The following Fedora 23 Security updates need testing: Age URL 312 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23 270 https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe miniupnpc-1.9-6.fc23 243 https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324 jbig2dec-0.12-2.fc23 193 https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1 python-pymongo-3.0.3-1.fc23 193 https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8 thttpd-2.25b-37.fc23 158 https://bodhi.fedoraproject.org/updates/FEDORA-2016-637618fcd4 mingw-nsis-2.50-1.fc23 34 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fcccb0a547 nodejs-0.10.46-1.fc23 14 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a7322c9fd1 spice-0.12.8-1.fc23 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-70b5173c05 ecryptfs-utils-111-1.fc23 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6db1c9eb69 dnsmasq-2.76-1.fc23 10 https://bodhi.fedoraproject.org/updates/FEDORA-2016-430bc0f808 p7zip-16.02-1.fc23 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-833533ffde ca-certificates-2016.2.8-1.0.fc23 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d6288f555c libarchive-3.2.1-3.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cd2bd0800f php-5.6.24-1.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b777fc7a8b php-pecl-zip-1.13.4-1.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2e20730676 pbuilder-0.225.2-1.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ec4c27d766 libgcrypt-1.6.5-1.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-97ca9d52a4 python-django-1.8.14-1.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-610fe5f5f8 libidn-1.33-1.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8dc0af2c29 php-doctrine-common-2.5.3-1.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a29c65b00f perl-CGI-Emulate-PSGI-0.22-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6de0b19b3b dropbear-2016.74-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6a1dc53971 dietlibc-0.33-8.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-bb0b94f8db perl-DBD-MySQL-4.033-2.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-23f0d552e8 collectd-5.5.2-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6fd3131c03 v8-3.14.5.10-25.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2941b3264e bind99-9.9.9-1.P2.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3fba74e7f5 bind-9.10.4-1.P2.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9402100276 openssh-7.2p2-5.fc23 selinux-policy-3.13.1-158.22.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-197a01f756 lighttpd-1.4.40-4.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8d79ade826 flex-2.6.0-2.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-aa394a130e nodejs-string-dot-prototype-dot-repeat-0.2.0-2.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0aa251bc9b perl-Module-Load-Conditional-0.66-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0049aa6e5d xen-4.5.3-9.fc23 The following Fedora 23 Critical Path updates have yet to be approved: Age URL 15 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fc3a26d327 coreutils-8.24-8.fc23 15 https://bodhi.fedoraproject.org/updates/FEDORA-2016-916c007124 firefox-47.0.1-2.fc23 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6db1c9eb69 dnsmasq-2.76-1.fc23 10 https://bodhi.fedoraproject.org/updates/FEDORA-2016-70344c9c11 thunderbird-45.2.0-1.fc23 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-833533ffde ca-certificates-2016.2.8-1.0.fc23 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-98a7a1b6e0 abrt-2.8.0-6.fc23 libreport-2.6.4-3.fc23 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f76d52932c koji-1.10.1-10.fc23 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d6288f555c libarchive-3.2.1-3.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ec4c27d766 libgcrypt-1.6.5-1.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-65dc8f0ead libassuan-2.4.3-1.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-610fe5f5f8 libidn-1.33-1.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c87f8f1eb3 systemtap-3.0-3.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6838cbe113 libcap-ng-0.7.8-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-979cb0cc41 PackageKit-1.1.3-2.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9402100276 openssh-7.2p2-5.fc23 selinux-policy-3.13.1-158.22.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3fba74e7f5 bind-9.10.4-1.P2.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-bb0b94f8db perl-DBD-MySQL-4.033-2.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ec7bd55286 lua-5.3.3-2.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-33b89975fe gpgme-1.6.0-3.fc23 python-pygpgme-0.3-18.fc23 The following builds have been pushed to Fedora 23 updates-testing COPASI-4.17-0.6.20160720git31a978.fc23 PackageKit-1.1.3-2.fc23 amanda-3.3.9-1.fc23 ansible-2.1.1.0-1.fc23 ansible-inventory-grapher-2.3.1-1.fc23 ansible-lint-3.2.5-1.fc23 arp-scan-1.9.2-1.fc23 clufter-0.59.1-1.fc23 codeblocks-16.01-1.fc23 flex-2.6.0-2.fc23 golang-github-gengo-grpc-gateway-0-0.1.gitdcb8443.fc23 golang-googlecode-goprotobuf-0-0.24.git8616e8e.fc23 idris-0.9.9.1-8.fc23 libappstream-glib-0.5.17-1.fc23 libtaskotron-0.4.15-1.fc23 lilypond-2.19.46-2.fc23 lilypond-doc-2.19.46-1.fc23 mame-0.176-1.fc23 mingw-gcc-5.3.0-1.fc23 mozilla-requestpolicy-1.0-0.15.20160626git06f4c1.fc23 netpbm-10.75.99-1.fc23 nodejs-string-dot-prototype-dot-repeat-0.2.0-2.fc23 perl-DBICx-Sugar-0.0001-1.fc23 perl-DBIx-SearchBuilder-1.67-1.fc23 perl-Dancer2-Plugin-REST-0.27-2.fc23 perl-Module-Load-Conditional-0.66-1.fc23 perl-POSIX-strftime-Compiler-0.42-1.fc23 php-alcaeus-mongo-php-adapter-1.0.5-2.fc23 php-horde-Horde-Auth-2.2.0-1.fc23 php-horde-Horde-Core-2.25.0-1.fc23 php-horde-Horde-Mime-Viewer-2.2.0-1.fc23 php-mongodb-1.0.2-1.fc23 qmc2-0.66-1.fc23 qutebrowser-0.8.1-1.fc23 rt-4.2.13-1.fc23 scalapack-2.0.2-15.fc23 telegram-cli-1.3.3-0.6.20160323git443793.fc23 wireshark-1.12.13-1.fc23 xen-4.5.3-9.fc23 Details about builds: ================================================================================ COPASI-4.17-0.6.20160720git31a978.fc23 (FEDORA-2016-0cde6db767) Biochemical network simulator -------------------------------------------------------------------------------- Update Information: - Update to build-119 -------------------------------------------------------------------------------- ================================================================================ PackageKit-1.1.3-2.fc23 (FEDORA-2016-979cb0cc41) Package management service -------------------------------------------------------------------------------- Update Information: This update fixes a packagekitd crash that can occur under certain conditions when preparing system upgrades. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1359479 - [abrt] PackageKit: _g_log_abort(): packagekitd killed by SIGTRAP https://bugzilla.redhat.com/show_bug.cgi?id=1359479 -------------------------------------------------------------------------------- ================================================================================ amanda-3.3.9-1.fc23 (FEDORA-2016-90418afb52) A network-capable tape backup solution -------------------------------------------------------------------------------- Update Information: New upstream release 3.3.9. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1360703 - amanda-3.3.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1360703 -------------------------------------------------------------------------------- ================================================================================ ansible-2.1.1.0-1.fc23 (FEDORA-2016-730456169d) SSH-based configuration management, deployment, and task execution system -------------------------------------------------------------------------------- Update Information: Update to ansible 2.1.1 with lots of bugfixes. See: https://github.com/ansible/ansible/blob/stable-2.1/CHANGELOG.md for a full list -------------------------------------------------------------------------------- References: [ 1 ] Bug #1346950 - Ansible fails on Amazon Linux https://bugzilla.redhat.com/show_bug.cgi?id=1346950 -------------------------------------------------------------------------------- ================================================================================ ansible-inventory-grapher-2.3.1-1.fc23 (FEDORA-2016-0550c2629e) Creates graphs representing ansible inventory -------------------------------------------------------------------------------- Update Information: Update to 2.3.1 -------------------------------------------------------------------------------- ================================================================================ ansible-lint-3.2.5-1.fc23 (FEDORA-2016-0ac1a742bd) Best practices checker for Ansible -------------------------------------------------------------------------------- Update Information: Update to 3.2.5 -------------------------------------------------------------------------------- ================================================================================ arp-scan-1.9.2-1.fc23 (FEDORA-2016-e8ed85672d) Scanning and fingerprinting tool -------------------------------------------------------------------------------- Update Information: fix #1359953 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1359953 - [abrt] arp-scan: get_hardware_address(): arp-scan killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1359953 -------------------------------------------------------------------------------- ================================================================================ clufter-0.59.1-1.fc23 (FEDORA-2016-7f4472a4ea) Tool/library for transforming/analyzing cluster configuration formats -------------------------------------------------------------------------------- Update Information: - bump upstream package, see https://pagure.io/clufter/releases -------------------------------------------------------------------------------- ================================================================================ codeblocks-16.01-1.fc23 (FEDORA-2016-876fecb8cc) An open source, cross platform, free C++ IDE -------------------------------------------------------------------------------- Update Information: New Code::Blocks release, that fixes several bugs. Backported fixes for license issues, unbundling and gcc6 build and optimization issues. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1350094 - [abrt] codeblocks: wxStringBase::operator=(): codeblocks killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1350094 [ 2 ] Bug #1342076 - codeblocks segfault when start https://bugzilla.redhat.com/show_bug.cgi?id=1342076 [ 3 ] Bug #1324176 - [abrt] codeblocks: wxConvBrokenFileNames::GetMBNulLen(): codeblocks killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1324176 [ 4 ] Bug #1295328 - codeblocks contain problematic content https://bugzilla.redhat.com/show_bug.cgi?id=1295328 [ 5 ] Bug #1288615 - [abrt] codeblocks: main_arena(): codeblocks killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1288615 [ 6 ] Bug #1284644 - [abrt] codeblocks: wxAppBase::SendIdleEvents(): codeblocks killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1284644 [ 7 ] Bug #1301412 - codeblocks-16.01 is available https://bugzilla.redhat.com/show_bug.cgi?id=1301412 -------------------------------------------------------------------------------- ================================================================================ flex-2.6.0-2.fc23 (FEDORA-2016-8d79ade826) A tool for creating scanners (text pattern recognizers) -------------------------------------------------------------------------------- Update Information: Change type for num_to_read from yy_size_t to int. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1360743 - CVE-2016-6354 flex: buffer overflow in generated code (yy_get_next_buffer) https://bugzilla.redhat.com/show_bug.cgi?id=1360743 -------------------------------------------------------------------------------- ================================================================================ golang-github-gengo-grpc-gateway-0-0.1.gitdcb8443.fc23 (FEDORA-2016-efae8bcfe5) GRPC to JSON proxy generator -------------------------------------------------------------------------------- Update Information: First package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1354375 - Review Request: golang-github-gengo-grpc-gateway - GRPC to JSON proxy generator https://bugzilla.redhat.com/show_bug.cgi?id=1354375 -------------------------------------------------------------------------------- ================================================================================ golang-googlecode-goprotobuf-0-0.24.git8616e8e.fc23 (FEDORA-2016-d692b64fb1) Go support for Google protocol buffers -------------------------------------------------------------------------------- Update Information: Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1246113 - Tracker for golang-googlecode-goprotobuf https://bugzilla.redhat.com/show_bug.cgi?id=1246113 -------------------------------------------------------------------------------- ================================================================================ idris-0.9.9.1-8.fc23 (FEDORA-2016-a11c85f02c) Functional Programming Language with Dependent Types -------------------------------------------------------------------------------- Update Information: require gmp-devel -------------------------------------------------------------------------------- References: [ 1 ] Bug #1360168 - Missing gmp-dev dependency https://bugzilla.redhat.com/show_bug.cgi?id=1360168 -------------------------------------------------------------------------------- ================================================================================ libappstream-glib-0.5.17-1.fc23 (FEDORA-2016-966492d1a6) Library for AppStream metadata -------------------------------------------------------------------------------- Update Information: appstream-glib 0.5.17 release. - Add external (X-*) keys of an app's desktop file as metadata AsApp - Correct disabling of timestamps for gzip - Do not add multiple categories for apps with AudioVideo - Do not emit a warning when flatpak user directory doesn't exist - Fall back to the country code in as_app_get_language() -------------------------------------------------------------------------------- ================================================================================ libtaskotron-0.4.15-1.fc23 (FEDORA-2016-67b3ccdf50) Taskotron Support Library -------------------------------------------------------------------------------- Update Information: Update to new release 0.4.15 -------------------------------------------------------------------------------- ================================================================================ lilypond-2.19.46-2.fc23 (FEDORA-2016-3084567130) A typesetting system for music notation -------------------------------------------------------------------------------- Update Information: Latest upstream. -------------------------------------------------------------------------------- ================================================================================ lilypond-doc-2.19.46-1.fc23 (FEDORA-2016-3084567130) HTML documentation for LilyPond -------------------------------------------------------------------------------- Update Information: Latest upstream. -------------------------------------------------------------------------------- ================================================================================ mame-0.176-1.fc23 (FEDORA-2016-2332ed101d) Multiple Arcade Machine Emulator -------------------------------------------------------------------------------- Update Information: This is an update to the latest mame release: * http://mamedev.org/?p=429 -------------------------------------------------------------------------------- ================================================================================ mingw-gcc-5.3.0-1.fc23 (FEDORA-2016-b104b75866) MinGW Windows cross-compiler (GCC) for C -------------------------------------------------------------------------------- Update Information: MinGW gcc 5.3.0 release. -------------------------------------------------------------------------------- ================================================================================ mozilla-requestpolicy-1.0-0.15.20160626git06f4c1.fc23 (FEDORA-2016-777a0e5180) Firefox and Seamonkey extension that gives you control over cross-site requests -------------------------------------------------------------------------------- Update Information: - Update to v1.0.beta12.2 - Drop old patch -------------------------------------------------------------------------------- ================================================================================ netpbm-10.75.99-1.fc23 (FEDORA-2016-136ea2a5b7) A library for handling different graphics file formats -------------------------------------------------------------------------------- Update Information: Update to the latest upstream release (#1361103) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1361103 - netpbm 10.75.99 is available https://bugzilla.redhat.com/show_bug.cgi?id=1361103 -------------------------------------------------------------------------------- ================================================================================ nodejs-string-dot-prototype-dot-repeat-0.2.0-2.fc23 (FEDORA-2016-aa394a130e) A robust & optimized `String.prototype.repeat` polyfill -------------------------------------------------------------------------------- Update Information: Update for security reasons -------------------------------------------------------------------------------- ================================================================================ perl-DBICx-Sugar-0.0001-1.fc23 (FEDORA-2016-d5e507ab93) Just some syntax sugar for DBIx::Class -------------------------------------------------------------------------------- Update Information: This perl modules gives you syntax sugar for your DBIx::Class applications. This was originally created to remove code duplication between Dancer::Plugin::DBIC and Dancer2::Plugin::DBIC. -------------------------------------------------------------------------------- ================================================================================ perl-DBIx-SearchBuilder-1.67-1.fc23 (FEDORA-2016-9bcfa45118) Encapsulate SQL queries and rows in simple perl objects -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ================================================================================ perl-Dancer2-Plugin-REST-0.27-2.fc23 (FEDORA-2016-2a99e824e6) Plugin for writing RESTful apps with Dancer2 -------------------------------------------------------------------------------- Update Information: This package contains a plugin for the Dancer2 framework, helping you to write a RESTful web-service. -------------------------------------------------------------------------------- ================================================================================ perl-Module-Load-Conditional-0.66-1.fc23 (FEDORA-2016-0aa251bc9b) Looking up module information and loading at run-time -------------------------------------------------------------------------------- Update Information: This update adds an option "FORCE_SAFE_INC", which, if set (it isn't by default), removes the current directory from the module load path so as to avoid loading code from a potentially unsafe place (CVE-2016-1238). -------------------------------------------------------------------------------- ================================================================================ perl-POSIX-strftime-Compiler-0.42-1.fc23 (FEDORA-2016-a7fcb1e789) GNU C library compatible strftime for loggers and servers -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ================================================================================ php-alcaeus-mongo-php-adapter-1.0.5-2.fc23 (FEDORA-2016-8a8350eca4) Mongo PHP Adapter -------------------------------------------------------------------------------- Update Information: The Mongo PHP Adapter is a userland library designed to act as an adapter between applications relying on ext-mongo and the new driver (ext-mongodb). It provides the API of ext-mongo built on top of mongo-php-library, thus being compatible with PHP 7. Autoloader: /usr/share/php/Alcaeus/MongoDbAdapter/autoload.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1347147 - Review Request: php-alcaeus-mongo-php-adapter - Mongo PHP Adapter https://bugzilla.redhat.com/show_bug.cgi?id=1347147 -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Auth-2.2.0-1.fc23 (FEDORA-2016-5f94f7ef5f) Horde Authentication API -------------------------------------------------------------------------------- Update Information: **Horde_Auth 2.2.0** * [jan] Add searchUsers() method. -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Core-2.25.0-1.fc23 (FEDORA-2016-f3c61d8b51) Horde Core Framework libraries -------------------------------------------------------------------------------- Update Information: **Horde_Core 2.25.0** * [jan] Allow to use the pretty autocompleter without Ajax requests. * [mjr] Allow adding CSS files with Ajax response. * [mjr] Use syntaxhighlighter version 4. * [jan] Fix issue with prototype.js that keeps images in HTML messages from loading. -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Mime-Viewer-2.2.0-1.fc23 (FEDORA-2016-1773d2436a) Horde MIME Viewer Library -------------------------------------------------------------------------------- Update Information: **Horde_Mime_Viewer 2.2.0** * [mjr] Add SyntaxHighlighter version 4 support. -------------------------------------------------------------------------------- ================================================================================ php-mongodb-1.0.2-1.fc23 (FEDORA-2016-d3b672fcd2) MongoDB driver library -------------------------------------------------------------------------------- Update Information: This library provides a high-level abstraction around the lower-level drivers for PHP and HHVM (i.e. the mongodb extension). While the extension provides a limited API for executing commands, queries, and write operations, this library implements an API similar to that of the legacy PHP driver. It contains abstractions for client, database, and collection objects, and provides methods for CRUD operations and common commands (e.g. index and collection management). Autoloader: /usr/share/php/MongoDB/autoload.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1276834 - Review Request: php-mongodb - MongoDB driver library https://bugzilla.redhat.com/show_bug.cgi?id=1276834 -------------------------------------------------------------------------------- ================================================================================ qmc2-0.66-1.fc23 (FEDORA-2016-aed5cd2cdf) M.A.M.E. Catalog / Launcher II -------------------------------------------------------------------------------- Update Information: This is an update to the latest qmc2 release: * http://qmc2.batcom- it.net/index.php/2016/07/27/qmc2-0-66-released/ -------------------------------------------------------------------------------- ================================================================================ qutebrowser-0.8.1-1.fc23 (FEDORA-2016-4e45e9f5a9) A keyboard-driven, vim-like browser based on PyQt5 and QtWebKit -------------------------------------------------------------------------------- Update Information: Update to 0.8.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1360325 - qutebrowser-v0.8.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1360325 -------------------------------------------------------------------------------- ================================================================================ rt-4.2.13-1.fc23 (FEDORA-2016-dff6ba382b) Request tracker -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ================================================================================ scalapack-2.0.2-15.fc23 (FEDORA-2016-560cf441fc) A subset of LAPACK routines redesigned for heterogeneous computing -------------------------------------------------------------------------------- Update Information: Fix issue with scalapack shared library where it didn't include blacs. Fix openmpi/mpich subpackages to explicitly require matching mpi implementation. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357018 - scalapack/blacs auto Require dependencies on openmpi and mpich are ambiguous https://bugzilla.redhat.com/show_bug.cgi?id=1357018 [ 2 ] Bug #1360997 - un-necessary shared objects causing DSO issues https://bugzilla.redhat.com/show_bug.cgi?id=1360997 -------------------------------------------------------------------------------- ================================================================================ telegram-cli-1.3.3-0.6.20160323git443793.fc23 (FEDORA-2016-e0486c027a) Linux Command-line interface for Telegram -------------------------------------------------------------------------------- Update Information: - Update to new commit #443793 - Python support is disabled (partially abandoned by upstream) -------------------------------------------------------------------------------- ================================================================================ wireshark-1.12.13-1.fc23 (FEDORA-2016-a6133b9717) Network traffic analyzer -------------------------------------------------------------------------------- Update Information: Ver. 1.12.13 -------------------------------------------------------------------------------- ================================================================================ xen-4.5.3-9.fc23 (FEDORA-2016-0049aa6e5d) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information: x86: Privilege escalation in PV guests [XSA-182, CVE-2016-6258] x86: Missing SMAP whitelisting in 32-bit exception / event delivery [XSA-183, CVE-2016-6259] virtio: unbounded memory allocation issue [XSA-184, CVE-2016-5403] Qemu: scsi: esp: OOB write access in esp_do_dma [CVE-2016-6351] -------------------------------------------------------------------------------- References: [ 1 ] Bug #1360599 - CVE-2016-6351 Qemu: scsi: esp: OOB write access in esp_do_dma https://bugzilla.redhat.com/show_bug.cgi?id=1360599 [ 2 ] Bug #1355987 - CVE-2016-6258 xsa182 xen: x86: Privilege escalation in PV guests (XSA-182) https://bugzilla.redhat.com/show_bug.cgi?id=1355987 [ 3 ] Bug #1355983 - CVE-2016-6259 xsa183 xen: x86: Missing SMAP whitelisting in 32-bit exception / event delivery (XSA-183) https://bugzilla.redhat.com/show_bug.cgi?id=1355983 [ 4 ] Bug #1358359 - CVE-2016-5403 Qemu: virtio: unbounded memory allocation on host via guest leading to DoS https://bugzilla.redhat.com/show_bug.cgi?id=1358359 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
