The following Fedora 23 Security updates need testing: Age URL 367 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23 325 https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe miniupnpc-1.9-6.fc23 298 https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324 jbig2dec-0.12-2.fc23 248 https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1 python-pymongo-3.0.3-1.fc23 248 https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8 thttpd-2.25b-37.fc23 213 https://bodhi.fedoraproject.org/updates/FEDORA-2016-637618fcd4 mingw-nsis-2.50-1.fc23 89 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fcccb0a547 nodejs-0.10.46-1.fc23 67 https://bodhi.fedoraproject.org/updates/FEDORA-2016-70b5173c05 ecryptfs-utils-111-1.fc23 55 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9402100276 openssh-7.2p2-5.fc23 selinux-policy-3.13.1-158.22.fc23 54 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8d79ade826 flex-2.6.0-2.fc23 44 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c2ec9c716e redis-3.2.3-1.fc23 37 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d6288f555c libarchive-3.2.1-3.fc23 python-libarchive-c-2.5-1.fc23 35 https://bodhi.fedoraproject.org/updates/FEDORA-2016-47dc2b203f firewalld-0.4.3.3-1.fc23 20 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b3a6435b14 dhcpcd-6.11.3-1.fc23 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ed1c402851 thunderbird-45.3.0-1.fc23 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-efffcc7aec pdns-3.4.10-1.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-80f4f71eff curl-7.43.0-10.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-db71b72137 php-5.6.26-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-58f90ae3cc mariadb-10.0.27-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-286a8ec5b0 nodejs-tough-cookie-2.3.1-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-de277b9183 firefox-49.0-2.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0de0e0ee0c gd-2.1.1-10.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4cedbd4308 mongodb-3.0.12-2.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cc7f19cb5b jansson-2.9-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-14bc73b990 php-adodb-5.20.6-2.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-bc0e4e3f5a community-mysql-5.6.33-1.fc23 The following Fedora 23 Critical Path updates have yet to be approved: Age URL 64 https://bodhi.fedoraproject.org/updates/FEDORA-2016-98a7a1b6e0 abrt-2.8.0-6.fc23 libreport-2.6.4-3.fc23 55 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9402100276 openssh-7.2p2-5.fc23 selinux-policy-3.13.1-158.22.fc23 37 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d6288f555c libarchive-3.2.1-3.fc23 python-libarchive-c-2.5-1.fc23 36 https://bodhi.fedoraproject.org/updates/FEDORA-2016-343c55ea44 linux-firmware-20160816-67.git7c3dfc0b.fc23 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0ab60daf6d systemtap-3.0-4.fc23 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ed1c402851 thunderbird-45.3.0-1.fc23 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1d3fc3e3aa xfsprogs-4.5.0-2.fc23 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9b2440c972 dbus-glib-0.108-1.fc23 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b249196d24 tigervnc-1.7.0-1.fc23 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-dd6dc98c23 audit-2.6.7-1.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-80f4f71eff curl-7.43.0-10.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f739cc7524 selinux-policy-3.13.1-158.24.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0de0e0ee0c gd-2.1.1-10.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-de277b9183 firefox-49.0-2.fc23 The following builds have been pushed to Fedora 23 updates-testing aime-8.20160916-1.fc23 clamtk-5.22-1.fc23 coin-or-Ipopt-3.12.6-2.fc23 community-mysql-5.6.33-1.fc23 engauge-digitizer-9.3-1.fc23 firefox-49.0-2.fc23 flatpak-0.6.11-1.fc23 fuse-encfs-1.9.1-1.fc23 gd-2.1.1-10.fc23 gnome-shell-extension-openweather-1-0.24.20160920git39821fa.fc23 gnuchess-6.2.3-1.fc23 jansson-2.9-1.fc23 julia-0.4.7-1.fc23 ksensors-0.7.3-34.fc23 libburn-1.4.6-1.fc23 libcint-2.8.7-3.fc23 libisoburn-1.4.6-1.fc23 libisofs-1.4.6-1.fc23 libmateweather-1.14.3-1.fc23 mariadb-10.0.27-1.fc23 mongodb-3.0.12-2.fc23 mozjs38-38.8.0-2.fc23 nodejs-tough-cookie-2.3.1-1.fc23 perl-DateTime-Format-Pg-0.16012-2.fc23 php-adodb-5.20.6-2.fc23 php-horde-Horde-Core-2.27.0-1.fc23 php-jsonlint-1.4.1-1.fc23 php-myclabs-deep-copy-1.5.4-1.fc23 php-nikic-php-parser-2.1.1-1.fc23 php-udan11-sql-parser-3.4.7-1.fc23 pjproject-2.4.5-6.fc23 python-carbon-0.9.15-6.fc23 python-inotify-0.9.6-6.fc23 python-pytest-catchlog-1.2.2-2.fc23 qbittorrent-3.3.7-1.fc23 qcint-1.8.6-1.fc23 recoll-1.22.3-1.fc23 screen-4.4.0-3.fc23 trac-1.0.13-1.fc23 usbguard-0.6.2-1.fc23 vim-syntastic-3.7.0-6.fc23 wxGTK-2.8.12-26.fc23 wxGTK3-3.0.2-23.fc23 yamllint-1.4.0-1.fc23 Details about builds: ================================================================================ aime-8.20160916-1.fc23 (FEDORA-2016-dda30aa89c) An application embeddable programming language interpreter -------------------------------------------------------------------------------- Update Information: Updated to new 8.20160916 upstream version, fixes rhbz #1376995 ---- Updated to new 8.20160903 upstream version, fixes rhbz #1354181 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1354181 - aime-8.20160903 is available https://bugzilla.redhat.com/show_bug.cgi?id=1354181 [ 2 ] Bug #1376995 - aime-8.20160916 is available https://bugzilla.redhat.com/show_bug.cgi?id=1376995 -------------------------------------------------------------------------------- ================================================================================ clamtk-5.22-1.fc23 (FEDORA-2016-c022db5b06) Easy to use graphical user interface for Clam anti virus -------------------------------------------------------------------------------- Update Information: Update to 5.22. -------------------------------------------------------------------------------- ================================================================================ coin-or-Ipopt-3.12.6-2.fc23 (FEDORA-2016-eb895b3eb4) Interior Point OPTimizer -------------------------------------------------------------------------------- Update Information: - Exclude strings.h wrapper installation (bz#1375290) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1375290 - ipopt adds in /usr/include/openmpi-x86_64/strings.h - which breaks hdf5 build from source - when using /usr/lib64/openmpi/bin/mpicc https://bugzilla.redhat.com/show_bug.cgi?id=1375290 -------------------------------------------------------------------------------- ================================================================================ community-mysql-5.6.33-1.fc23 (FEDORA-2016-bc0e4e3f5a) MySQL client programs and shared libraries -------------------------------------------------------------------------------- Update Information: Update to MySQL 5.6.33, for various fixes described at -------------------------------------------------------------------------------- ================================================================================ engauge-digitizer-9.3-1.fc23 (FEDORA-2016-9a0fbcab98) Convert graphs or map files into numbers -------------------------------------------------------------------------------- Update Information: - Update to 9.3 -------------------------------------------------------------------------------- ================================================================================ firefox-49.0-2.fc23 (FEDORA-2016-de277b9183) Mozilla Firefox Web browser -------------------------------------------------------------------------------- Update Information: - New upstream version (49.0) -------------------------------------------------------------------------------- ================================================================================ flatpak-0.6.11-1.fc23 (FEDORA-2016-1951b157e2) Application deployment framework for desktop apps -------------------------------------------------------------------------------- Update Information: Flatpak 0.6.11 release. - Dashes are now allowed in application ids. However, to still work with symbolic icon names, they may not end with "-symbolic". - HostCommand now handles ptys correctly - Various documentation updates - New FLATPAK_CHECK_VERSION macro in libflatpak - HostCommand now returns the real PID rather than a fake one. - Fix regression in flatpak update --appstream - Fix regression installing bundles without origin urls - New flatpak-builder option --show-deps lists all the files the manifest depends on. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1377905 - None https://bugzilla.redhat.com/show_bug.cgi?id=1377905 -------------------------------------------------------------------------------- ================================================================================ fuse-encfs-1.9.1-1.fc23 (FEDORA-2016-e897410e81) Encrypted pass-thru filesystem in userspace -------------------------------------------------------------------------------- Update Information: Update to 1.9.1. -------------------------------------------------------------------------------- ================================================================================ gd-2.1.1-10.fc23 (FEDORA-2016-0de0e0ee0c) A graphics library for quick creation of PNG or JPEG images -------------------------------------------------------------------------------- Update Information: Security fix for gd. ---- Security fix for CVE-2016-6161 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1359777 - php,gd: Out-of-bounds access in output function in gd_gif_out.c https://bugzilla.redhat.com/show_bug.cgi?id=1359777 [ 2 ] Bug #1359800 - CVE-2016-6207 php,gd: Integer overflow error within _gdContributionsAlloc() https://bugzilla.redhat.com/show_bug.cgi?id=1359800 [ 3 ] Bug #1353550 - CVE-2016-6161 gd: Global out-of-bounds read when encoding gif from malformed gd2 input https://bugzilla.redhat.com/show_bug.cgi?id=1353550 -------------------------------------------------------------------------------- ================================================================================ gnome-shell-extension-openweather-1-0.24.20160920git39821fa.fc23 (FEDORA-2016-6588e81aa1) Display weather information from many locations in the world -------------------------------------------------------------------------------- Update Information: Switched name and url from forecast.io to Dark Sky, because they changed/unified their name, url and api. ---- Add option to configure the position of the menu-box relative to the panel-text. Added/updated language files. Update metadata.json to support newest development build of gnome-shell on rawhide. -------------------------------------------------------------------------------- ================================================================================ gnuchess-6.2.3-1.fc23 (FEDORA-2016-9efdfeb65f) The GNU chess program -------------------------------------------------------------------------------- Update Information: 6.2.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1377510 - gnuchess-6.2.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1377510 -------------------------------------------------------------------------------- ================================================================================ jansson-2.9-1.fc23 (FEDORA-2016-cc7f19cb5b) C library for encoding, decoding and manipulating JSON data -------------------------------------------------------------------------------- Update Information: Update to Jansson 2.9 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1332202 - CVE-2016-4425 jansson: stack exhaustion parsing a JSON file [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=1332202 [ 2 ] Bug #1332201 - CVE-2016-4425 jansson: stack exhaustion parsing a JSON file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1332201 [ 3 ] Bug #1375710 - Rebase jansson + patch https://bugzilla.redhat.com/show_bug.cgi?id=1375710 [ 4 ] Bug #1150479 - jansson-2.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1150479 -------------------------------------------------------------------------------- ================================================================================ julia-0.4.7-1.fc23 (FEDORA-2016-0229dee15c) High-level, high-performance dynamic language for technical computing -------------------------------------------------------------------------------- Update Information: New upstream release. -------------------------------------------------------------------------------- ================================================================================ ksensors-0.7.3-34.fc23 (FEDORA-2016-a4c932a91f) KDE frontend to lm_sensors -------------------------------------------------------------------------------- Update Information: This update fixes KSensors to no longer autostart if autostarting was explicitly disabled in the preferences. -------------------------------------------------------------------------------- ================================================================================ libburn-1.4.6-1.fc23 (FEDORA-2016-9ad4312817) Library for reading, mastering and writing optical discs -------------------------------------------------------------------------------- Update Information: libisofs 1.4.6 ============== * Bug fix: SIGSEGV by NULL when a data file was larger than ISO level allows * Bug fix: Interpretation of 17 digit timestamps was wrong * New API calls iso_generate_gpt_guid() and iso_write_opts_set_gpt_guid() * Made several pseudo-random ids reproducible by overriding volume modification time libburn and cdrskin 1.4.6 ========================= * Bug fix: SAO CD could be perceived 2 blocks to short. Regression in 1.4.4 by rev 5672 * Now operating optical drives on OpenBSD. Thanks to SASANO Takayoshi * New API call burn_drive_set_immed() * New cdrskin option use_immed_bit= libisoburn and xorriso 1.4.6 ============================ * Bug fix: The default setting of -compliance did not apply rec_mtime to Joliet and ISO:1999. mkisofs emulation was not affected by this bug * Bug fix: -file_size_limit did not increase ISO level if necessary. Thanks to Mattias Schlenker * New API calls isoburn_igopt_set_gpt_guid(), isoburn_igopt_get_gpt_guid() * New command -use_immed_bit, new -as cdrecord option use_immed_bit= * New -volume_date mode "all_file_dates" * New -as mkisofs option --set_all_file_dates * New bootspec "gpt_disk_guid=", new -as mkisofs option --gpt_disk_guid * New -report_system_area modes "gpt_disk_guid", "make_guid" * New -find action "set_to_mtime" * New environment variable SOURCE_DATE_EPOCH -------------------------------------------------------------------------------- References: [ 1 ] Bug #1377002 - libisoburn-1.4.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1377002 [ 2 ] Bug #1377006 - libburn-1.4.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1377006 [ 3 ] Bug #1377003 - libisofs-1.4.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1377003 -------------------------------------------------------------------------------- ================================================================================ libcint-2.8.7-3.fc23 (FEDORA-2016-4d56f839d1) General Gaussian-type orbitals integrals for quantum chemistry -------------------------------------------------------------------------------- Update Information: Disable aarch64 builds because of missing dependency -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357728 - Review Request: libcint - general GTO integrals for quantum chemistry https://bugzilla.redhat.com/show_bug.cgi?id=1357728 -------------------------------------------------------------------------------- ================================================================================ libisoburn-1.4.6-1.fc23 (FEDORA-2016-9ad4312817) Library to enable creation and expansion of ISO-9660 filesystems -------------------------------------------------------------------------------- Update Information: libisofs 1.4.6 ============== * Bug fix: SIGSEGV by NULL when a data file was larger than ISO level allows * Bug fix: Interpretation of 17 digit timestamps was wrong * New API calls iso_generate_gpt_guid() and iso_write_opts_set_gpt_guid() * Made several pseudo-random ids reproducible by overriding volume modification time libburn and cdrskin 1.4.6 ========================= * Bug fix: SAO CD could be perceived 2 blocks to short. Regression in 1.4.4 by rev 5672 * Now operating optical drives on OpenBSD. Thanks to SASANO Takayoshi * New API call burn_drive_set_immed() * New cdrskin option use_immed_bit= libisoburn and xorriso 1.4.6 ============================ * Bug fix: The default setting of -compliance did not apply rec_mtime to Joliet and ISO:1999. mkisofs emulation was not affected by this bug * Bug fix: -file_size_limit did not increase ISO level if necessary. Thanks to Mattias Schlenker * New API calls isoburn_igopt_set_gpt_guid(), isoburn_igopt_get_gpt_guid() * New command -use_immed_bit, new -as cdrecord option use_immed_bit= * New -volume_date mode "all_file_dates" * New -as mkisofs option --set_all_file_dates * New bootspec "gpt_disk_guid=", new -as mkisofs option --gpt_disk_guid * New -report_system_area modes "gpt_disk_guid", "make_guid" * New -find action "set_to_mtime" * New environment variable SOURCE_DATE_EPOCH -------------------------------------------------------------------------------- References: [ 1 ] Bug #1377002 - libisoburn-1.4.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1377002 [ 2 ] Bug #1377006 - libburn-1.4.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1377006 [ 3 ] Bug #1377003 - libisofs-1.4.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1377003 -------------------------------------------------------------------------------- ================================================================================ libisofs-1.4.6-1.fc23 (FEDORA-2016-9ad4312817) Library to create ISO 9660 disk images -------------------------------------------------------------------------------- Update Information: libisofs 1.4.6 ============== * Bug fix: SIGSEGV by NULL when a data file was larger than ISO level allows * Bug fix: Interpretation of 17 digit timestamps was wrong * New API calls iso_generate_gpt_guid() and iso_write_opts_set_gpt_guid() * Made several pseudo-random ids reproducible by overriding volume modification time libburn and cdrskin 1.4.6 ========================= * Bug fix: SAO CD could be perceived 2 blocks to short. Regression in 1.4.4 by rev 5672 * Now operating optical drives on OpenBSD. Thanks to SASANO Takayoshi * New API call burn_drive_set_immed() * New cdrskin option use_immed_bit= libisoburn and xorriso 1.4.6 ============================ * Bug fix: The default setting of -compliance did not apply rec_mtime to Joliet and ISO:1999. mkisofs emulation was not affected by this bug * Bug fix: -file_size_limit did not increase ISO level if necessary. Thanks to Mattias Schlenker * New API calls isoburn_igopt_set_gpt_guid(), isoburn_igopt_get_gpt_guid() * New command -use_immed_bit, new -as cdrecord option use_immed_bit= * New -volume_date mode "all_file_dates" * New -as mkisofs option --set_all_file_dates * New bootspec "gpt_disk_guid=", new -as mkisofs option --gpt_disk_guid * New -report_system_area modes "gpt_disk_guid", "make_guid" * New -find action "set_to_mtime" * New environment variable SOURCE_DATE_EPOCH -------------------------------------------------------------------------------- References: [ 1 ] Bug #1377002 - libisoburn-1.4.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1377002 [ 2 ] Bug #1377006 - libburn-1.4.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1377006 [ 3 ] Bug #1377003 - libisofs-1.4.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1377003 -------------------------------------------------------------------------------- ================================================================================ libmateweather-1.14.3-1.fc23 (FEDORA-2016-ecd8f2d661) Libraries to allow MATE Desktop to display weather information -------------------------------------------------------------------------------- Update Information: update to 1.14.3 -------------------------------------------------------------------------------- ================================================================================ mariadb-10.0.27-1.fc23 (FEDORA-2016-58f90ae3cc) A community developed branch of MySQL -------------------------------------------------------------------------------- Update Information: Update to 10.0.27, which also includes a security fix for CVE-2016-6662. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1375198 - CVE-2016-6662 mysql: general_log can write to configuration files, leading to privilege escalation https://bugzilla.redhat.com/show_bug.cgi?id=1375198 -------------------------------------------------------------------------------- ================================================================================ mongodb-3.0.12-2.fc23 (FEDORA-2016-4cedbd4308) High-performance, schema-free document-oriented database -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-6494. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1362553 - CVE-2016-6494 mongodb: world-readable .dbshell history file https://bugzilla.redhat.com/show_bug.cgi?id=1362553 -------------------------------------------------------------------------------- ================================================================================ mozjs38-38.8.0-2.fc23 (FEDORA-2016-510b0ef0ba) JavaScript interpreter and libraries -------------------------------------------------------------------------------- Update Information: Fix mozjs on aarch64 systems with 48b VA kernel. ---- Use latest code from Mozilla Firefox ESR release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1375547 - Unhandled Level1 translation fault in polkitd due to mozjs package https://bugzilla.redhat.com/show_bug.cgi?id=1375547 [ 2 ] Bug #1373210 - Please keep mozjs updated to the latest released version https://bugzilla.redhat.com/show_bug.cgi?id=1373210 -------------------------------------------------------------------------------- ================================================================================ nodejs-tough-cookie-2.3.1-1.fc23 (FEDORA-2016-286a8ec5b0) RFC6265 Cookies and Cookie Jar for Node.js -------------------------------------------------------------------------------- Update Information: Security fix for Denial of service via long string of semicolons -------------------------------------------------------------------------------- References: [ 1 ] Bug #1359818 - CVE-2016-1000232 nodejs-tough-cookie: regular expression DoS via Cookie header with many semicolons https://bugzilla.redhat.com/show_bug.cgi?id=1359818 -------------------------------------------------------------------------------- ================================================================================ perl-DateTime-Format-Pg-0.16012-2.fc23 (FEDORA-2016-a112fd7e4d) Parse and format PostgreSQL dates and times -------------------------------------------------------------------------------- Update Information: This release fixes parsing durations with fractinonal second value. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1377428 - perl Datetime::Format::Pg doesn't handle fractions of a second. https://bugzilla.redhat.com/show_bug.cgi?id=1377428 -------------------------------------------------------------------------------- ================================================================================ php-adodb-5.20.6-2.fc23 (FEDORA-2016-14bc73b990) Database abstraction layer for PHP -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-7405 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1376365 - CVE-2016-7405 php-adodb: Incorrect quoting may allow SQL injection https://bugzilla.redhat.com/show_bug.cgi?id=1376365 -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Core-2.27.0-1.fc23 (FEDORA-2016-b6c59c8030) Horde Core Framework libraries -------------------------------------------------------------------------------- Update Information: **Horde_Core 2.27.0** * [mjr] Fix BC break in Weather block (Bug #14473). * [mjr] Fix locking user account after bad logins (Bug #14467). * [mjr] Add support for EAS 16 draft email sync. -------------------------------------------------------------------------------- ================================================================================ php-jsonlint-1.4.1-1.fc23 (FEDORA-2016-f5f721e824) JSON Lint for PHP -------------------------------------------------------------------------------- Update Information: **Version 1.4.1** * Minor white-space and error wording tweaks -------------------------------------------------------------------------------- ================================================================================ php-myclabs-deep-copy-1.5.4-1.fc23 (FEDORA-2016-61df6d1662) Create deep copies (clones) of your objects -------------------------------------------------------------------------------- Update Information: **Version 1.5.4** * 50 Revert change that caused a BC break + add test ---- **Version 1.5.3** * 46 New option to use native clone behavior, i.e. call __clone(), when that method exists * 44 and #45: performance improvements * 48: documentation improvements ---- **Version 1.5.2** Fix #38 (in #43 and #42): "Notice: Undefined property: DateTime::$date" -------------------------------------------------------------------------------- ================================================================================ php-nikic-php-parser-2.1.1-1.fc23 (FEDORA-2016-2557d9558a) A PHP parser written in PHP -------------------------------------------------------------------------------- Update Information: **Version** 2.1.1 (2016-09-16) * The pretty printer will now escape all control characters in the range `\x00-\x1F` inside double quoted strings. If no special escape sequence is available, an octal escape will be used. * The quality of the error recovery has been improved. In particular unterminated expressions should be handled more gracefully. * The PHP 7 parser will now generate a parse error for `$var =& new Obj` assignments. * Comments on free- standing code blocks will no be retained as comments on the first statement in the code block. -------------------------------------------------------------------------------- ================================================================================ php-udan11-sql-parser-3.4.7-1.fc23 (FEDORA-2016-08bd6ae14c) A validating SQL lexer and parser with a focus on MySQL dialect -------------------------------------------------------------------------------- Update Information: **Version 3.4.7** - 2016-09-20 * Fix parsing of DEFINER without backquotes * Fixed escaping HTML entities in HTML formatter * Fixed escaping of control chars in CLI formatter ---- **Version 3.4.6** - 2016-09-13 * Fix parsing of REPLACE INTO ... * Fix parsing of INSERT ... ON DUPLICATE KEY UPDATE ... * Extended testsuite * Re-enabled PHP 5.3 support **Version 3.4.5** - 2016-09-13 * Fix parsing of INSERT...SELECT and INSERT...SET syntax * Fix parsing of CREATE TABLE ... PARTITION * Fix parsing of SET CHARACTER SET, CHARSET, NAMES * Add Support for 'CREATE TABLE `table_copy` LIKE `table` -------------------------------------------------------------------------------- ================================================================================ pjproject-2.4.5-6.fc23 (FEDORA-2016-cc3e741be2) Libraries for building embedded/non-embedded VoIP applications -------------------------------------------------------------------------------- Update Information: Add support for multiple listeners. More info with Ring project at SFL. -------------------------------------------------------------------------------- ================================================================================ python-carbon-0.9.15-6.fc23 (FEDORA-2016-7d67b8413b) Back-end data caching and persistence daemon for Graphite -------------------------------------------------------------------------------- Update Information: Set correct interpreter for amqp listener and publiser -------------------------------------------------------------------------------- References: [ 1 ] Bug #1285727 - Files in /var/log/carbon are never deleted https://bugzilla.redhat.com/show_bug.cgi?id=1285727 [ 2 ] Bug #1285725 - Complaints in console.log about missing /etc/carbon/storage-aggregation.conf https://bugzilla.redhat.com/show_bug.cgi?id=1285725 [ 3 ] Bug #1360469 - Please switch to upstream init scripts https://bugzilla.redhat.com/show_bug.cgi?id=1360469 -------------------------------------------------------------------------------- ================================================================================ python-inotify-0.9.6-6.fc23 (FEDORA-2016-1d45339c16) Monitor filesystem events with Python under Linux -------------------------------------------------------------------------------- Update Information: Switch to more safe loading of Python module. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1347124 - Arbitrary code execution due to insecure loading of Python module(s) from CWD https://bugzilla.redhat.com/show_bug.cgi?id=1347124 -------------------------------------------------------------------------------- ================================================================================ python-pytest-catchlog-1.2.2-2.fc23 (FEDORA-2016-a3e3bff7b1) py.test plugin to catch log messages (fork of pytest-capturelog) -------------------------------------------------------------------------------- Update Information: pytest-catchlog Fedora/EPEL initial submission. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1354113 - Review Request: python-pytest-catchlog - py.test plugin to catch log messages (fork of pytest-capturelog) https://bugzilla.redhat.com/show_bug.cgi?id=1354113 -------------------------------------------------------------------------------- ================================================================================ qbittorrent-3.3.7-1.fc23 (FEDORA-2016-c2f3b5a217) A Bittorrent Client -------------------------------------------------------------------------------- Update Information: Update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1368609 - [abrt] qbittorrent: QtSharedPointer::ExternalRefCountData::getAndRef(QObject const*)(): qbittorrent killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1368609 [ 2 ] Bug #1376294 - qbittorrent-3.3.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1376294 -------------------------------------------------------------------------------- ================================================================================ qcint-1.8.6-1.fc23 (FEDORA-2016-74d77b7c2f) An optimized libcint branch for X86 platform -------------------------------------------------------------------------------- Update Information: Initial build -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357724 - Review Request: qcint - general GTO integrals for quantum chemistry https://bugzilla.redhat.com/show_bug.cgi?id=1357724 -------------------------------------------------------------------------------- ================================================================================ recoll-1.22.3-1.fc23 (FEDORA-2016-e2df9cdbb5) Desktop full text search tool with Qt GUI -------------------------------------------------------------------------------- Update Information: Update to latest upstream release recoll 1.22.3. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1371762 - [abrt] recoll: __netlink_assert_response(): recoll killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1371762 -------------------------------------------------------------------------------- ================================================================================ screen-4.4.0-3.fc23 (FEDORA-2016-29a94027ca) A screen manager that supports multiple logins on one terminal -------------------------------------------------------------------------------- Update Information: Bugfix - Crash on new window when the terminal type is very long; fix terminal type length in option parsing error message; fix issue when ctrl+arrow_key deletes several lines of text ---- Bugfix - Crash on new window when the terminal type is very long; fix terminal type length in option parsing error message -------------------------------------------------------------------------------- References: [ 1 ] Bug #1123369 - Running vim inside screen pressing ctrl+arrow_key deletes several lines of text https://bugzilla.redhat.com/show_bug.cgi?id=1123369 [ 2 ] Bug #1350549 - Crash on new window when the terminal type is very long https://bugzilla.redhat.com/show_bug.cgi?id=1350549 -------------------------------------------------------------------------------- ================================================================================ trac-1.0.13-1.fc23 (FEDORA-2016-343d708a38) Enhanced wiki and issue tracking system -------------------------------------------------------------------------------- Update Information: https://trac.edgewall.org/wiki/TracDev/ReleaseNotes/1.0#MaintenanceRelease 1.0.13 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1376949 - Latest stable Trac is 1.2.x https://bugzilla.redhat.com/show_bug.cgi?id=1376949 -------------------------------------------------------------------------------- ================================================================================ usbguard-0.6.2-1.fc23 (FEDORA-2016-c3216d1a19) A tool for implementing USB device usage policy -------------------------------------------------------------------------------- Update Information: - Update to 0.6.2 ---- - Update to 0.6.1 - Refactored logging subsystem - Fixed handling of IPC disconnect in the IPCClient class - Improved logging coverage. Logging output can be enabled either via CLI options or by setting the USBGUARD_DEBUG environment variable to 1. - Qt Applet: Fixed handling of main window minimization and maximization - Qt Applet: UI translation support. - Qt Applet: Czech (cs_CZ) translation ---- - Update to 0.6.0 - Fixes bug in matching devices against the policy - Switched to protobuf based IPC - Backwards incompatible changes in D-Bus interface ---- - Update to 0.5.14 - Fixes unknown descriptor type handling ---- - Update to 0.5.13 - refactored USB parser to support multiple handlers per USB descriptor type - Qt Applet: device list should be always expanded - added support for an audio device related endpoint descriptor ---- - Update to 0.5.12 ---- - Ship CHANGELOG.md ---- - Update to 0.5.11 - Switched to libgcrypt for crypto - **WARNING**: Backwards incompatible changes in the way devices hashes are generated. You'll need to regenerate your policy after updating. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1353360 - [abrt] usbguard-applet-qt: __gnu_cxx::__verbose_terminate_handler()(): usbguard-applet-qt killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1353360 -------------------------------------------------------------------------------- ================================================================================ vim-syntastic-3.7.0-6.fc23 (FEDORA-2016-49c8d2132d) A vim plugins to check syntax for programming languages -------------------------------------------------------------------------------- Update Information: A vim plugins to check syntax for programming languages. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1374138 - Review Request: vim-syntastic - A vim plugins to check syntax for programming languages https://bugzilla.redhat.com/show_bug.cgi?id=1374138 -------------------------------------------------------------------------------- ================================================================================ wxGTK-2.8.12-26.fc23 (FEDORA-2016-6af21a57ce) GTK2 port of the wxWidgets GUI library -------------------------------------------------------------------------------- Update Information: wxGTK3: * Patch to resolve wxGetKeyState() crash on Wayland (#1266743) * Fix alternatives with wxGTK (#1077718). wxGTK: * setup alternatives for wxrc and wx-config (#1128365) ---- wxGTK3: * Patch to resolve wxGetKeyState() crash on Wayland (#1266743) * Fix alternatives with wxGTK (#1077718). wxGTK: * setup alternatives for wxrc and wx-config (#1128365) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1266743 - [abrt] filezilla: XKeysymToKeycode(): filezilla killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1266743 [ 2 ] Bug #1077718 - wxGTK3-devel doesn't supply a wx-config symlink https://bugzilla.redhat.com/show_bug.cgi?id=1077718 [ 3 ] Bug #1128365 - setup alternatives for wxrc and wx-config https://bugzilla.redhat.com/show_bug.cgi?id=1128365 -------------------------------------------------------------------------------- ================================================================================ wxGTK3-3.0.2-23.fc23 (FEDORA-2016-6af21a57ce) GTK port of the wxWidgets GUI library -------------------------------------------------------------------------------- Update Information: wxGTK3: * Patch to resolve wxGetKeyState() crash on Wayland (#1266743) * Fix alternatives with wxGTK (#1077718). wxGTK: * setup alternatives for wxrc and wx-config (#1128365) ---- wxGTK3: * Patch to resolve wxGetKeyState() crash on Wayland (#1266743) * Fix alternatives with wxGTK (#1077718). wxGTK: * setup alternatives for wxrc and wx-config (#1128365) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1266743 - [abrt] filezilla: XKeysymToKeycode(): filezilla killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1266743 [ 2 ] Bug #1077718 - wxGTK3-devel doesn't supply a wx-config symlink https://bugzilla.redhat.com/show_bug.cgi?id=1077718 [ 3 ] Bug #1128365 - setup alternatives for wxrc and wx-config https://bugzilla.redhat.com/show_bug.cgi?id=1128365 -------------------------------------------------------------------------------- ================================================================================ yamllint-1.4.0-1.fc23 (FEDORA-2016-804da89a11) A linter for YAML files -------------------------------------------------------------------------------- Update Information: Update to latest upstream version -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
