The following Fedora 23 Security updates need testing: Age URL 268 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23 225 https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe miniupnpc-1.9-6.fc23 198 https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324 jbig2dec-0.12-2.fc23 149 https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1 python-pymongo-3.0.3-1.fc23 148 https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8 thttpd-2.25b-37.fc23 113 https://bodhi.fedoraproject.org/updates/FEDORA-2016-637618fcd4 mingw-nsis-2.50-1.fc23 68 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b8f91621c7 optipng-0.7.6-1.fc23 33 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b3b9407940 squid-3.5.10-4.fc23 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7a878ed298 GraphicsMagick-1.3.24-1.fc23 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-89e0874533 ntp-4.2.6p5-41.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9693e82a25 iperf3-3.1.3-1.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-80edb9d511 kernel-4.5.7-200.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-54dfd21f15 nfdump-1.6.15-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8952105d59 php-zendframework-zendxml-1.0.2-2.fc23 php-ZendFramework2-2.4.10-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d3a529aad6 python-2.7.11-4.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-32e5a8c3a8 python3-3.4.3-7.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-103752d2a9 xen-4.5.3-8.fc23 The following Fedora 23 Critical Path updates have yet to be approved: Age URL 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-28873e4832 vim-7.4.1868-1.fc23 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fad11727bf PackageKit-1.1.1-2.fc23 appstream-data-23-11.fc23 fwupd-0.7.1-1.fc23 gnome-software-3.20.3-1.fc23.1 json-glib-1.2.0-1.fc23 libappstream-glib-0.5.14-1.fc23 libgusb-0.2.9-1.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-80edb9d511 kernel-4.5.7-200.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d3a529aad6 python-2.7.11-4.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6b90b7442a thunderbird-45.1.1-2.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-03cd50e5b4 perl-5.22.2-352.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-43c60b13d4 util-linux-2.28-2.fc23 The following builds have been pushed to Fedora 23 updates-testing 389-ds-base-1.3.4.10-1.fc23 atril-1.14.1-1.fc23 caja-1.14.1-1.fc23 caja-extensions-1.14.0-1.fc23 cdbs-0.4.139-1.fc23 clamav-0.99.2-1.fc23 diffoscope-54-1.fc23 elog-3.1.1-5.fc23 engrampa-1.14.1-1.fc23 eom-1.14.1-1.fc23 guayadeque-0.4.1-0.9.beta1gitf6b11ba.fc23 libmatekbd-1.14.1-1.fc23 libmatemixer-1.14.0-1.fc23 libmateweather-1.14.0-1.fc23 marco-1.14.2-1.fc23 mate-applets-1.14.0-1.fc23 mate-backgrounds-1.14.0-1.fc23 mate-common-1.14.0-1.fc23 mate-control-center-1.14.0-1.fc23 mate-desktop-1.14.1-1.fc23 mate-icon-theme-1.14.0-1.fc23 mate-icon-theme-faenza-1.14.0-1.fc23 mate-media-1.14.0-1.fc23 mate-menus-1.14.0-1.fc23 mate-notification-daemon-1.14.0-1.fc23 mate-panel-1.14.1-1.fc23 mate-polkit-1.14.0-1.fc23 mate-power-manager-1.14.0-1.fc23 mate-screensaver-1.14.1-1.fc23 mate-sensors-applet-1.14.0-1.fc23 mate-session-manager-1.14.0-1.fc23 mate-settings-daemon-1.14.0-1.fc23 mate-system-monitor-1.14.0-1.fc23 mate-terminal-1.14.0-1.fc23 mate-themes-3.18.2-2.fc23 mate-user-guide-1.14.0-1.fc23 mate-utils-1.14.0-1.fc23 mozo-1.14.0-1.fc23 multilib-rpm-config-1-4.fc23 nodejs-is-arrayish-0.3.0-1.fc23 nodejs-rhea-0.1.6-1.fc23 pbuilder-0.225-1.fc23 perl-Regexp-Common-2016060801-1.fc23 perl-Starlet-0.30-1.fc23 pluma-1.14.0-1.fc23 psi4-1.0-0.1.rc.15fc63cgit.fc23 python-2.7.11-4.fc23 python-caja-1.14.0-1.fc23 python-regex-2016.06.05-1.fc23 python2-typing-3.5.1.0-1.fc23 python3-3.4.3-7.fc23 pyusb-1.0.0-1.fc23 qutebrowser-0.7.0-1.fc23 xen-4.5.3-8.fc23 Details about builds: ================================================================================ 389-ds-base-1.3.4.10-1.fc23 (FEDORA-2016-3195912128) 389 Directory Server (base) -------------------------------------------------------------------------------- Update Information: Release 1.3.4.10 -------------------------------------------------------------------------------- ================================================================================ atril-1.14.1-1.fc23 (FEDORA-2016-2350e26dc4) Document viewer -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ caja-1.14.1-1.fc23 (FEDORA-2016-2350e26dc4) File manager for MATE -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ caja-extensions-1.14.0-1.fc23 (FEDORA-2016-2350e26dc4) Set of extensions for caja file manager -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ cdbs-0.4.139-1.fc23 (FEDORA-2016-bb4eb32191) Common build system for Debian packages -------------------------------------------------------------------------------- Update Information: Update to version 0.4.139, see http://metadata.ftp- master.debian.org/changelogs//main/c/cdbs/cdbs_0.4.139_changelog for details. -------------------------------------------------------------------------------- ================================================================================ clamav-0.99.2-1.fc23 (FEDORA-2016-578c0a9770) End-user tools for the Clam Antivirus scanner -------------------------------------------------------------------------------- Update Information: Update to 0.99.2, see http://blog.clamav.net/2016/05/clamav-0992-has-been- released.html - Drop cliopts patch fixed upstream, use upstream's "-- foreground" option name - Fix main.cvd (fedora #1325482, epel #1325717) - Own bytecode.cld (#1176252) and mirrors.dat, ship bytecode.cvd - Update daily.cvd - Fixup Requires(pre) usage (#1319151) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1333949 - clamav-0.99.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1333949 [ 2 ] Bug #1325482 - The main.cvd database in clamav-data-0.99.1-1 is corrupt https://bugzilla.redhat.com/show_bug.cgi?id=1325482 -------------------------------------------------------------------------------- ================================================================================ diffoscope-54-1.fc23 (FEDORA-2016-89d8c07dba) In-depth comparison of files, archives, and directories -------------------------------------------------------------------------------- Update Information: Update to latest version. -------------------------------------------------------------------------------- ================================================================================ elog-3.1.1-5.fc23 (FEDORA-2016-d432cbcf44) Logbook system to manage notes through a Web interface -------------------------------------------------------------------------------- Update Information: Logbook system to manage notes through a web interface -------------------------------------------------------------------------------- References: [ 1 ] Bug #1302504 - Review Request: elog - Logbook system to manage notes through a Web interface https://bugzilla.redhat.com/show_bug.cgi?id=1302504 -------------------------------------------------------------------------------- ================================================================================ engrampa-1.14.1-1.fc23 (FEDORA-2016-2350e26dc4) MATE Desktop file archiver -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ eom-1.14.1-1.fc23 (FEDORA-2016-2350e26dc4) Eye of MATE image viewer -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ guayadeque-0.4.1-0.9.beta1gitf6b11ba.fc23 (FEDORA-2016-7f8a1bf6f5) Music player -------------------------------------------------------------------------------- Update Information: - Dropped Provides: bundled(wxcurl) = wxcurl_version wxcurl was replaced by libcurl library directly - Update to 0.4.1-0.9.beta1gitf6b11ba ---- * Wed Jun 08 2016 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 0.4.1-0.8.beta1gitce1ab15 - Update to 0.4.1-0.8.beta1gitce1ab15 * Sun Jun 05 2016 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 0.4.1-0.7.beta1git79b6383 - Documented licensing breakdown - Added Provides: bundled(wxcurl) = wxcurl_version * Sat Jun 04 2016 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 0.4.1-0.6.beta1git79b6383 - Update to 0.4.1-0.6.beta1git79b6383 - Added wxWidgets to License tag - Added %%dir %%{_datadir}/%%{name} because it's owned by the package - modified macro for l10n subpackage * Mon May 30 2016 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 0.4.1-0.5.beta1git26eaf8d - Update to 0.4.1-0.5.beta1git26eaf8d * Wed May 25 2016 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 0.4.1-0.4.beta1git13013ff - Update to 0.4.1-0.4.beta1git13013ff - Split locales into a l10n subpackage * Sun May 22 2016 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 0.4.1-0.3.beta1git35561f6 - Update to 0.4.1-0.3.beta1git35561f6 - Dropped BR subversion-devel - Removed Group tag, it's obsolete - Addes %%{name}-desktop.patch - Dropped -DCMAKE_INSTALL_PREFIX='%%{_prefix}' because it's already in %%cmake macro - Changed -DCMAKE_BUILD_TYPE='Release' to -DCMAKE_BUILD_TYPE='Debug' * Sun May 22 2016 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 0.4.1-0.2.beta1gitd2c0281 - Update to 0.4.1-0.2.beta1gitd2c0281 - Mark license files as %%license where available - Cleanup spec file * Sat May 21 2016 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 0.4.1-0.1.beta1git65f759c - Update to 0.4.1-0.1.beta1git65f759c -------------------------------------------------------------------------------- ================================================================================ libmatekbd-1.14.1-1.fc23 (FEDORA-2016-2350e26dc4) Libraries for mate kbd -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ libmatemixer-1.14.0-1.fc23 (FEDORA-2016-2350e26dc4) Mixer library for MATE desktop -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ libmateweather-1.14.0-1.fc23 (FEDORA-2016-2350e26dc4) Libraries to allow MATE Desktop to display weather information -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ marco-1.14.2-1.fc23 (FEDORA-2016-2350e26dc4) MATE Desktop window manager -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ mate-applets-1.14.0-1.fc23 (FEDORA-2016-2350e26dc4) MATE Desktop panel applets -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ mate-backgrounds-1.14.0-1.fc23 (FEDORA-2016-2350e26dc4) MATE Desktop backgrounds -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ mate-common-1.14.0-1.fc23 (FEDORA-2016-2350e26dc4) mate common build files -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ mate-control-center-1.14.0-1.fc23 (FEDORA-2016-2350e26dc4) MATE Desktop control-center -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ mate-desktop-1.14.1-1.fc23 (FEDORA-2016-2350e26dc4) Shared code for mate-panel, mate-session, mate-file-manager, etc -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ mate-icon-theme-1.14.0-1.fc23 (FEDORA-2016-2350e26dc4) Icon theme for MATE Desktop -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ mate-icon-theme-faenza-1.14.0-1.fc23 (FEDORA-2016-2350e26dc4) Extra set of icon themes for MATE Desktop -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ mate-media-1.14.0-1.fc23 (FEDORA-2016-2350e26dc4) MATE media programs -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ mate-menus-1.14.0-1.fc23 (FEDORA-2016-2350e26dc4) Displays menus for MATE Desktop -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ mate-notification-daemon-1.14.0-1.fc23 (FEDORA-2016-2350e26dc4) Notification daemon for MATE Desktop -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ mate-panel-1.14.1-1.fc23 (FEDORA-2016-2350e26dc4) MATE Desktop panel and applets -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ mate-polkit-1.14.0-1.fc23 (FEDORA-2016-2350e26dc4) Integrates polkit authentication for MATE desktop -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ mate-power-manager-1.14.0-1.fc23 (FEDORA-2016-2350e26dc4) MATE power management service -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ mate-screensaver-1.14.1-1.fc23 (FEDORA-2016-2350e26dc4) MATE Screensaver -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ mate-sensors-applet-1.14.0-1.fc23 (FEDORA-2016-2350e26dc4) MATE panel applet for hardware sensors -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ mate-session-manager-1.14.0-1.fc23 (FEDORA-2016-2350e26dc4) MATE Desktop session manager -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ mate-settings-daemon-1.14.0-1.fc23 (FEDORA-2016-2350e26dc4) MATE Desktop settings daemon -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ mate-system-monitor-1.14.0-1.fc23 (FEDORA-2016-2350e26dc4) Process and resource monitor -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ mate-terminal-1.14.0-1.fc23 (FEDORA-2016-2350e26dc4) Terminal emulator for MATE -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ mate-themes-3.18.2-2.fc23 (FEDORA-2016-dcd577eca3) MATE Desktop themes -------------------------------------------------------------------------------- Update Information: - update to 3.18.2 release -------------------------------------------------------------------------------- ================================================================================ mate-user-guide-1.14.0-1.fc23 (FEDORA-2016-2350e26dc4) User Guide for MATE desktop -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ mate-utils-1.14.0-1.fc23 (FEDORA-2016-2350e26dc4) MATE utility programs -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ mozo-1.14.0-1.fc23 (FEDORA-2016-2350e26dc4) MATE Desktop menu editor -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ multilib-rpm-config-1-4.fc23 (FEDORA-2016-7aafb80e5c) Multilib packaging helpers -------------------------------------------------------------------------------- Update Information: packaging helpers for multilib issues -------------------------------------------------------------------------------- References: [ 1 ] Bug #1344231 - Review Request: multilib-rpm-config - packaging helpers for multilib issues https://bugzilla.redhat.com/show_bug.cgi?id=1344231 -------------------------------------------------------------------------------- ================================================================================ nodejs-is-arrayish-0.3.0-1.fc23 (FEDORA-2016-363c7a2df8) Check if an object can be used like an Array -------------------------------------------------------------------------------- Update Information: Update to 0.3.0 release -------------------------------------------------------------------------------- ================================================================================ nodejs-rhea-0.1.6-1.fc23 (FEDORA-2016-9127efdebd) A reactive messaging library based on the AMQP protocol -------------------------------------------------------------------------------- Update Information: Rebased to 0.1.6. ---- Rebased to 0.1.5. Changed requirement for nodejs-debug to be above 0.8.0 (instead of 2.0.0). ---- Initial release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1343057 - nodejs-rhea-0.1.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1343057 [ 2 ] Bug #1341432 - nodejs-rhea-0.1.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1341432 -------------------------------------------------------------------------------- ================================================================================ pbuilder-0.225-1.fc23 (FEDORA-2016-ab1b389d24) Personal package builder for Debian packages -------------------------------------------------------------------------------- Update Information: Update to version 0.225, see http://metadata.ftp- master.debian.org/changelogs//main/p/pbuilder/pbuilder_0.225_changelog for details. -------------------------------------------------------------------------------- ================================================================================ perl-Regexp-Common-2016060801-1.fc23 (FEDORA-2016-1db38924a0) Regexp::Common Perl module -------------------------------------------------------------------------------- Update Information: Minor upstream fixes ---- -------------------------------------------------------------------------------- ================================================================================ perl-Starlet-0.30-1.fc23 (FEDORA-2016-c09c1d9bcc) Simple, high-performance PSGI/Plack HTTP server -------------------------------------------------------------------------------- Update Information: Upstream update -------------------------------------------------------------------------------- ================================================================================ pluma-1.14.0-1.fc23 (FEDORA-2016-2350e26dc4) Text editor for the MATE desktop -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ psi4-1.0-0.1.rc.15fc63cgit.fc23 (FEDORA-2016-ba7995f425) An ab initio quantum chemistry package -------------------------------------------------------------------------------- Update Information: Update to the first release candidate. This update fixes e.g. bugs with CI calculations. -------------------------------------------------------------------------------- ================================================================================ python-2.7.11-4.fc23 (FEDORA-2016-d3a529aad6) An interpreted, interactive, object-oriented programming language -------------------------------------------------------------------------------- Update Information: Added patch for fixing possible integer overflow and heap corruption in zipimporter.get_data() -------------------------------------------------------------------------------- References: [ 1 ] Bug #1345858 - python: Heap overflow in zipimporter module [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1345858 -------------------------------------------------------------------------------- ================================================================================ python-caja-1.14.0-1.fc23 (FEDORA-2016-2350e26dc4) Python bindings for Caja -------------------------------------------------------------------------------- Update Information: Update MATE desktop to 1.4.1 -------------------------------------------------------------------------------- ================================================================================ python-regex-2016.06.05-1.fc23 (FEDORA-2016-a78cace015) Alternative regular expression module, to replace re -------------------------------------------------------------------------------- Update Information: Update to the latest stable version. -------------------------------------------------------------------------------- ================================================================================ python2-typing-3.5.1.0-1.fc23 (FEDORA-2016-3dd4c5990d) Typing defines a standard notation for type annotations -------------------------------------------------------------------------------- Update Information: Initial package creation -------------------------------------------------------------------------------- References: [ 1 ] Bug #1342693 - Review Request: python2-typing - Typing defines a standard notation for type annotations https://bugzilla.redhat.com/show_bug.cgi?id=1342693 -------------------------------------------------------------------------------- ================================================================================ python3-3.4.3-7.fc23 (FEDORA-2016-32e5a8c3a8) Version 3 of the Python programming language aka Python 3000 -------------------------------------------------------------------------------- Update Information: Added patch for fixing possible integer overflow and heap corruption in zipimporter.get_data() -------------------------------------------------------------------------------- References: [ 1 ] Bug #1345859 - python3: python: Heap overflow in zipimporter module [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1345859 -------------------------------------------------------------------------------- ================================================================================ pyusb-1.0.0-1.fc23 (FEDORA-2016-4b8f5a0470) Python bindings for libusb -------------------------------------------------------------------------------- Update Information: 1.0.0 final -------------------------------------------------------------------------------- References: [ 1 ] Bug #1346180 - new upstream version available https://bugzilla.redhat.com/show_bug.cgi?id=1346180 -------------------------------------------------------------------------------- ================================================================================ qutebrowser-0.7.0-1.fc23 (FEDORA-2016-076fa33c16) A keyboard-driven, vim-like browser based on PyQt5 and QtWebKit -------------------------------------------------------------------------------- Update Information: Update to 0.7.0 -------------------------------------------------------------------------------- ================================================================================ xen-4.5.3-8.fc23 (FEDORA-2016-103752d2a9) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information: Qemu: scsi: esp: OOB r/w access while processing ESP_FIFO [CVE-2016-5338] (#1343323) Qemu: scsi: megasas: information leakage in megasas_ctrl_get_info [CVE-2016-5337] (#1343909) ---- fix for CVE-2016-2858 doesn't build with qemu- xen enabled Unsanitised guest input in libxl device handling code [XSA-175, CVE-2016-4962] (#1342132) Unsanitised driver domain input in libxl device handling [XSA-178, CVE-2016-4963] (#1342131) arm: Host crash caused by VMID exhaust [XSA-181] (#1342530) Qemu: display: vmsvga: out-of-bounds read in vmsvga_fifo_read_raw() routine [CVE-2016-4454] (#1340741) Qemu: display: vmsvga: infinite loop in vmsvga_fifo_run() routine [CVE-2016-4453] (#1340746) Qemu: scsi: esp: OOB write when using non-DMA mode in get_cmd [CVE-2016-5238] (#1341931) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1343323 - CVE-2016-5338 Qemu: scsi: esp: OOB r/w access while processing ESP_FIFO https://bugzilla.redhat.com/show_bug.cgi?id=1343323 [ 2 ] Bug #1343909 - CVE-2016-5337 Qemu: scsi: megasas: information leakage in megasas_ctrl_get_info https://bugzilla.redhat.com/show_bug.cgi?id=1343909 [ 3 ] Bug #1341931 - CVE-2016-5238 Qemu: scsi: esp: OOB write when using non-DMA mode in get_cmd https://bugzilla.redhat.com/show_bug.cgi?id=1341931 [ 4 ] Bug #1335438 - CVE-2016-4962 xsa175 xen: Unsanitised guest input in libxl device handling code (XSA-175) https://bugzilla.redhat.com/show_bug.cgi?id=1335438 [ 5 ] Bug #1335442 - CVE-2016-4963 xsa178 xen: Unsanitised driver domain input in libxl device handling (XSA-178) https://bugzilla.redhat.com/show_bug.cgi?id=1335442 [ 6 ] Bug #1342529 - CVE-2016-5242 xsa181 xen: arm: Host crash caused by VMID exhaustion (XSA-181) https://bugzilla.redhat.com/show_bug.cgi?id=1342529 [ 7 ] Bug #1336429 - CVE-2016-4454 Qemu: display: vmsvga: out-of-bounds read in vmsvga_fifo_read_raw() routine https://bugzilla.redhat.com/show_bug.cgi?id=1336429 [ 8 ] Bug #1336650 - CVE-2016-4453 Qemu: display: vmsvga: infinite loop in vmsvga_fifo_run() routine https://bugzilla.redhat.com/show_bug.cgi?id=1336650 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
