bug.cgi?id=1333309 [ 5 ] Bug #1333316 - CVE-2016-4486 kernel: Information leak in rtnetlink https://bugzilla.redhat.com/show_bug.cgi?id=1333316 -------------------------------------------------------------------------------- ================================================================================ koji-1.10.1-8.fc23 (FEDORA-2016-04b6927459) Build system tools -------------------------------------------------------------------------------- Update Information: add support for signed repos, livemedia fixes and install the builder runroot plugin. -------------------------------------------------------------------------------- ================================================================================ lbd-0.4-1.fc23 (FEDORA-2016-1185902a19) A DNS/HTTP load balancing detector -------------------------------------------------------------------------------- Update Information: Update to latest upstream release 0.4 -------------------------------------------------------------------------------- ================================================================================ libreoffice-5.0.6.2-4.fc23 (FEDORA-2016-94375a42e4) Free Software Productivity Suite -------------------------------------------------------------------------------- Update Information: Resolves: tdf#99417 explicitly track formula cells for BROADCAST_BROADCASTERS -------------------------------------------------------------------------------- ================================================================================ logwatch-7.4.1-7.20150731svn293.fc23 (FEDORA-2016-db467d2ba1) A log file analysis program -------------------------------------------------------------------------------- Update Information: Fix misaligned output in postfix (#1326808) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1326808 - postfix: columns broken https://bugzilla.redhat.com/show_bug.cgi?id=1326808 -------------------------------------------------------------------------------- ================================================================================ man-pages-4.00-8.fc23 (FEDORA-2016-ad62ffeb76) Linux kernel and C library user-space interface documentation -------------------------------------------------------------------------------- Update Information: popen.3: RETURN VALUE: describe successful case -------------------------------------------------------------------------------- References: [ 1 ] Bug #1331312 - pclose(3) should document 'normal' return values https://bugzilla.redhat.com/show_bug.cgi?id=1331312 -------------------------------------------------------------------------------- ================================================================================ mingw-filesystem-101-1.fc23 (FEDORA-2016-8bc41add65) MinGW cross compiler base filesystem and environment -------------------------------------------------------------------------------- Update Information: * Update config.{guess,sub} in %%mingw_configure (#1288256) * Regenerated list of default win32 DLL's -------------------------------------------------------------------------------- References: [ 1 ] Bug #1288256 - %mingw_configure should update config.{guess,sub} https://bugzilla.redhat.com/show_bug.cgi?id=1288256 -------------------------------------------------------------------------------- ================================================================================ mingw-gtk3-3.18.9-1.fc23 (FEDORA-2016-aafc692306) MinGW Windows GTK+ library -------------------------------------------------------------------------------- Update Information: MinGW cross compiled gtk+ 3.18.9 release. -------------------------------------------------------------------------------- ================================================================================ mingw-harfbuzz-1.2.7-1.fc23 (FEDORA-2016-ed29448278) MinGW Windows Harfbuzz library -------------------------------------------------------------------------------- Update Information: Update to 1.2.7 which is needed by Qt 5.6.0 -------------------------------------------------------------------------------- ================================================================================ mingw-openssl-1.0.2h-1.fc23 (FEDORA-2016-e1234b65a2) MinGW port of the OpenSSL toolkit -------------------------------------------------------------------------------- Update Information: Update to latest openssl which fixes various CVE's -------------------------------------------------------------------------------- References: [ 1 ] Bug #1302768 - CVE-2015-3197 mingw-openssl: OpenSSL: SSLv2 doesn't block disabled ciphers [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1302768 [ 2 ] Bug #1307773 - mingw-openssl: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1307773 [ 3 ] Bug #1312857 - CVE-2016-0799 mingw-openssl: OpenSSL: Fix memory issues in BIO_*printf functions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1312857 [ 4 ] Bug #1312861 - CVE-2016-0705 mingw-openssl: OpenSSL: Double-free in DSA code [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1312861 [ 5 ] Bug #1330104 - CVE-2016-2109 mingw-openssl: openssl: ASN.1 BIO handling of large amounts of data [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1330104 [ 6 ] Bug #1332589 - CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 mingw-openssl: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1332589 -------------------------------------------------------------------------------- ================================================================================ mingw-qt5-qt3d-5.6.0-2.fc23 (FEDORA-2016-099ae5ca41) Qt5 for Windows - Qt3d component -------------------------------------------------------------------------------- Update Information: Update to Qt 5.6.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1288928 - epel7 mingw-qt5-qtsystems fails to rebuild https://bugzilla.redhat.com/show_bug.cgi?id=1288928 [ 2 ] Bug #1301577 - mingw-qt5 lupdate: Missing dependency on libQt5QmlDevTools.so.5 https://bugzilla.redhat.com/show_bug.cgi?id=1301577 -------------------------------------------------------------------------------- ================================================================================ mingw-qt5-qtactiveqt-5.6.0-1.fc23 (FEDORA-2016-099ae5ca41) Qt5 for Windows - QtActiveQt component -------------------------------------------------------------------------------- Update Information: Update to Qt 5.6.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1288928 - epel7 mingw-qt5-qtsystems fails to rebuild https://bugzilla.redhat.com/show_bug.cgi?id=1288928 [ 2 ] Bug #1301577 - mingw-qt5 lupdate: Missing dependency on libQt5QmlDevTools.so.5 https://bugzilla.redhat.com/show_bug.cgi?id=1301577 -------------------------------------------------------------------------------- ================================================================================ mingw-qt5-qtbase-5.6.0-3.fc23 (FEDORA-2016-099ae5ca41) Qt5 for Windows - QtBase component -------------------------------------------------------------------------------- Update Information: Update to Qt 5.6.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1288928 - epel7 mingw-qt5-qtsystems fails to rebuild https://bugzilla.redhat.com/show_bug.cgi?id=1288928 [ 2 ] Bug #1301577 - mingw-qt5 lupdate: Missing dependency on libQt5QmlDevTools.so.5 https://bugzilla.redhat.com/show_bug.cgi?id=1301577 -------------------------------------------------------------------------------- ================================================================================ mingw-qt5-qtdeclarative-5.6.0-1.fc23 (FEDORA-2016-099ae5ca41) Qt5 for Windows - QtDeclarative component -------------------------------------------------------------------------------- Update Information: Update to Qt 5.6.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1288928 - epel7 mingw-qt5-qtsystems fails to rebuild https://bugzilla.redhat.com/show_bug.cgi?id=1288928 [ 2 ] Bug #1301577 - mingw-qt5 lupdate: Missing dependency on libQt5QmlDevTools.so.5 https://bugzilla.redhat.com/show_bug.cgi?id=1301577 -------------------------------------------------------------------------------- ================================================================================ mingw-qt5-qtgraphicaleffects-5.6.0-1.fc23 (FEDORA-2016-099ae5ca41) Qt5 for Windows - QtGraphicalEffects component -------------------------------------------------------------------------------- Update Information: Update to Qt 5.6.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1288928 - epel7 mingw-qt5-qtsystems fails to rebuild https://bugzilla.redhat.com/show_bug.cgi?id=1288928 [ 2 ] Bug #1301577 - mingw-qt5 lupdate: Missing dependency on libQt5QmlDevTools.so.5 https://bugzilla.redhat.com/show_bug.cgi?id=1301577 -------------------------------------------------------------------------------- ================================================================================ mingw-qt5-qtimageformats-5.6.0-1.fc23 (FEDORA-2016-099ae5ca41) Qt5 for Windows - QtImageFormats component -------------------------------------------------------------------------------- Update Information: Update to Qt 5.6.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1288928 - epel7 mingw-qt5-qtsystems fails to rebuild https://bugzilla.redhat.com/show_bug.cgi?id=1288928 [ 2 ] Bug #1301577 - mingw-qt5 lupdate: Missing dependency on libQt5QmlDevTools.so.5 https://bugzilla.redhat.com/show_bug.cgi?id=1301577 -------------------------------------------------------------------------------- ================================================================================ mingw-qt5-qtlocation-5.6.0-1.fc23 (FEDORA-2016-099ae5ca41) Qt5 for Windows - QtLocation component -------------------------------------------------------------------------------- Update Information: Update to Qt 5.6.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1288928 - epel7 mingw-qt5-qtsystems fails to rebuild https://bugzilla.redhat.com/show_bug.cgi?id=1288928 [ 2 ] Bug #1301577 - mingw-qt5 lupdate: Missing dependency on libQt5QmlDevTools.so.5 https://bugzilla.redhat.com/show_bug.cgi?id=1301577 -------------------------------------------------------------------------------- ================================================================================ mingw-qt5-qtmultimedia-5.6.0-1.fc23 (FEDORA-2016-099ae5ca41) Qt5 for Windows - QtMultimedia component -------------------------------------------------------------------------------- Update Information: Update to Qt 5.6.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1288928 - epel7 mingw-qt5-qtsystems fails to rebuild https://bugzilla.redhat.com/show_bug.cgi?id=1288928 [ 2 ] Bug #1301577 - mingw-qt5 lupdate: Missing dependency on libQt5QmlDevTools.so.5 https://bugzilla.redhat.com/show_bug.cgi?id=1301577 -------------------------------------------------------------------------------- ================================================================================ mingw-qt5-qtquick1-5.5.1-3.fc23 (FEDORA-2016-099ae5ca41) Qt5 for Windows - QtQuick1 component -------------------------------------------------------------------------------- Update Information: Update to Qt 5.6.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1288928 - epel7 mingw-qt5-qtsystems fails to rebuild https://bugzilla.redhat.com/show_bug.cgi?id=1288928 [ 2 ] Bug #1301577 - mingw-qt5 lupdate: Missing dependency on libQt5QmlDevTools.so.5 https://bugzilla.redhat.com/show_bug.cgi?id=1301577 -------------------------------------------------------------------------------- ================================================================================ mingw-qt5-qtscript-5.6.0-1.fc23 (FEDORA-2016-099ae5ca41) Qt5 for Windows - QtScript component -------------------------------------------------------------------------------- Update Information: Update to Qt 5.6.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1288928 - epel7 mingw-qt5-qtsystems fails to rebuild https://bugzilla.redhat.com/show_bug.cgi?id=1288928 [ 2 ] Bug #1301577 - mingw-qt5 lupdate: Missing dependency on libQt5QmlDevTools.so.5 https://bugzilla.redhat.com/show_bug.cgi?id=1301577 -------------------------------------------------------------------------------- ================================================================================ mingw-qt5-qtsensors-5.6.0-1.fc23 (FEDORA-2016-099ae5ca41) Qt5 for Windows - QtSensors component -------------------------------------------------------------------------------- Update Information: Update to Qt 5.6.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1288928 - epel7 mingw-qt5-qtsystems fails to rebuild https://bugzilla.redhat.com/show_bug.cgi?id=1288928 [ 2 ] Bug #1301577 - mingw-qt5 lupdate: Missing dependency on libQt5QmlDevTools.so.5 https://bugzilla.redhat.com/show_bug.cgi?id=1301577 -------------------------------------------------------------------------------- ================================================================================ mingw-qt5-qtsvg-5.6.0-1.fc23 (FEDORA-2016-099ae5ca41) Qt5 for Windows - QtSvg component -------------------------------------------------------------------------------- Update Information: Update to Qt 5.6.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1288928 - epel7 mingw-qt5-qtsystems fails to rebuild https://bugzilla.redhat.com/show_bug.cgi?id=1288928 [ 2 ] Bug #1301577 - mingw-qt5 lupdate: Missing dependency on libQt5QmlDevTools.so.5 https://bugzilla.redhat.com/show_bug.cgi?id=1301577 -------------------------------------------------------------------------------- ================================================================================ mingw-qt5-qttools-5.6.0-2.fc23 (FEDORA-2016-099ae5ca41) Qt5 for Windows - QtTools component -------------------------------------------------------------------------------- Update Information: Update to Qt 5.6.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1288928 - epel7 mingw-qt5-qtsystems fails to rebuild https://bugzilla.redhat.com/show_bug.cgi?id=1288928 [ 2 ] Bug #1301577 - mingw-qt5 lupdate: Missing dependency on libQt5QmlDevTools.so.5 https://bugzilla.redhat.com/show_bug.cgi?id=1301577 -------------------------------------------------------------------------------- ================================================================================ mingw-qt5-qttranslations-5.6.0-1.fc23 (FEDORA-2016-099ae5ca41) Qt5 for Windows - QtTranslations component -------------------------------------------------------------------------------- Update Information: Update to Qt 5.6.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1288928 - epel7 mingw-qt5-qtsystems fails to rebuild https://bugzilla.redhat.com/show_bug.cgi?id=1288928 [ 2 ] Bug #1301577 - mingw-qt5 lupdate: Missing dependency on libQt5QmlDevTools.so.5 https://bugzilla.redhat.com/show_bug.cgi?id=1301577 -------------------------------------------------------------------------------- ================================================================================ mingw-qt5-qtwebsockets-5.6.0-1.fc23 (FEDORA-2016-099ae5ca41) Qt5 for Windows - QtWebsockets component -------------------------------------------------------------------------------- Update Information: Update to Qt 5.6.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1288928 - epel7 mingw-qt5-qtsystems fails to rebuild https://bugzilla.redhat.com/show_bug.cgi?id=1288928 [ 2 ] Bug #1301577 - mingw-qt5 lupdate: Missing dependency on libQt5QmlDevTools.so.5 https://bugzilla.redhat.com/show_bug.cgi?id=1301577 -------------------------------------------------------------------------------- ================================================================================ mingw-qt5-qtwinextras-5.6.0-1.fc23 (FEDORA-2016-099ae5ca41) Qt5 for Windows - QtWinExtras component -------------------------------------------------------------------------------- Update Information: Update to Qt 5.6.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1288928 - epel7 mingw-qt5-qtsystems fails to rebuild https://bugzilla.redhat.com/show_bug.cgi?id=1288928 [ 2 ] Bug #1301577 - mingw-qt5 lupdate: Missing dependency on libQt5QmlDevTools.so.5 https://bugzilla.redhat.com/show_bug.cgi?id=1301577 -------------------------------------------------------------------------------- ================================================================================ mingw-qt5-qtxmlpatterns-5.6.0-1.fc23 (FEDORA-2016-099ae5ca41) Qt5 for Windows - QtXmlPatterns component -------------------------------------------------------------------------------- Update Information: Update to Qt 5.6.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1288928 - epel7 mingw-qt5-qtsystems fails to rebuild https://bugzilla.redhat.com/show_bug.cgi?id=1288928 [ 2 ] Bug #1301577 - mingw-qt5 lupdate: Missing dependency on libQt5QmlDevTools.so.5 https://bugzilla.redhat.com/show_bug.cgi?id=1301577 -------------------------------------------------------------------------------- ================================================================================ nagios-plugins-lcgdm-0.9.6-1.fc23 (FEDORA-2016-cb1b2710f2) Nagios probes to be run remotely against DPM / LFC nodes -------------------------------------------------------------------------------- Update Information: - new upstream release -------------------------------------------------------------------------------- ================================================================================ netmonitor-0.5-18.fc23 (FEDORA-2016-471ddd00f2) The free linux network bandwidth monitor -------------------------------------------------------------------------------- Update Information: Cleanup spec file -------------------------------------------------------------------------------- ================================================================================ openvpn-2.3.11-1.fc23 (FEDORA-2016-f5c4242b81) A full-featured SSL VPN solution -------------------------------------------------------------------------------- Update Information: Latest upstream. https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23#OpenVPN2.3.11 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1334729 - openvpn-2.3.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=1334729 -------------------------------------------------------------------------------- ================================================================================ osbs-client-0.23-1.fc23 (FEDORA-2016-28f0867950) Python command line client for OpenShift Build Service -------------------------------------------------------------------------------- Update Information: New upstream release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1335127 - osbs-client-0.23 is available https://bugzilla.redhat.com/show_bug.cgi?id=1335127 -------------------------------------------------------------------------------- ================================================================================ pam_yubico-2.21-3.fc23 (FEDORA-2016-6faedf8dbc) A Pluggable Authentication Module for yubikeys -------------------------------------------------------------------------------- Update Information: Update yubikey packages -------------------------------------------------------------------------------- References: [ 1 ] Bug #1265220 - pam_yubico-2.21 is available https://bugzilla.redhat.com/show_bug.cgi?id=1265220 [ 2 ] Bug #1312659 - pam_yubico upgrade also requires ykclient upgrade to 2.15 https://bugzilla.redhat.com/show_bug.cgi?id=1312659 -------------------------------------------------------------------------------- ================================================================================ perl-Config-Perl-V-0.26-1.fc23 (FEDORA-2016-66151014ba) Structured data retrieval of perl -V output -------------------------------------------------------------------------------- Update Information: This release fixes parsing compiler and linker flags. It also adds support for perl 5.24 configure options. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1334966 - perl-Config-Perl-V-0.26 is available https://bugzilla.redhat.com/show_bug.cgi?id=1334966 -------------------------------------------------------------------------------- ================================================================================ perl-Crypt-RandPasswd-0.06-2.fc23 (FEDORA-2016-b856b7517c) Random password generator based on FIPS-181 -------------------------------------------------------------------------------- Update Information: This updates contains the perl module Crypt::RandPasswd, which generates random passwords based on FIPS-181. -------------------------------------------------------------------------------- ================================================================================ perl-Email-Template-0.02-2.fc23 (FEDORA-2016-9c23883d92) Send "multipart/alternative" (text & html) e-mail from a Template -------------------------------------------------------------------------------- Update Information: This update contains the perl module Email::Template, allowing somebody to create multipart e-mails from a template. -------------------------------------------------------------------------------- ================================================================================ perl-ExtUtils-MakeMaker-7.04-348.fc23 (FEDORA-2016-d075ee19e8) Create a module Makefile -------------------------------------------------------------------------------- Update Information: This update removes dependency between perl-IPC-Run and perl-ExtUtils-MakeMaker so that installing perl-IPC-Run does not install perl-devel. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1129443 - repeatly deps to perl-devel https://bugzilla.redhat.com/show_bug.cgi?id=1129443 -------------------------------------------------------------------------------- ================================================================================ perl-IPC-Cmd-0.94-3.fc23 (FEDORA-2016-d075ee19e8) Finding and running system commands made easy -------------------------------------------------------------------------------- Update Information: This update removes dependency between perl-IPC-Run and perl-ExtUtils-MakeMaker so that installing perl-IPC-Run does not install perl-devel. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1129443 - repeatly deps to perl-devel https://bugzilla.redhat.com/show_bug.cgi?id=1129443 -------------------------------------------------------------------------------- ================================================================================ php-phpdocumentor-reflection-1.0.7-1.fc23 (FEDORA-2016-809705d469) Reflection library to do Static Analysis for PHP Projects -------------------------------------------------------------------------------- Update Information: Using this library it is possible to statically reflect one or more files and create an object graph representing your application's structure, including accompanying in-source documentation using DocBlocks. The information that this library provides is similar to what the (built-in) Reflection extension of PHP provides; there are however several advantages to using this library: * Due to its Static nature it does not execute procedural code in your reflected files where Dynamic Reflection does. * Because the none of the code is interpreted by PHP (and executed) Static Reflection uses less memory. * Can reflect complete files * Can reflect a whole project by reflecting multiple files. * Reflects the contents of a DocBlock instead of just mentioning there is one. * Is capable of analyzing code written for any PHP version (starting at 5.2) up to and including your installed PHP version. Features: * [Creates an object graph] containing the structure of your application much like a site map shows the structure of a website. * Can read and interpret code of any PHP version starting with 5.2 up to and including your currently installed version of PHP. * Due it's clean interface it can be in any application without a complex setup. Autoloader: /usr/share/php/phpDocumentor/Reflection/autoload.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1327424 - Review Request: php-phpdocumentor-reflection - Reflection library to do Static Analysis for PHP Projects https://bugzilla.redhat.com/show_bug.cgi?id=1327424 -------------------------------------------------------------------------------- ================================================================================ php-symfony-2.7.13-1.fc23 (FEDORA-2016-f36247d441) PHP framework for web projects -------------------------------------------------------------------------------- Update Information: **Version 2.7.13** (2016-05-09) * **security** #18733 limited the maximum length of a submitted username (fabpot) * bug #18730 [FrameworkBundle] prevent calling get() for service_container service (xabbuh) * bug #18709 [DependencyInjection] top-level anonymous services must be public (xabbuh) * bug #18692 add Event annotation for KernelEvents (Haehnchen) * bug #18246 [DependencyInjection] fix ambiguous services schema (backbone87) -------------------------------------------------------------------------------- ================================================================================ python-multilib-1.1-4.fc23 (FEDORA-2016-04b6927459) A module for determining if a package is multilib or not -------------------------------------------------------------------------------- Update Information: add support for signed repos, livemedia fixes and install the builder runroot plugin. -------------------------------------------------------------------------------- ================================================================================ python-nitrate-1.3-2.fc23 (FEDORA-2016-06dc9184f1) Python API for the Nitrate test case management system -------------------------------------------------------------------------------- Update Information: Removed obsolete project page links -------------------------------------------------------------------------------- ================================================================================ qemu-2.4.1-9.fc23 (FEDORA-2016-f2b1f07256) QEMU is a FAST! processor emulator -------------------------------------------------------------------------------- Update Information: * CVE-2016-3710: incorrect bounds checking in vga (bz #1334345) * CVE-2016-3712: out of bounds read in vga (bz #1334342) * Fix USB redirection (bz #1330221) * CVE-2016-4037: infinite loop in usb ehci (bz #1328080) * CVE-2016-4001: buffer overflow in stellaris net (bz #1325885) * CVE-2016-2858: rng stack corruption (bz #1314677) * CVE-2016-2391: ohci: crash via multiple timers (bz #1308881) * CVE-2016-2198: ehci: null pointer dereference (bz #1303134) * Fix tpm passthrough (bz #1281413) * Fix ./configure with ccache * Ship sysctl file to fix s390x kvm (bz #1290589) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1331401 - CVE-2016-3710 qemu: incorrect banked access bounds checking in vga module https://bugzilla.redhat.com/show_bug.cgi?id=1331401 [ 2 ] Bug #1318712 - CVE-2016-3712 qemu-kvm: Out-of-bounds read when creating weird vga screen surface https://bugzilla.redhat.com/show_bug.cgi?id=1318712 [ 3 ] Bug #1325129 - CVE-2016-4037 Qemu: usb: Infinite loop vulnerability in usb_ehci using siTD process https://bugzilla.redhat.com/show_bug.cgi?id=1325129 [ 4 ] Bug #1325884 - CVE-2016-4001 Qemu: net: buffer overflow in stellaris_enet emulator https://bugzilla.redhat.com/show_bug.cgi?id=1325884 [ 5 ] Bug #1314676 - CVE-2016-2858 Qemu: rng-random: arbitrary stack based allocation leading to corruption https://bugzilla.redhat.com/show_bug.cgi?id=1314676 [ 6 ] Bug #1304794 - CVE-2016-2391 Qemu: usb: multiple eof_timers in ohci module leads to null pointer dereference https://bugzilla.redhat.com/show_bug.cgi?id=1304794 [ 7 ] Bug #1301643 - CVE-2016-2198 Qemu: usb: ehci null pointer dereference in ehci_caps_write https://bugzilla.redhat.com/show_bug.cgi?id=1301643 -------------------------------------------------------------------------------- ================================================================================ qt-creator-4.0.0-1.fc23 (FEDORA-2016-66bd54e860) Cross-platform IDE for Qt -------------------------------------------------------------------------------- Update Information: Update to version 4.0.0, see https://blog.qt.io/blog/2016/05/11/qt- creator-4-0-0-released/ for details. -------------------------------------------------------------------------------- ================================================================================ squid-3.5.10-4.fc23 (FEDORA-2016-b3b9407940) The Squid proxy caching server -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-4553, CVE-2016-4554, CVE-2016-4555, CVE-2016-4556 ---- Security fix for CVE-2016-4051, CVE-2016-4052, CVE-2016-4053, CVE-2016-4054 ---- Security fix for CVE-2016-3947 and CVE-2016-3948 ---- Security fix for CVE-2016-2569 CVE-2016-2570 CVE-2016-2571 CVE-2016-2572 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1334246 - CVE-2016-4555 squid: SegFault from ESIInclude::Start https://bugzilla.redhat.com/show_bug.cgi?id=1334246 [ 2 ] Bug #1334241 - CVE-2016-4554 squid: Header Smuggling issue in HTTP Request processing https://bugzilla.redhat.com/show_bug.cgi?id=1334241 [ 3 ] Bug #1334233 - CVE-2016-4553 squid: Cache poisoning issue in HTTP Request handling https://bugzilla.redhat.com/show_bug.cgi?id=1334233 [ 4 ] Bug #1329136 - CVE-2016-4052 CVE-2016-4053 CVE-2016-4054 squid: multiple issues in ESI processing https://bugzilla.redhat.com/show_bug.cgi?id=1329136 [ 5 ] Bug #1329126 - CVE-2016-4051 squid: buffer overflow in cachemgr.cgi https://bugzilla.redhat.com/show_bug.cgi?id=1329126 [ 6 ] Bug #1323594 - CVE-2016-3948 squid: denial of service issue in HTTP response processing https://bugzilla.redhat.com/show_bug.cgi?id=1323594 [ 7 ] Bug #1323590 - CVE-2016-3947 squid: buffer overrun in Squid proxy pinger https://bugzilla.redhat.com/show_bug.cgi?id=1323590 -------------------------------------------------------------------------------- ================================================================================ tomoe-gtk-0.6.0-24.fc23 (FEDORA-2016-cf03b87835) Gtk library for tomoe for Japanese and Chinese handwritten input -------------------------------------------------------------------------------- Update Information: - Fixed Bug 1240071 - tomoe-gtk: FTBFS in rawhide -------------------------------------------------------------------------------- References: [ 1 ] Bug #1240071 - tomoe-gtk: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1240071 -------------------------------------------------------------------------------- ================================================================================ uriparser-0.8.4-3.fc23 (FEDORA-2016-b9115e5d1a) URI parsing library - RFC 3986 -------------------------------------------------------------------------------- Update Information: This update removes an unused dependency on cpptest. -------------------------------------------------------------------------------- ================================================================================ werken-xpath-0.9.4-15.beta.12.7.fc23 (FEDORA-2016-9c0a370a0c) XPath implementation using JDOM -------------------------------------------------------------------------------- Update Information: Fixes FTBFS by adding missing build-requires on javapackages-local -------------------------------------------------------------------------------- References: [ 1 ] Bug #1326253 - werken-xpath: FTBFS in F23/F24 https://bugzilla.redhat.com/show_bug.cgi?id=1326253 -------------------------------------------------------------------------------- ================================================================================ wordpress-4.5.2-1.fc23 (FEDORA-2016-cf91320535) Blog tool and publishing platform -------------------------------------------------------------------------------- Update Information: **WordPress 4.5.2** is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. See the [Release announcement](https://wordpress.org/news/2016/05/wordpress-4-5-2/) ---- Version 4.5.1 of WordPress is available and fixes 12 bugs. See [Release announcement](https://wordpress.org/news/2016/04/wordpress-4-5-1-maintenance- release/) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1334205 - CVE-2016-4566 CVE-2016-4567 wordpress: 4.5.2 Security Release https://bugzilla.redhat.com/show_bug.cgi?id=1334205 -------------------------------------------------------------------------------- ================================================================================ ykclient-2.15-1.fc23 (FEDORA-2016-6faedf8dbc) Yubikey management library and client -------------------------------------------------------------------------------- Update Information: Update yubikey packages -------------------------------------------------------------------------------- References: [ 1 ] Bug #1265220 - pam_yubico-2.21 is available https://bugzilla.redhat.com/show_bug.cgi?id=1265220 [ 2 ] Bug #1312659 - pam_yubico upgrade also requires ykclient upgrade to 2.15 https://bugzilla.redhat.com/show_bug.cgi?id=1312659 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: http://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
