The following Fedora 23 Security updates need testing: Age URL 319 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23 277 https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe miniupnpc-1.9-6.fc23 250 https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324 jbig2dec-0.12-2.fc23 200 https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1 python-pymongo-3.0.3-1.fc23 200 https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8 thttpd-2.25b-37.fc23 165 https://bodhi.fedoraproject.org/updates/FEDORA-2016-637618fcd4 mingw-nsis-2.50-1.fc23 41 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fcccb0a547 nodejs-0.10.46-1.fc23 21 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a7322c9fd1 spice-0.12.8-1.fc23 19 https://bodhi.fedoraproject.org/updates/FEDORA-2016-70b5173c05 ecryptfs-utils-111-1.fc23 19 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6db1c9eb69 dnsmasq-2.76-1.fc23 15 https://bodhi.fedoraproject.org/updates/FEDORA-2016-833533ffde ca-certificates-2016.2.8-1.0.fc23 15 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d6288f555c libarchive-3.2.1-3.fc23 14 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ec4c27d766 libgcrypt-1.6.5-1.fc23 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-610fe5f5f8 libidn-1.33-1.fc23 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a29c65b00f perl-CGI-Emulate-PSGI-0.22-1.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-bb0b94f8db perl-DBD-MySQL-4.033-2.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6fd3131c03 v8-3.14.5.10-25.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3fba74e7f5 bind-9.10.4-1.P2.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9402100276 openssh-7.2p2-5.fc23 selinux-policy-3.13.1-158.22.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8d79ade826 flex-2.6.0-2.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-aa394a130e nodejs-string-dot-prototype-dot-repeat-0.2.0-2.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0049aa6e5d xen-4.5.3-9.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0aa251bc9b perl-Module-Load-Conditional-0.68-1.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e8e353d493 krb5-1.14.1-8.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-754e4768d8 kernel-4.6.5-200.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d46685629d libreswan-3.18-1.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9de7253cc7 lighttpd-1.4.41-1.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7dd68d253f firefox-48.0-5.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2941b3264e bind99-9.9.9-1.P2.fc23 dhcp-4.3.3-10.P1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3ecd34d592 cryptobone-1.0.5-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-83189e6c2f drupal7-features-2.10-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8354baae0f curl-7.43.0-8.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6ec2009080 perl-5.22.2-354.fc23 The following Fedora 23 Critical Path updates have yet to be approved: Age URL 22 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fc3a26d327 coreutils-8.24-8.fc23 19 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6db1c9eb69 dnsmasq-2.76-1.fc23 17 https://bodhi.fedoraproject.org/updates/FEDORA-2016-70344c9c11 thunderbird-45.2.0-1.fc23 15 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d6288f555c libarchive-3.2.1-3.fc23 15 https://bodhi.fedoraproject.org/updates/FEDORA-2016-833533ffde ca-certificates-2016.2.8-1.0.fc23 15 https://bodhi.fedoraproject.org/updates/FEDORA-2016-98a7a1b6e0 abrt-2.8.0-6.fc23 libreport-2.6.4-3.fc23 15 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f76d52932c koji-1.10.1-10.fc23 14 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ec4c27d766 libgcrypt-1.6.5-1.fc23 14 https://bodhi.fedoraproject.org/updates/FEDORA-2016-65dc8f0ead libassuan-2.4.3-1.fc23 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-610fe5f5f8 libidn-1.33-1.fc23 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c87f8f1eb3 systemtap-3.0-3.fc23 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6838cbe113 libcap-ng-0.7.8-1.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9402100276 openssh-7.2p2-5.fc23 selinux-policy-3.13.1-158.22.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3fba74e7f5 bind-9.10.4-1.P2.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-bb0b94f8db perl-DBD-MySQL-4.033-2.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ec7bd55286 lua-5.3.3-2.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-33b89975fe gpgme-1.6.0-3.fc23 python-pygpgme-0.3-18.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-979cb0cc41 PackageKit-1.1.3-2.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-754e4768d8 kernel-4.6.5-200.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e8e353d493 krb5-1.14.1-8.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-bf67dde9d1 libdv-1.0.0-22.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c118a201c7 json-glib-1.2.2-1.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cf2821a0cf perl-Digest-1.17-347.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7dd68d253f firefox-48.0-5.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-87e128568d nss-3.25.0-1.2.fc23 nss-pem-1.0.2-2.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9eac2e8d3d audit-2.6.6-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6ec2009080 perl-5.22.2-354.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8354baae0f curl-7.43.0-8.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e9a0a36d6a perl-PathTools-3.62-2.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1078d26cc4 hwdata-0.291-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fb5b8c5730 pciutils-3.5.1-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0adfcb6751 perl-IO-Compress-2.068-348.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4e01e9c6d5 bluez-5.41-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2941b3264e bind99-9.9.9-1.P2.fc23 dhcp-4.3.3-10.P1.fc23 The following builds have been pushed to Fedora 23 updates-testing amanda-3.3.9-2.fc23 curl-7.43.0-8.fc23 fuse-encfs-1.8.1-2.fc23 kmix-16.04.3-2.fc23 perl-5.22.2-354.fc23 php-5.6.25-0.1.RC1.fc23 wlc-0.0.5-1.fc23 zanata-client-3.9.1-2.fc23 Details about builds: ================================================================================ amanda-3.3.9-2.fc23 (FEDORA-2016-7b6f54ca75) A network-capable tape backup solution -------------------------------------------------------------------------------- Update Information: Bugfix update - Tie::StdHash permission problem BZ#1257686 ---- New upstream release 3.3.9. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1257686 - Multiple tools have permission problems https://bugzilla.redhat.com/show_bug.cgi?id=1257686 [ 2 ] Bug #1360703 - amanda-3.3.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1360703 -------------------------------------------------------------------------------- ================================================================================ curl-7.43.0-8.fc23 (FEDORA-2016-8354baae0f) A utility for getting files from remote servers (FTP, HTTP, and others) -------------------------------------------------------------------------------- Update Information: - fix re-using connections with wrong client cert (CVE-2016-5420) - fix TLS session resumption client cert bypass (CVE-2016-5419) - fix use of connection struct after free (CVE-2016-5421) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1362199 - CVE-2016-5421 curl: Use of connection struct after free https://bugzilla.redhat.com/show_bug.cgi?id=1362199 [ 2 ] Bug #1362190 - CVE-2016-5420 curl: Re-using connection with wrong client cert https://bugzilla.redhat.com/show_bug.cgi?id=1362190 [ 3 ] Bug #1362183 - CVE-2016-5419 curl: TLS session resumption client cert bypass https://bugzilla.redhat.com/show_bug.cgi?id=1362183 -------------------------------------------------------------------------------- ================================================================================ fuse-encfs-1.8.1-2.fc23 (FEDORA-2016-64d1842d0a) Encrypted pass-thru filesystem in userspace -------------------------------------------------------------------------------- Update Information: Revert remove o-default_permissions-unless-needed. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1363723 - Files treated as executable https://bugzilla.redhat.com/show_bug.cgi?id=1363723 -------------------------------------------------------------------------------- ================================================================================ kmix-16.04.3-2.fc23 (FEDORA-2016-373c953ec0) KDE volume control -------------------------------------------------------------------------------- Update Information: Candidate fix for scrollwheel crasher -------------------------------------------------------------------------------- References: [ 1 ] Bug #1352119 - kmix: crash changing volume for individual streams since qt-5.6.1 https://bugzilla.redhat.com/show_bug.cgi?id=1352119 -------------------------------------------------------------------------------- ================================================================================ perl-5.22.2-354.fc23 (FEDORA-2016-6ec2009080) Practical Extraction and Report Language -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-1238 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1355695 - CVE-2016-1238 perl: loading of modules from current directory https://bugzilla.redhat.com/show_bug.cgi?id=1355695 -------------------------------------------------------------------------------- ================================================================================ php-5.6.25-0.1.RC1.fc23 (FEDORA-2016-22e6229e5a) PHP scripting language for creating dynamic web sites -------------------------------------------------------------------------------- Update Information: **For testing** only, Release Candidate of upcoming 5.6.25. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1362571 - php-5.6.24-2.fc24.x86_64 not returning full results for exif_read_data function https://bugzilla.redhat.com/show_bug.cgi?id=1362571 -------------------------------------------------------------------------------- ================================================================================ wlc-0.0.5-1.fc23 (FEDORA-2016-997213da71) Wayland compositor library -------------------------------------------------------------------------------- Update Information: New version around ---- Upstream update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1361574 - wlc-v0.0.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1361574 -------------------------------------------------------------------------------- ================================================================================ zanata-client-3.9.1-2.fc23 (FEDORA-2016-fdb763eba3) Zanata client module -------------------------------------------------------------------------------- Update Information: Remove irrelevant resteasy dependency -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
