The following Fedora 23 Security updates need testing: Age URL 408 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23 365 https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe miniupnpc-1.9-6.fc23 338 https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324 jbig2dec-0.12-2.fc23 289 https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1 python-pymongo-3.0.3-1.fc23 288 https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8 thttpd-2.25b-37.fc23 254 https://bodhi.fedoraproject.org/updates/FEDORA-2016-637618fcd4 mingw-nsis-2.50-1.fc23 95 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8d79ade826 flex-2.6.0-2.fc23 84 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c2ec9c716e redis-3.2.3-1.fc23 77 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d6288f555c libarchive-3.2.1-3.fc23 python-libarchive-c-2.5-1.fc23 75 https://bodhi.fedoraproject.org/updates/FEDORA-2016-47dc2b203f firewalld-0.4.3.3-1.fc23 61 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b3a6435b14 dhcpcd-6.11.3-1.fc23 27 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1649cc31e0 ca-certificates-2016.2.10-1.0.fc23 19 https://bodhi.fedoraproject.org/updates/FEDORA-2016-17ea599651 compat-guile18-1.8.8-14.fc23 18 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ee56c530fa epiphany-3.18.8-1.fc23 webkitgtk4-2.14.1-1.fc23 18 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c1bb366e5b dbus-1.10.12-1.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6c789ba91d jasper-1.900.13-1.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4094bd4ad6 tomcat-8.0.38-1.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-21f0de504c libXi-1.7.8-2.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f7a079f775 kdepimlibs-4.14.10-15.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-568c7ff4f6 quagga-0.99.24.1-3.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b89e991e63 nodejs-0.10.48-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-012de4c97e chromium-54.0.2840.71-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-da6b1d277b xen-4.5.5-3.fc23 The following Fedora 23 Critical Path updates have yet to be approved: Age URL 104 https://bodhi.fedoraproject.org/updates/FEDORA-2016-98a7a1b6e0 abrt-2.8.0-6.fc23 libreport-2.6.4-3.fc23 77 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d6288f555c libarchive-3.2.1-3.fc23 python-libarchive-c-2.5-1.fc23 38 https://bodhi.fedoraproject.org/updates/FEDORA-2016-79072fd70e python-virtkey-0.63.0-1.fc23 32 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d26923757a koji-1.10.1-13.fc23 27 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1649cc31e0 ca-certificates-2016.2.10-1.0.fc23 18 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c1bb366e5b dbus-1.10.12-1.fc23 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-79669f13cf dmidecode-3.0-6.fc23 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3da7667d60 sane-backends-1.0.25-4.fc23 10 https://bodhi.fedoraproject.org/updates/FEDORA-2016-86a2119f42 nspr-4.13.1-1.fc23 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4379c6e6d6 libfm-1.2.4-8.D20161017git82b3a1a201.fc23 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4a8ab1b8bc menu-cache-1.0.1-3.D20161021git441f0ca9a1.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b06386d473 pcre-8.39-6.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6c789ba91d jasper-1.900.13-1.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f7a079f775 kdepimlibs-4.14.10-15.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-21f0de504c libXi-1.7.8-2.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a0a575d718 libraw1394-2.1.2-1.fc23 The following builds have been pushed to Fedora 23 updates-testing amanda-3.4-3.fc23 calcurse-4.2.1-1.fc23 dovecot-2.2.26.0-1.fc23 gnome-chemistry-utils-0.14.15-1.fc23 gnuchess-6.2.4-1.fc23 goffice-0.10.32-2.fc23 lighttpd-1.4.43-1.fc23 mediawriter-4.0.0-2.fc23 petsc-3.7.4-12.fc23 php-Analog-1.0.9-1.fc23 python-line_profiler-2.0-1.fc23 python-scour-0.35-2.fc23 whois-5.2.13-1.fc23 Details about builds: ================================================================================ amanda-3.4-3.fc23 (FEDORA-2016-c496e020d0) A network-capable tape backup solution -------------------------------------------------------------------------------- Update Information: amanda-3.4 is available -------------------------------------------------------------------------------- References: [ 1 ] Bug #1386434 - amanda-3.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1386434 -------------------------------------------------------------------------------- ================================================================================ calcurse-4.2.1-1.fc23 (FEDORA-2016-c47ed8d538) Text-based personal organizer -------------------------------------------------------------------------------- Update Information: 4.2.1 -------------------------------------------------------------------------------- ================================================================================ dovecot-2.2.26.0-1.fc23 (FEDORA-2016-00d74f60c5) Secure imap and pop3 server -------------------------------------------------------------------------------- Update Information: * dovecot and pigeonhole updated * master: Removed hardcoded 511 backlog limit for listen(). The kernel should limit this as needed. * doveadm import: Source user is now initialized the same as target user. Added -U parameter to override the source user. * Mailbox names are no longer limited to 16 hierarchy levels. We'll check another way to make sure mailbox names can't grow larger than 4096 bytes. + Added a concept of "alternative usernames" by returning user_* extra field(s) in passdb. doveadm proxy list shows these alt usernames in "doveadm proxy list" output. "doveadm director&proxy kick" adds -f <passdb field> parameter. The alt usernames don't have to be unique, so this allows creation of user groups and kicking them in one command. + auth: passdb/userdb dict allows now %variables in key settings. + auth: If passdb returns noauthenticate=yes extra field, assume that it only set extra fields and authentication wasn't actually performed. + auth: passdb static now supports password={scheme} prefix. + auth, login_log_format_elements: Added %{local_name} variable, which expands to TLS SNI hostname if given. + imapc: Added imapc_max_line_length to limit maximum memory usage. + imap, pop3: Added rawlog_dir setting to store IMAP/POP3 traffic logs. This replaces at least partially the rawlog plugin. + dsync: Added dsync_features=empty-header- workaround setting. This makes incremental dsyncs work better for servers that randomly return empty headers for mails. When an empty header is seen for an existing mail, dsync assumes that it matches the local mail. + doveadm sync/backup: Added -I <max size> parameter to skip too large mails. + doveadm sync/backup: Fixed -t parameter and added -e for "end date". + doveadm mailbox metadata: Added -s parameter to allow accessing server metadata by using empty mailbox name. + Added "doveadm service status" and "doveadm process status" commands. + director: Added director_flush_socket. See http://wiki2.dovecot.org/Director#Flush_socket + doveadm director flush: Users are now moved only max 100 at a time to avoid load spikes. --max-parallel parameter overrides this. + Added FILE_LOCK_SLOW_WARNING_MSECS environment, which logs a warning if any lock is waited on or kept for this many milliseconds. - master process's listener socket was leaked to all child processes. This might have allowed untrusted processes to capture and prevent "doveadm service stop" comands from working. - login proxy: Fixed crash when outgoing SSL connections were hanging. - auth: userdb fields weren't passed to auth-workers, so %{userdb:*} from previous userdbs didn't work there. - auth: Each userdb lookup from cache reset its TTL. - auth: Fixed auth_bind=yes + sasl_bind=yes to work together - auth: Blocking userdb lookups reset extra fields set by previous userdbs. - auth: Cache keys didn't include %{passdb:*} and %{userdb:*} - auth-policy: Fixed crash due to using already- freed memory if policy lookup takes longer than auth request exists. - lib- auth: Unescape passdb/userdb extra fields. Mainly affected returning extra fields with LFs or TABs. - lmtp_user_concurrency_limit>0 setting was logging unnecessary anvil errors. - lmtp_user_concurrency_limit is now checked before quota check with lmtp_rcpt_check_quota=yes to avoid unnecessary quota work. - lmtp: %{userdb:*} variables didn't work in mail_log_prefix - autoexpunge settings for mailboxes with wildcards didn't work when namespace prefix was non-empty. - Fixed writing >2GB to iostream-temp files (used by fs- compress, fs-metawrap, doveadm-http) - director: Ignore duplicates in director_servers setting. - director: Many fixes related to connection handshaking, user moving and error handling. - director: Don't break with shutdown_clients=no - zlib, IMAP BINARY: Fixed internal caching when accessing multiple newly created mails. They all had UID=0 and the next mail could have wrongly used the previously cached mail. - doveadm stats reset wasn't reseting all the stats. - auth_stats=yes: Don't update num_logins, since it doubles them when using with mail stats. - quota count: Fixed deadlocks when updating vsize header. - dict-quota: Fixed crashes happening due to memory corruption. - dict proxy: Fixed various timeout-related bugs. - doveadm proxying: Fixed -A and -u wildcard handling. - doveadm proxying: Fixed hangs and bugs related to printing. - imap: Fixed wrongly triggering assert-crash in client_check_command_hangs. - imap proxy: Don't send ID command pipelined with nopipelining=yes - imap-hibernate: Don't execute quota_over_script or last_login after un-hibernation. - imap-hibernate: Don't un-hibernate if client sends DONE+IDLE in one IP packet. - imap-hibernate: Fixed various failures when un-hibernating. - fts: fts_autoindex=yes was broken in 2.2.25 unless fts_autoindex_exclude settings existed. - fts-solr: Fixed searching multiple mailboxes (patch by x16a0) - doveadm fetch body.snippet wasn't working in 2.2.25. Also fixed a crash with certain emails. - pop3-migration + dbox: Various fixes related to POP3 UIDL optimization in 2.2.25. - pop3-migration: Fixed "truncated email header" workaround. -------------------------------------------------------------------------------- ================================================================================ gnome-chemistry-utils-0.14.15-1.fc23 (FEDORA-2016-e80a796d2f) A set of chemical utilities -------------------------------------------------------------------------------- Update Information: Added lasem support and updated to latest upstream release: * https://wiki.gnome.org/Projects/Lasem * https://savannah.nongnu.org/forum/forum.php?forum_id=8725 -------------------------------------------------------------------------------- ================================================================================ gnuchess-6.2.4-1.fc23 (FEDORA-2016-5a668f6fc5) The GNU chess program -------------------------------------------------------------------------------- Update Information: 6.2.4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1389898 - gnuchess-6.2.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1389898 -------------------------------------------------------------------------------- ================================================================================ goffice-0.10.32-2.fc23 (FEDORA-2016-e80a796d2f) G Office support libraries -------------------------------------------------------------------------------- Update Information: Added lasem support and updated to latest upstream release: * https://wiki.gnome.org/Projects/Lasem * https://savannah.nongnu.org/forum/forum.php?forum_id=8725 -------------------------------------------------------------------------------- ================================================================================ lighttpd-1.4.43-1.fc23 (FEDORA-2016-9559e1b00d) Lightning fast webserver with light system requirements -------------------------------------------------------------------------------- Update Information: 1.4.43 ---- Split out mysql and gssapi authn modules. ---- 1.4.42, now with upstream mod_geoip. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1385640 - lighttpd-1.4.42 is available https://bugzilla.redhat.com/show_bug.cgi?id=1385640 -------------------------------------------------------------------------------- ================================================================================ mediawriter-4.0.0-2.fc23 (FEDORA-2016-b5af28b3f9) Fedora Media Writer -------------------------------------------------------------------------------- Update Information: Update to 4.0.0 ---- Update to 3.97.2 -------------------------------------------------------------------------------- ================================================================================ petsc-3.7.4-12.fc23 (FEDORA-2016-185beddccc) Portable Extensible Toolkit for Scientific Computation -------------------------------------------------------------------------------- Update Information: - New package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1350257 - Review Request: petsc - Portable Extensible Toolkit for Scientific Computation https://bugzilla.redhat.com/show_bug.cgi?id=1350257 -------------------------------------------------------------------------------- ================================================================================ php-Analog-1.0.9-1.fc23 (FEDORA-2016-a989412a88) PHP micro logging package -------------------------------------------------------------------------------- Update Information: Last upstream release, use fedora autoloader -------------------------------------------------------------------------------- ================================================================================ python-line_profiler-2.0-1.fc23 (FEDORA-2016-7097edfc68) Line-by-line profiler for python -------------------------------------------------------------------------------- Update Information: Update line_profiler to version 2.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1387463 - python-line_profiler-2.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1387463 -------------------------------------------------------------------------------- ================================================================================ python-scour-0.35-2.fc23 (FEDORA-2016-3565264129) An SVG scrubber -------------------------------------------------------------------------------- Update Information: Inital build of python-scour. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1389784 - None https://bugzilla.redhat.com/show_bug.cgi?id=1389784 [ 2 ] Bug #1389772 - None https://bugzilla.redhat.com/show_bug.cgi?id=1389772 -------------------------------------------------------------------------------- ================================================================================ whois-5.2.13-1.fc23 (FEDORA-2016-9ab35cae21) Improved WHOIS client -------------------------------------------------------------------------------- Update Information: This release updates disclaimer detection for crsnic.net server. It adds records for new ASN and IPv4 allocations and many new generic TLDs. It also updates records for jobs., mobi., and bd. domains. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1390038 - whois-5.2.13 is available https://bugzilla.redhat.com/show_bug.cgi?id=1390038 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
