The following Fedora 23 Security updates need testing: Age URL 261 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23 219 https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe miniupnpc-1.9-6.fc23 192 https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324 jbig2dec-0.12-2.fc23 142 https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1 python-pymongo-3.0.3-1.fc23 142 https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8 thttpd-2.25b-37.fc23 107 https://bodhi.fedoraproject.org/updates/FEDORA-2016-637618fcd4 mingw-nsis-2.50-1.fc23 62 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b8f91621c7 optipng-0.7.6-1.fc23 26 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b3b9407940 squid-3.5.10-4.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7a878ed298 GraphicsMagick-1.3.24-1.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6a0d540088 docker-1.10.3-24.gitf476348.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c1faf6005c kernel-4.5.6-200.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-89e0874533 ntp-4.2.6p5-41.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0f550603a5 xen-4.5.3-7.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-559fb75a4c firefox-47.0-4.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c61cda2beb gnutls-3.4.13-1.fc23 The following Fedora 23 Critical Path updates have yet to be approved: Age URL 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c1faf6005c kernel-4.5.6-200.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-28873e4832 vim-7.4.1868-1.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fad11727bf PackageKit-1.1.1-2.fc23 appstream-data-23-11.fc23 fwupd-0.7.1-1.fc23 gnome-software-3.20.3-1.fc23.1 json-glib-1.2.0-1.fc23 libappstream-glib-0.5.14-1.fc23 libgusb-0.2.9-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-054f2b2933 lua-5.3.3-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c61cda2beb gnutls-3.4.13-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-559fb75a4c firefox-47.0-4.fc23 The following builds have been pushed to Fedora 23 updates-testing aws-shell-0.1.1-1.fc23 emacs-rpm-spec-mode-0.16-1.fc23 firefox-47.0-4.fc23 gfs2-utils-3.1.9-1.fc23 glusterfs-coreutils-0.0.1-0.1.git259f269.fc23 gnutls-3.4.13-1.fc23 golang-github-mistifyio-go-zfs-0-0.2.git1b4ae6f.fc23 hawaii-system-preferences-0.6.90-2.20160418git2672153c7bf1b.fc23 libcxx-3.8.0-3.fc23 libreoffice-5.0.6.2-6.fc23 lua-5.3.3-1.fc23 mod_form-0.2-1.fc23 nodejs-rhea-0.1.5-1.fc23 owncloud-9.0.2-3.fc23 pam_yubico-2.22-2.fc23 perl-DateTime-TimeZone-1.99-1.fc23 perl-Menlo-1.9003-1.fc23 perl-Regexp-Common-2016060201-2.fc23 php-PHP-CSS-Parser-7.0.3-1.fc23 php-mcnetic-zipstreamer-1.0-1.fc23 php-phpseclib-2.0.2-1.fc23 php-sabre-dav-3.0.9-1.fc23 php-sabre-http-4.2.1-1.fc23 php-symfony-2.8.7-1.fc23 php-symfony-security-acl-2.8.0-1.fc23 python-paho-mqtt-1.2-1.fc23 python-rarfile-2.8-1.fc23 python-sockjs-tornado-1.0.3-2.fc23 qdigidoc-3.12.1-2.fc23 qt5-qtwebengine-5.6.0-8.fc23 rubygem-openscap-0.4.6-1.fc23 xonsh-0.3.3-1.fc23 xscreensaver-5.35-4.fc23 Details about builds: ================================================================================ aws-shell-0.1.1-1.fc23 (FEDORA-2016-231fda10e1) AWS Shell -------------------------------------------------------------------------------- Update Information: New package :) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1295128 - Review Request: aws-shell - AWS Shell https://bugzilla.redhat.com/show_bug.cgi?id=1295128 -------------------------------------------------------------------------------- ================================================================================ emacs-rpm-spec-mode-0.16-1.fc23 (FEDORA-2016-fe6ba408ed) Major GNU Emacs mode for editing RPM spec files -------------------------------------------------------------------------------- Update Information: Update to latest upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1335454 - Proper upstream URL for the package https://bugzilla.redhat.com/show_bug.cgi?id=1335454 [ 2 ] Bug #1226660 - emacs-rpm-spec-mode-0.16 is available https://bugzilla.redhat.com/show_bug.cgi?id=1226660 -------------------------------------------------------------------------------- ================================================================================ firefox-47.0-4.fc23 (FEDORA-2016-559fb75a4c) Mozilla Firefox Web browser -------------------------------------------------------------------------------- Update Information: - New upstream version (47.0) - Fixed Fedora bookmarks (rhbz#1338010) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1338010 - fedora-bookmarks don't show up in Firefox https://bugzilla.redhat.com/show_bug.cgi?id=1338010 -------------------------------------------------------------------------------- ================================================================================ gfs2-utils-3.1.9-1.fc23 (FEDORA-2016-70bb35121c) Utilities for managing the global file system (GFS2) -------------------------------------------------------------------------------- Update Information: New upstream release 3.1.9. This release includes the following notable changes: * fsck.gfs2 now uses less memory * Improvements and fixes to fsck.gfs2's xattr and resource group checking * mkfs.gfs2 reports progress so that you can tell it's still alive during a long mkfs * mkfs.gfs2's -t option now accepts a longer cluster name and fs name * A udev helper script is now installed to suspend the device on withdraw, preventing hangs * Support for the de_rahead and de_cookie dirent fields has been added * gfs2_edit savemeta performance improvements * The glocktop utility has been added to help analyze locking- related performance problems * The mkfs.gfs2(8) man page has been overhauled * The rgrplbv and loccookie mount options have been added to the gfs2(5) man page * Fixes for out-of-tree builds and testing * Various other fixes, cleanups and enhancements -------------------------------------------------------------------------------- ================================================================================ glusterfs-coreutils-0.0.1-0.1.git259f269.fc23 (FEDORA-2016-40aea45ce0) Core Utilities for the Gluster Distributed File System -------------------------------------------------------------------------------- Update Information: These are set of coreutils designed to act on GlusterFS volumes using its native C API similar to standard Linux coreutils like cp, ls, mv etc. Anyone can easily make use of these utilities to directly access volumes without mounting the same via some protocol. Please refer Admin guide for more details: <http://gluster.re adthedocs.org/en/latest/Administrator%20Guide/GlusterFS%20Coreutils/> -------------------------------------------------------------------------------- References: [ 1 ] Bug #1331704 - Review Request: glusterfs-coreutils - Mimics standard Linux coreutils for GlusterFS clusters https://bugzilla.redhat.com/show_bug.cgi?id=1331704 -------------------------------------------------------------------------------- ================================================================================ gnutls-3.4.13-1.fc23 (FEDORA-2016-c61cda2beb) A TLS protocol implementation -------------------------------------------------------------------------------- Update Information: New upstream release (#1343258) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1343505 - CVE-2016-4456 gnutls: Environment variable GNUTLS_KEYLOGFILE is obtained via insecure getenv() https://bugzilla.redhat.com/show_bug.cgi?id=1343505 -------------------------------------------------------------------------------- ================================================================================ golang-github-mistifyio-go-zfs-0-0.2.git1b4ae6f.fc23 (FEDORA-2016-302bf8a1b3) Go wrappers for ZFS commands -------------------------------------------------------------------------------- Update Information: Don't build on arm architectures (missing zfs-fuse) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1341333 - Do not build for arm because of broken deps https://bugzilla.redhat.com/show_bug.cgi?id=1341333 -------------------------------------------------------------------------------- ================================================================================ hawaii-system-preferences-0.6.90-2.20160418git2672153c7bf1b.fc23 (FEDORA-2016-8d2ccab690) Utilities to configure the Hawaii desktop environment -------------------------------------------------------------------------------- Update Information: Rebuilding due to KScreen version bump. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1343249 - hawaii-system-preferences broken dep https://bugzilla.redhat.com/show_bug.cgi?id=1343249 -------------------------------------------------------------------------------- ================================================================================ libcxx-3.8.0-3.fc23 (FEDORA-2016-70a8dcb27f) C++ standard library targeting C++11 -------------------------------------------------------------------------------- Update Information: Initial package. This build is only for bootstrapping libcxxabi. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1332307 - Review Request: libcxx - C++ standard library targeting C++11 https://bugzilla.redhat.com/show_bug.cgi?id=1332307 -------------------------------------------------------------------------------- ================================================================================ libreoffice-5.0.6.2-6.fc23 (FEDORA-2016-21818bf884) Free Software Productivity Suite -------------------------------------------------------------------------------- Update Information: * Resolves: rhbz#1342549 fix findbar crash * make slide layout always show slide layout -------------------------------------------------------------------------------- References: [ 1 ] Bug #1342549 - LibreOffice 5.0.6 crashes after pressing ESC key in search function https://bugzilla.redhat.com/show_bug.cgi?id=1342549 -------------------------------------------------------------------------------- ================================================================================ lua-5.3.3-1.fc23 (FEDORA-2016-054f2b2933) Powerful light-weight programming language -------------------------------------------------------------------------------- Update Information: Bug fix release, see: http://www.lua.org/bugs.html -------------------------------------------------------------------------------- ================================================================================ mod_form-0.2-1.fc23 (FEDORA-2016-3377e98309) Apache module that decodes data submitted from Web forms -------------------------------------------------------------------------------- Update Information: New upstream release (0.2) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1342196 - mod_form package contains devel files and mod_form-devel contains binary lib https://bugzilla.redhat.com/show_bug.cgi?id=1342196 -------------------------------------------------------------------------------- ================================================================================ nodejs-rhea-0.1.5-1.fc23 (FEDORA-2016-d03d7c5211) A reactive messaging library based on the AMQP protocol -------------------------------------------------------------------------------- Update Information: Rebased to 0.1.5. Changed requirement for nodejs-debug to be above 0.8.0 (instead of 2.0.0). ---- Initial release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1341432 - nodejs-rhea-0.1.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1341432 [ 2 ] Bug #1343057 - nodejs-rhea-0.1.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1343057 -------------------------------------------------------------------------------- ================================================================================ owncloud-9.0.2-3.fc23 (FEDORA-2016-e7f81d901f) Private file sync and share server -------------------------------------------------------------------------------- Update Information: Owncloud 9.0.2 update Please note this fixes the shipped nginx configuration so that it works out the box with an install of owncloud-nginx ... if you have an existing nginx based oC install please review your configuration after installing the update. This also moves oC to its own php-fpm pool rather than the default www one so that better segregation of configuration is possible without impacting other PHP services. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1275826 - php-symfony-2.8.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1275826 [ 2 ] Bug #1332900 - owncloud-nginx ships a config that does not work https://bugzilla.redhat.com/show_bug.cgi?id=1332900 [ 3 ] Bug #1261011 - owncloud-9.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1261011 -------------------------------------------------------------------------------- ================================================================================ pam_yubico-2.22-2.fc23 (FEDORA-2016-e6f1e3081d) A Pluggable Authentication Module for yubikeys -------------------------------------------------------------------------------- Update Information: update 2.22-2 to offer EL6 build ---- update to 2.22 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1334799 - F23/F24 - pam_yubico upgrade fails, incorrect use of REQUIRES https://bugzilla.redhat.com/show_bug.cgi?id=1334799 [ 2 ] Bug #1338786 - pam_yubico-2.22 is available https://bugzilla.redhat.com/show_bug.cgi?id=1338786 [ 3 ] Bug #1336774 - Segfault locks us out of the servers https://bugzilla.redhat.com/show_bug.cgi?id=1336774 -------------------------------------------------------------------------------- ================================================================================ perl-DateTime-TimeZone-1.99-1.fc23 (FEDORA-2016-5e6fa92160) Time zone object base class and factory -------------------------------------------------------------------------------- Update Information: Updated to the latest version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1343522 - perl-DateTime-TimeZone-1.99 is available https://bugzilla.redhat.com/show_bug.cgi?id=1343522 -------------------------------------------------------------------------------- ================================================================================ perl-Menlo-1.9003-1.fc23 (FEDORA-2016-a15b9ab03f) A CPAN client -------------------------------------------------------------------------------- Update Information: This release fixes return value when file mirror skips copying files. It also adds support for merging configure dependencies. -------------------------------------------------------------------------------- ================================================================================ perl-Regexp-Common-2016060201-2.fc23 (FEDORA-2016-2e966b45b6) Regexp::Common Perl module -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ================================================================================ php-PHP-CSS-Parser-7.0.3-1.fc23 (FEDORA-2016-3892350dab) A Parser for CSS Files -------------------------------------------------------------------------------- Update Information: **Version 7.0.3** (2016-04-27) * Fixed parsing empty CSS when multibyte is off * *No backwards-incompatible changes* * *No deprecations* -------------------------------------------------------------------------------- ================================================================================ php-mcnetic-zipstreamer-1.0-1.fc23 (FEDORA-2016-e7f81d901f) Stream zip files without i/o overhead -------------------------------------------------------------------------------- Update Information: Owncloud 9.0.2 update Please note this fixes the shipped nginx configuration so that it works out the box with an install of owncloud-nginx ... if you have an existing nginx based oC install please review your configuration after installing the update. This also moves oC to its own php-fpm pool rather than the default www one so that better segregation of configuration is possible without impacting other PHP services. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1275826 - php-symfony-2.8.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1275826 [ 2 ] Bug #1332900 - owncloud-nginx ships a config that does not work https://bugzilla.redhat.com/show_bug.cgi?id=1332900 [ 3 ] Bug #1261011 - owncloud-9.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1261011 -------------------------------------------------------------------------------- ================================================================================ php-phpseclib-2.0.2-1.fc23 (FEDORA-2016-6448e596ef) PHP Secure Communications Library -------------------------------------------------------------------------------- Update Information: **Version 2.0.2** * All Ciphers: fix issue with CBC mode / OpenSSL / continuous buffers / decryption (#938) * Random: fix issues with serialize() (#932) * RC2: fix issue with decrypting * RC4: fix issue with key not being truncated correctly * SFTP: nlist() on a non-existant directory resulted in error * SFTP: add is_writable, is_writeable, is_readable * X509: add IPv6 support for subjectaltname extension (#936) -------------------------------------------------------------------------------- ================================================================================ php-sabre-dav-3.0.9-1.fc23 (FEDORA-2016-e7f81d901f) WebDAV Framework for PHP -------------------------------------------------------------------------------- Update Information: Owncloud 9.0.2 update Please note this fixes the shipped nginx configuration so that it works out the box with an install of owncloud-nginx ... if you have an existing nginx based oC install please review your configuration after installing the update. This also moves oC to its own php-fpm pool rather than the default www one so that better segregation of configuration is possible without impacting other PHP services. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1275826 - php-symfony-2.8.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1275826 [ 2 ] Bug #1332900 - owncloud-nginx ships a config that does not work https://bugzilla.redhat.com/show_bug.cgi?id=1332900 [ 3 ] Bug #1261011 - owncloud-9.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1261011 -------------------------------------------------------------------------------- ================================================================================ php-sabre-http-4.2.1-1.fc23 (FEDORA-2016-e7f81d901f) Library for dealing with http requests and responses -------------------------------------------------------------------------------- Update Information: Owncloud 9.0.2 update Please note this fixes the shipped nginx configuration so that it works out the box with an install of owncloud-nginx ... if you have an existing nginx based oC install please review your configuration after installing the update. This also moves oC to its own php-fpm pool rather than the default www one so that better segregation of configuration is possible without impacting other PHP services. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1275826 - php-symfony-2.8.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1275826 [ 2 ] Bug #1332900 - owncloud-nginx ships a config that does not work https://bugzilla.redhat.com/show_bug.cgi?id=1332900 [ 3 ] Bug #1261011 - owncloud-9.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1261011 -------------------------------------------------------------------------------- ================================================================================ php-symfony-2.8.7-1.fc23 (FEDORA-2016-e7f81d901f) PHP framework for web projects -------------------------------------------------------------------------------- Update Information: Owncloud 9.0.2 update Please note this fixes the shipped nginx configuration so that it works out the box with an install of owncloud-nginx ... if you have an existing nginx based oC install please review your configuration after installing the update. This also moves oC to its own php-fpm pool rather than the default www one so that better segregation of configuration is possible without impacting other PHP services. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1275826 - php-symfony-2.8.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1275826 [ 2 ] Bug #1332900 - owncloud-nginx ships a config that does not work https://bugzilla.redhat.com/show_bug.cgi?id=1332900 [ 3 ] Bug #1261011 - owncloud-9.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1261011 -------------------------------------------------------------------------------- ================================================================================ php-symfony-security-acl-2.8.0-1.fc23 (FEDORA-2016-e7f81d901f) Symfony Security Component - ACL (Access Control List) -------------------------------------------------------------------------------- Update Information: Owncloud 9.0.2 update Please note this fixes the shipped nginx configuration so that it works out the box with an install of owncloud-nginx ... if you have an existing nginx based oC install please review your configuration after installing the update. This also moves oC to its own php-fpm pool rather than the default www one so that better segregation of configuration is possible without impacting other PHP services. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1275826 - php-symfony-2.8.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1275826 [ 2 ] Bug #1332900 - owncloud-nginx ships a config that does not work https://bugzilla.redhat.com/show_bug.cgi?id=1332900 [ 3 ] Bug #1261011 - owncloud-9.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1261011 -------------------------------------------------------------------------------- ================================================================================ python-paho-mqtt-1.2-1.fc23 (FEDORA-2016-3b462c0367) A Python MQTT version 3.1/3.1.1 client class -------------------------------------------------------------------------------- Update Information: Update to new upstream version 1.2 -------------------------------------------------------------------------------- ================================================================================ python-rarfile-2.8-1.fc23 (FEDORA-2016-b16444fca7) A RAR archive reader for Python -------------------------------------------------------------------------------- Update Information: Update to new upstream version 2.8 -------------------------------------------------------------------------------- ================================================================================ python-sockjs-tornado-1.0.3-2.fc23 (FEDORA-2016-0bae8d2fe2) SockJS python server implementation on top of Tornado framework -------------------------------------------------------------------------------- Update Information: Unretire python-sockjs-tornado, a SockJS python server implementation on top of Tornado framework -------------------------------------------------------------------------------- References: [ 1 ] Bug #1334887 - Review Request: python-sockjs-tornado - SockJS python server implementation on top of Tornado framework https://bugzilla.redhat.com/show_bug.cgi?id=1334887 -------------------------------------------------------------------------------- ================================================================================ qdigidoc-3.12.1-2.fc23 (FEDORA-2016-df97e37646) Estonian digital signature application -------------------------------------------------------------------------------- Update Information: BZ#1342789 - Add SSL_fix.patch -------------------------------------------------------------------------------- References: [ 1 ] Bug #1342789 - Certificate Juur-SK is self-signed https://bugzilla.redhat.com/show_bug.cgi?id=1342789 -------------------------------------------------------------------------------- ================================================================================ qt5-qtwebengine-5.6.0-8.fc23 (FEDORA-2016-f8582e77be) Qt5 - QtWebEngine components -------------------------------------------------------------------------------- Update Information: Workaround stackmashing runtime errors in re2-related bundled headers -------------------------------------------------------------------------------- References: [ 1 ] Bug #1337585 - quicknanobrowser from qt5-qtwebengine-examples-5.6.0-3.fc23.x86_64 crashes with stack smashing error https://bugzilla.redhat.com/show_bug.cgi?id=1337585 -------------------------------------------------------------------------------- ================================================================================ rubygem-openscap-0.4.6-1.fc23 (FEDORA-2016-c8dd8c149d) A FFI wrapper around the OpenSCAP library -------------------------------------------------------------------------------- Update Information: upgrade to the latest upstream release -------------------------------------------------------------------------------- ================================================================================ xonsh-0.3.3-1.fc23 (FEDORA-2016-e8b0621de0) A general purpose, Python-ish shell -------------------------------------------------------------------------------- Update Information: Initial release of xonsh for Fedora. http://xon.sh -------------------------------------------------------------------------------- References: [ 1 ] Bug #1342851 - Review Request: xonsh - A general purpose, Python-ish shell https://bugzilla.redhat.com/show_bug.cgi?id=1342851 -------------------------------------------------------------------------------- ================================================================================ xscreensaver-5.35-4.fc23 (FEDORA-2016-4575b898eb) X screen saver and locker -------------------------------------------------------------------------------- Update Information: xscreensaver failed to handle job list of forked hacks sometimes when hacks terminated. hydrostat hack may crash due to misusage of qsort. This new rpm should fix these issues. ---- m6502 hack on xscreensaver does not show animation in many cases. This new rpm will restore the previous working behavior. -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
