The following Fedora 23 Security updates need testing: Age URL 278 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23 236 https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe miniupnpc-1.9-6.fc23 209 https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324 jbig2dec-0.12-2.fc23 159 https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1 python-pymongo-3.0.3-1.fc23 159 https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8 thttpd-2.25b-37.fc23 124 https://bodhi.fedoraproject.org/updates/FEDORA-2016-637618fcd4 mingw-nsis-2.50-1.fc23 43 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b3b9407940 squid-3.5.10-4.fc23 21 https://bodhi.fedoraproject.org/updates/FEDORA-2016-89e0874533 ntp-4.2.6p5-41.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3a05803486 drupal7-7.44-1.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2a66f41200 xguest-1.0.10-33.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-031aa4a6b6 python3-3.4.3-8.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f8a01aa629 squidGuard-1.4-26.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f2493c754a setroubleshoot-3.3.9.1-1.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e538b11379 python-django-horizon-2015.1.4-1.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a5e392ef01 wordpress-4.5.3-1.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-21bd6a33af struts-1.3.10-18.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b68f69b086 setroubleshoot-plugins-3.3.5.1-1.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-73853a7a16 qemu-2.4.1-11.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-34a6b65583 php-5.6.23-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4f3c77ef90 php-pecl-zip-1.13.3-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9df3915036 phpMyAdmin-4.6.3-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0b966047e1 krb5-1.14.1-7.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d126bb1b74 gd-2.1.1-7.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3093027736 mediawiki-1.26.3-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fcccb0a547 nodejs-0.10.46-1.fc23 The following Fedora 23 Critical Path updates have yet to be approved: Age URL 19 https://bodhi.fedoraproject.org/updates/FEDORA-2016-28873e4832 vim-7.4.1868-1.fc23 19 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fad11727bf PackageKit-1.1.1-2.fc23 appstream-data-23-11.fc23 fwupd-0.7.1-1.fc23 gnome-software-3.20.3-1.fc23.1 json-glib-1.2.0-1.fc23 libappstream-glib-0.5.14-1.fc23 libgusb-0.2.9-1.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4c9c2badcb selinux-policy-3.13.1-158.20.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e9bc854cca texinfo-6.0-3.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-641487b5a4 hwdata-0.290-1.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-001588074b libfm-1.2.4-4.D20160618gitb22c0995e7.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-06b36c0134 lxsession-0.5.2-10.D20160417git9f8d613332.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7722e39e8c mesa-11.1.0-4.20151218.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f637b89dda samba-4.3.10-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4f6589e252 audit-2.6-3.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d126bb1b74 gd-2.1.1-7.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6fc93cb14c findutils-4.5.16-4.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0b966047e1 krb5-1.14.1-7.fc23 The following builds have been pushed to Fedora 23 updates-testing ansible-lint-3.0.1-2.fc23 arc-gui-clients-0.4.6-9.fc23 cairo-dock-plug-ins-3.4.1-8.fc23 ding-libs-0.6.0-29.fc23 findutils-4.5.16-4.fc23 fox-1.6.51-1.fc23 gd-2.1.1-7.fc23 guayadeque-0.4.1-0.11.beta1git1bc65f9.fc23 java-1.8.0-openjdk-1.8.0.92-4.b14.fc23 krb5-1.14.1-7.fc23 latex2rtf-2.3.11-1.fc23 libvirt-1.2.18.3-2.fc23 mediawiki-1.26.3-1.fc23 microcode_ctl-2.1-12.fc23 nodejs-0.10.46-1.fc23 osgearth-2.7-10.fc23 perl-generators-1.06-2.fc23 phpMyAdmin-4.6.3-1.fc23 qgit-2.6-1.fc23 rpmdevtools-8.7-1.fc23 rubygem-byebug-9.0.5-1.fc23 rubygem-hoe-3.15.1-1.fc23 rubygem-test-unit-3.2.0-100.fc23 safekeep-1.4.3-1.fc23 tracker-1.6.1-2.fc23 vex-0.0.18-1.fc23 xcircuit-3.9.48-2.fc23 yamllint-1.2.2-1.fc23 Details about builds: ================================================================================ ansible-lint-3.0.1-2.fc23 (FEDORA-2016-5bc4134f5e) Best practices checker for Ansible -------------------------------------------------------------------------------- Update Information: Fixed typo in previous changelog entry ---- Update to 3.0.0 release -------------------------------------------------------------------------------- ================================================================================ arc-gui-clients-0.4.6-9.fc23 (FEDORA-2016-c3df38b60c) ARC Graphical Clients -------------------------------------------------------------------------------- Update Information: Adapt to ARC 5.1 -------------------------------------------------------------------------------- ================================================================================ cairo-dock-plug-ins-3.4.1-8.fc23 (FEDORA-2016-6f0f99eaab) Plug-ins files for Cairo-Dock -------------------------------------------------------------------------------- Update Information: Currently weather forcast plugin does not work becase the URL where the information is retrieved changed. This new rpm applies the upstream patch to make weather plugin work again. -------------------------------------------------------------------------------- ================================================================================ ding-libs-0.6.0-29.fc23 (FEDORA-2016-6ebcf1d210) "Ding is not GLib" assorted utility libraries -------------------------------------------------------------------------------- Update Information: New upstream release (0.6.0) is backward compatible (only adds new functions). -------------------------------------------------------------------------------- ================================================================================ findutils-4.5.16-4.fc23 (FEDORA-2016-6fc93cb14c) The GNU versions of find utilities (find and xargs) -------------------------------------------------------------------------------- Update Information: - disable leaf optimization for NFS (#1299169) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1299169 - [abrt] find explicitly aborts suspiciously enumerating nfs-ganesha NFS mount https://bugzilla.redhat.com/show_bug.cgi?id=1299169 -------------------------------------------------------------------------------- ================================================================================ fox-1.6.51-1.fc23 (FEDORA-2016-188a3cc291) C++ based Toolkit for developing Graphical User Interfaces -------------------------------------------------------------------------------- Update Information: New version 1.6.51 is released. -------------------------------------------------------------------------------- ================================================================================ gd-2.1.1-7.fc23 (FEDORA-2016-d126bb1b74) A graphics library for quick creation of PNG or JPEG images -------------------------------------------------------------------------------- Update Information: Fix for stack overflow with gdImageFillToBorder (CVE-2015-8874) -------------------------------------------------------------------------------- ================================================================================ guayadeque-0.4.1-0.11.beta1git1bc65f9.fc23 (FEDORA-2016-38b282845a) Music player -------------------------------------------------------------------------------- Update Information: - Update to 0.4.1-0.11.beta1git1bc65f9 - Added BR libappstream-glib - Added appdata.xml file - Spec file cleanup ---- Update to 0.4.1-0.10.beta1git2420c01 ---- - Dropped Provides: bundled(wxcurl) = wxcurl_version wxcurl was replaced by libcurl library directly - Update to 0.4.1-0.9.beta1gitf6b11ba ---- * Wed Jun 08 2016 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 0.4.1-0.8.beta1gitce1ab15 - Update to 0.4.1-0.8.beta1gitce1ab15 * Sun Jun 05 2016 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 0.4.1-0.7.beta1git79b6383 - Documented licensing breakdown - Added Provides: bundled(wxcurl) = wxcurl_version * Sat Jun 04 2016 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 0.4.1-0.6.beta1git79b6383 - Update to 0.4.1-0.6.beta1git79b6383 - Added wxWidgets to License tag - Added %%dir %%{_datadir}/%%{name} because it's owned by the package - modified macro for l10n subpackage * Mon May 30 2016 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 0.4.1-0.5.beta1git26eaf8d - Update to 0.4.1-0.5.beta1git26eaf8d * Wed May 25 2016 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 0.4.1-0.4.beta1git13013ff - Update to 0.4.1-0.4.beta1git13013ff - Split locales into a l10n subpackage * Sun May 22 2016 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 0.4.1-0.3.beta1git35561f6 - Update to 0.4.1-0.3.beta1git35561f6 - Dropped BR subversion-devel - Removed Group tag, it's obsolete - Addes %%{name}-desktop.patch - Dropped -DCMAKE_INSTALL_PREFIX='%%{_prefix}' because it's already in %%cmake macro - Changed -DCMAKE_BUILD_TYPE='Release' to -DCMAKE_BUILD_TYPE='Debug' * Sun May 22 2016 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 0.4.1-0.2.beta1gitd2c0281 - Update to 0.4.1-0.2.beta1gitd2c0281 - Mark license files as %%license where available - Cleanup spec file * Sat May 21 2016 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 0.4.1-0.1.beta1git65f759c - Update to 0.4.1-0.1.beta1git65f759c -------------------------------------------------------------------------------- ================================================================================ java-1.8.0-openjdk-1.8.0.92-4.b14.fc23 (FEDORA-2016-26fc52d0a1) OpenJDK Runtime Environment -------------------------------------------------------------------------------- Update Information: family restricted by arch - note this may = in rare cases of multiple jdks instaled and non standart selcted to reset of alternatives. -------------------------------------------------------------------------------- ================================================================================ krb5-1.14.1-7.fc23 (FEDORA-2016-0b966047e1) The Kerberos network authentication system -------------------------------------------------------------------------------- Update Information: Fix length check for recv() in libkrad -------------------------------------------------------------------------------- ================================================================================ latex2rtf-2.3.11-1.fc23 (FEDORA-2016-41784bbe16) LaTeX to RTF converter that handles equations, figures, and cross-references -------------------------------------------------------------------------------- Update Information: Update to 2.3.11 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1346517 - latex2rtf-2.3.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=1346517 -------------------------------------------------------------------------------- ================================================================================ libvirt-1.2.18.3-2.fc23 (FEDORA-2016-1453ac5f30) Library providing a simple virtualization API -------------------------------------------------------------------------------- Update Information: * Advertise fedora edk2 firmware builds to apps (bz #1335395) -------------------------------------------------------------------------------- ================================================================================ mediawiki-1.26.3-1.fc23 (FEDORA-2016-3093027736) A wiki engine -------------------------------------------------------------------------------- Update Information: https://www.mediawiki.org/wiki/Release_notes/1.26#MediaWiki_1.26.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1338413 - mediawiki-1.26.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1338413 [ 2 ] Bug #1338658 - mediawiki: Multiple vulnerabilities fixed in 1.26.3, 1.25.6 and 1.23.14 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1338658 -------------------------------------------------------------------------------- ================================================================================ microcode_ctl-2.1-12.fc23 (FEDORA-2016-d2ea0d3ae6) Tool to transform and deploy CPU microcode update for x86 -------------------------------------------------------------------------------- Update Information: Update to upstream 2.1-9. 20160607 -------------------------------------------------------------------------------- ================================================================================ nodejs-0.10.46-1.fc23 (FEDORA-2016-fcccb0a547) JavaScript runtime -------------------------------------------------------------------------------- Update Information: Update to 0.10.46(security fix) -------------------------------------------------------------------------------- ================================================================================ osgearth-2.7-10.fc23 (FEDORA-2016-372290ad62) Dynamic map generation toolkit for OpenSceneGraph -------------------------------------------------------------------------------- Update Information: This update backports a patch to increase the performance of the GDAL driver when building heightfields, see https://github.com/gwaldron/osgearth/pull/744. -------------------------------------------------------------------------------- ================================================================================ perl-generators-1.06-2.fc23 (FEDORA-2016-7744d5c531) RPM Perl dependencies generators -------------------------------------------------------------------------------- Update Information: Fixed regression in parsing of heredoc -------------------------------------------------------------------------------- ================================================================================ phpMyAdmin-4.6.3-1.fc23 (FEDORA-2016-9df3915036) Handle the administration of MySQL over the World Wide Web -------------------------------------------------------------------------------- Update Information: phpMyAdmin 4.6.3 (2016-06-23) ============================= This version includes many security fixes that are announced as PMASA-2016-17 through PMASA-2016-28 which are posted at https://www.phpmyadmin.net/security/ Furthermore, version 4.6.3 includes the regularly scheduled maintenance improvements and bug fixes. In addition to bugs affecting particular version combinations, some of the other bugs fixed include: * Fixing cookie path on Windows * Fix MySQL SSL connections with some PHP versions * Fix listing of routines for non-privileged user As well as several more. Complete details are available in the ChangeLog. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1349500 - CVE-2016-5701 CVE-2016-5702 CVE-2016-5703 CVE-2016-5704 CVE-2016-5705 CVE-2016-5706 CVE-2016-5730 CVE-2016-5731 CVE-2016-5732 CVE-2016-5733 CVE-2016-5734 CVE-2016-5739 phpMyAdmin: 4.6.3, 4.4.15.7 and 4.0.10.16 security releases https://bugzilla.redhat.com/show_bug.cgi?id=1349500 -------------------------------------------------------------------------------- ================================================================================ qgit-2.6-1.fc23 (FEDORA-2016-52f9e7699b) GUI browser for git repositories -------------------------------------------------------------------------------- Update Information: - updated to 2.6 - switched to Qt 5 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1336144 - Build QGit v2.6 with Qt5 https://bugzilla.redhat.com/show_bug.cgi?id=1336144 -------------------------------------------------------------------------------- ================================================================================ rpmdevtools-8.7-1.fc23 (FEDORA-2016-9a18dce7e1) RPM Development Tools -------------------------------------------------------------------------------- Update Information: Update to 8.7, https://git.fedorahosted.org/cgit/rpmdevtools.git/tree/NEWS -------------------------------------------------------------------------------- References: [ 1 ] Bug #1256815 - Update /etc/rpmdevtools/*.spec files https://bugzilla.redhat.com/show_bug.cgi?id=1256815 [ 2 ] Bug #1290913 - rpmdev-newspec: remove obsolete stuff from the initial template https://bugzilla.redhat.com/show_bug.cgi?id=1290913 [ 3 ] Bug #1348737 - rpmdev-checksig is not python3 compatible https://bugzilla.redhat.com/show_bug.cgi?id=1348737 [ 4 ] Bug #1246273 - Add -f option to rpmdev-bumpspec [PATCH] https://bugzilla.redhat.com/show_bug.cgi?id=1246273 [ 5 ] Bug #1311255 - [RFE] rpmdev-packager check git configuration https://bugzilla.redhat.com/show_bug.cgi?id=1311255 [ 6 ] Bug #1259665 - rpmdev-bumpspec wrongly updates the release for new version in BIND spec https://bugzilla.redhat.com/show_bug.cgi?id=1259665 -------------------------------------------------------------------------------- ================================================================================ rubygem-byebug-9.0.5-1.fc23 (FEDORA-2016-0ca40ca1b0) Ruby 2.0 fast debugger - base + CLI -------------------------------------------------------------------------------- Update Information: New version 9.0.5 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-hoe-3.15.1-1.fc23 (FEDORA-2016-3a0ad0d8a7) Hoe is a simple rake/rubygems helper for project Rakefiles -------------------------------------------------------------------------------- Update Information: New version 3.15.1 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-test-unit-3.2.0-100.fc23 (FEDORA-2016-a5b85c06d6) Improved version of Test::Unit bundled in Ruby 1.8.x -------------------------------------------------------------------------------- Update Information: New version 3.2.0 is released. -------------------------------------------------------------------------------- ================================================================================ safekeep-1.4.3-1.fc23 (FEDORA-2016-ae6a252ec3) The SafeKeep backup system -------------------------------------------------------------------------------- Update Information: Latest upstream release -------------------------------------------------------------------------------- ================================================================================ tracker-1.6.1-2.fc23 (FEDORA-2016-a47dfb12b8) Desktop-neutral search tool and indexer -------------------------------------------------------------------------------- Update Information: Plug a memory leak. -------------------------------------------------------------------------------- ================================================================================ vex-0.0.18-1.fc23 (FEDORA-2016-62ac8b3576) Run commands in a virtualenv -------------------------------------------------------------------------------- Update Information: Initial package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1344245 - Review Request: vex - Tool for executing commands in Python virtualenv without activate/deactivate it https://bugzilla.redhat.com/show_bug.cgi?id=1344245 -------------------------------------------------------------------------------- ================================================================================ xcircuit-3.9.48-2.fc23 (FEDORA-2016-2cc0c081b2) Electronic circuit schematic drawing program -------------------------------------------------------------------------------- Update Information: xcircuit currently shipped on Fedora was not compiled with Tk correctly. This rpm should enable Tk support again. New version 3.9.48 is released. -------------------------------------------------------------------------------- ================================================================================ yamllint-1.2.2-1.fc23 (FEDORA-2016-c8430094ed) A linter for YAML files -------------------------------------------------------------------------------- Update Information: Update to latest upstream version -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
