The following Fedora 23 Security updates need testing: Age URL 436 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23 394 https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe miniupnpc-1.9-6.fc23 367 https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324 jbig2dec-0.12-2.fc23 317 https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1 python-pymongo-3.0.3-1.fc23 317 https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8 thttpd-2.25b-37.fc23 282 https://bodhi.fedoraproject.org/updates/FEDORA-2016-637618fcd4 mingw-nsis-2.50-1.fc23 124 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8d79ade826 flex-2.6.0-2.fc23 113 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c2ec9c716e redis-3.2.3-1.fc23 106 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d6288f555c libarchive-3.2.1-3.fc23 python-libarchive-c-2.5-1.fc23 90 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b3a6435b14 dhcpcd-6.11.3-1.fc23 55 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1649cc31e0 ca-certificates-2016.2.10-1.0.fc23 48 https://bodhi.fedoraproject.org/updates/FEDORA-2016-17ea599651 compat-guile18-1.8.8-14.fc23 32 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b89e991e63 nodejs-0.10.48-1.fc23 22 https://bodhi.fedoraproject.org/updates/FEDORA-2016-272fa6b96e dracut-043-67.fc23 19 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d2828a4793 firewalld-0.4.4.1-1.fc23 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2edfd75312 zathura-pdf-mupdf-0.3.0-3.fc23 mujs-0-6.20161031gita0ceaf5.fc23 10 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5afe06026b jenkins-1.625.3-5.fc23 jenkins-remoting-2.62.3-1.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1ca07cdcde p7zip-16.02-2.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e8a8561ee7 ntp-4.2.6p5-43.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-68b71978a1 xen-4.5.5-4.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-10ec03ed27 dpkg-1.17.27-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7fc142da66 phpMyAdmin-4.6.5.1-2.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a571b97ebb php-php-gettext-1.0.12-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b4896f20b3 roundcubemail-1.2.3-1.fc23 The following Fedora 23 Critical Path updates have yet to be approved: Age URL 133 https://bodhi.fedoraproject.org/updates/FEDORA-2016-98a7a1b6e0 abrt-2.8.0-6.fc23 libreport-2.6.4-3.fc23 106 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d6288f555c libarchive-3.2.1-3.fc23 python-libarchive-c-2.5-1.fc23 67 https://bodhi.fedoraproject.org/updates/FEDORA-2016-79072fd70e python-virtkey-0.63.0-1.fc23 60 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d26923757a koji-1.10.1-13.fc23 55 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1649cc31e0 ca-certificates-2016.2.10-1.0.fc23 40 https://bodhi.fedoraproject.org/updates/FEDORA-2016-79669f13cf dmidecode-3.0-6.fc23 39 https://bodhi.fedoraproject.org/updates/FEDORA-2016-86a2119f42 nspr-4.13.1-1.fc23 24 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0906f64ec8 rpm-4.13.0-1.fc23 22 https://bodhi.fedoraproject.org/updates/FEDORA-2016-272fa6b96e dracut-043-67.fc23 19 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c72c2c5531 dnsmasq-2.76-2.fc23 15 https://bodhi.fedoraproject.org/updates/FEDORA-2016-62b8930463 pciutils-3.5.2-1.fc23 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-03d76071b6 nss-3.27.0-1.3.fc23 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c33289a2c6 breeze-icon-theme-5.27.0-2.fc23 extra-cmake-modules-5.27.0-1.fc23 kf5-5.27.0-1.fc23 kf5-attica-5.27.0-1.fc23 kf5-baloo-5.27.0-1.fc23 kf5-bluez-qt-5.27.0-1.fc23 kf5-frameworkintegration-5.27.0-1.fc23 kf5-kactivities-5.27.0-1.fc23 kf5-kactivities-stats-5.27.0-1.fc23 kf5-kapidox-5.27.0-1.fc23 kf5-karchive-5.27.0-1.fc23 kf5-kauth-5.27.0-1.fc23 kf5-kbookmarks-5.27.0-1.fc23 kf5-kcmutils-5.27.0-1.fc23 kf5-kcodecs-5.27.0-1.fc23 kf5-kcompletion-5.27.0-1.fc23 kf5-kconfig-5.27.0-1.fc23 kf5-kconfigwidgets-5.27.0-1.fc23 kf5-kcoreaddons-5.27.0-1.fc23 kf5-kcrash-5.27.0-1.fc23 kf5-kdbusaddons-5.27.0-1.fc23 kf5-kdeclarative-5.27.0-1.fc23 kf5-kded-5.27.0-1.fc23 kf5-kdelibs4support-5.27.0-1.fc23 kf5-kdesignerplugin-5.27.0-1.fc23 kf5-kdesu-5.27.0-1.fc23 kf5-kdewebkit-5.27.0-1.fc23 kf5-kdnssd-5.27.0-1.fc23 kf5-kdoctools-5.27.0-1.fc23 kf5-kemoticons-5.27.0-1.fc23 kf5-kfilemetadata-5.27.0-1.fc23 kf5-kglobalaccel-5.27.0-1.fc23 kf5-kguiad dons-5.27.0-1.fc23 kf5-khtml-5.27.0-1.fc23 kf5-ki18n-5.27.0-1.fc23 kf5-kiconthemes-5.27.0-1.fc23 kf5-kidletime-5.27.0-1.fc23 kf5-kimageformats-5.27.0-1.fc23 kf5-kinit-5.27.0-1.fc23 kf5-kio-5.27.0-1.fc23 kf5-kitemmodels-5.27.0-1.fc23 kf5-kitemviews-5.27.0-1.fc23 kf5-kjobwidgets-5.27.0-1.fc23 kf5-kjs-5.27.0-1.fc23 kf5-kjsembed-5.27.0-1.fc23 kf5-kmediaplayer-5.27.0-1.fc23 kf5-knewstuff-5.27.0-1.fc23 kf5-knotifications-5.27.0-1.fc23 kf5-knotifyconfig-5.27.0-1.fc23 kf5-kpackage-5.27.0-1.fc23 kf5-kparts-5.27.0-1.fc23 kf5-kpeople-5.27.0-1.fc23 kf5-kplotting-5.27.0-1.fc23 kf5-kpty-5.27.0-4.fc23 kf5-kross-5.27.0-1.fc23 kf5-krunner-5.27.0-1.fc23 kf5-kservice-5.27.0-1.fc23 kf5-ktexteditor-5.27.0-1.fc23 kf5-ktextwidgets-5.27.0-1.fc23 kf5-kunitconversion-5.27.0-1.fc23 kf5-kwallet-5.27.0-1.fc23 kf5-kwayland-5.27.0-1.fc23 kf5-kwidgetsaddons-5.27.0-1.fc23 kf5-kwindowsystem-5.27.0-1.fc23 kf5-kxmlgui-5.27.0-1.fc23 kf5-kxmlrpcclient-5.27.0-1.fc23 kf5-modemmanager-qt-5.27.0-1.fc23 kf5-networkmanager-qt -5.27.0-1.fc23 kf5-plasma-5.27.0-1.fc23 kf5-solid-5.27.0-1.fc23 kf5-sonnet-5.27.0-1.fc23 kf5-threadweaver-5.27.0-1.fc23 oxygen-icon-theme-5.27.0-1.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b5b28b69e2 mod_perl-2.0.10-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8ec81aeba6 dbus-1.10.14-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-79a059792b vim-8.0.104-2.fc23 The following builds have been pushed to Fedora 23 updates-testing LinLog-0.5-2.fc23 antimony-0.9.3-0.1.20161128git41a770.fc23 chrony-2.4.1-1.fc23 dbus-1.10.14-1.fc23 dnf-plugin-system-upgrade-0.7.1-2.fc23 lout-3.40-5.fc23 man-pages-cs-0.18.20090209-20.fc23 mimedefang-2.79-1.fc23 perl-Image-ExifTool-10.36-1.fc23 php-php-gettext-1.0.12-1.fc23 phpMyAdmin-4.6.5.1-2.fc23 roundcubemail-1.2.3-1.fc23 scap-security-guide-0.1.31-1.fc23 screengrab-1.2.1-1.fc23 vim-8.0.104-2.fc23 Details about builds: ================================================================================ LinLog-0.5-2.fc23 (FEDORA-2016-04ff89e9db) A ham radio logbook for Linux -------------------------------------------------------------------------------- Update Information: Update desktop file to correct for upstream rename of binary. ---- Regexp for time value changed, leading zero now required, corresponding to adif spezification Printing of qsl cards now respects printer resolution. Time of qso was not printed any longer on qsl card. ( Due to changes in qt ? ). Now fixed. You can store now eQsl cards in your database. Fixed two format bugs in date and time format. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1397763 - update 0.5 https://bugzilla.redhat.com/show_bug.cgi?id=1397763 -------------------------------------------------------------------------------- ================================================================================ antimony-0.9.3-0.1.20161128git41a770.fc23 (FEDORA-2016-888d043786) Computer-aided design CAD tool -------------------------------------------------------------------------------- Update Information: - Update to 0.9.3b (commit b9f01e) -------------------------------------------------------------------------------- ================================================================================ chrony-2.4.1-1.fc23 (FEDORA-2016-e62d5b25ee) An NTP client/server -------------------------------------------------------------------------------- Update Information: This is an update to the latest bugfix release and fix of an AVC denial when the chrony-wait service is enabled. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1350815 - systemctl restart chrony-wait causes AVC denials https://bugzilla.redhat.com/show_bug.cgi?id=1350815 -------------------------------------------------------------------------------- ================================================================================ dbus-1.10.14-1.fc23 (FEDORA-2016-8ec81aeba6) D-BUS message bus -------------------------------------------------------------------------------- Update Information: Update to 1.10.14 -------------------------------------------------------------------------------- ================================================================================ dnf-plugin-system-upgrade-0.7.1-2.fc23 (FEDORA-2016-d5f5cda49d) System Upgrade plugin for DNF -------------------------------------------------------------------------------- Update Information: Make sure that the main package with the systemd service is always installed if the dnf plugin is. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1395686 - missing dependency on dnf-plugin-system-upgrade prevents dnf system-upgrade reboot from working https://bugzilla.redhat.com/show_bug.cgi?id=1395686 -------------------------------------------------------------------------------- ================================================================================ lout-3.40-5.fc23 (FEDORA-2016-e5149d72e5) A document formatting system -------------------------------------------------------------------------------- Update Information: Unification of SPEC file and rebuild in all supported branches. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1201246 - Upgrade to 3.40 https://bugzilla.redhat.com/show_bug.cgi?id=1201246 -------------------------------------------------------------------------------- ================================================================================ man-pages-cs-0.18.20090209-20.fc23 (FEDORA-2016-9ff3543b97) Czech man pages from the Linux Documentation Project -------------------------------------------------------------------------------- Update Information: Add deprecation warning to all man pages -------------------------------------------------------------------------------- References: [ 1 ] Bug #1324481 - The Czech manpages are outdated https://bugzilla.redhat.com/show_bug.cgi?id=1324481 -------------------------------------------------------------------------------- ================================================================================ mimedefang-2.79-1.fc23 (FEDORA-2016-a46c366067) E-Mail filtering framework using Sendmail's Milter interface -------------------------------------------------------------------------------- Update Information: MIMEDefang 2.79 =============== * Add the --data-dump option to scripts /mimedefang-util * Improve Postfix compatibility by trying to get QueueID after first RCPT command, and if not found, at the EOH milter phase * Make mimedefang-multiplexor exit with a successful return code upon receipt of SIGTERM * Use 64-bit variables where supported for some statstics counters that could overflow with only 32-bit variables, yielding incorrect statistics * Fix configure.in to correctly detect that an embedded Perl interpreter can be destroyed/recreated on systems that need the -pthread GCC flag -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380052 - mimedefang-2.79 is available https://bugzilla.redhat.com/show_bug.cgi?id=1380052 -------------------------------------------------------------------------------- ================================================================================ perl-Image-ExifTool-10.36-1.fc23 (FEDORA-2016-9565540a61) Utility for reading and writing image meta info -------------------------------------------------------------------------------- Update Information: Update to 10.36, latest stable release. -------------------------------------------------------------------------------- ================================================================================ php-php-gettext-1.0.12-1.fc23 (FEDORA-2016-a571b97ebb) Gettext emulation in PHP -------------------------------------------------------------------------------- Update Information: php-gettext 1.0.12 ================== * Security fix for potential code injection bug (LP#1515334) * Do not assume mbstring functions are always there, pass text through if they aren't (LP#734494) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1367462 - php-php-gettext: Arbitrary code execution in select_string, ngettext and npgettext count parameter https://bugzilla.redhat.com/show_bug.cgi?id=1367462 -------------------------------------------------------------------------------- ================================================================================ phpMyAdmin-4.6.5.1-2.fc23 (FEDORA-2016-7fc142da66) Handle the administration of MySQL over the World Wide Web -------------------------------------------------------------------------------- Update Information: phpMyAdmin 4.6.5.1 (2016-11-26) =============================== A patch-level release fixing two small issues: * an issue affecting a small number of users using $cfg['Servers'][$i]['hide_db'] or $cfg['Servers'][$i]['only_db']. * an issue affecting the create table dialog where the partition selection tool was overzealous and made it difficult to create a new table. There are also minor improvements to the Czech language file. phpMyAdmin 4.6.5 (2016-11-25) ============================= A release containing security fixes and bug fixes. Aside from the security improvements, many bugs have been fixed including: * Fix for expanding in navigation pane * Reintroduced a simplified version of PmaAbsoluteUri directive (needed with reverse proxies) * Fix editing of ENUM/SET/DECIMAL field structures * Improvements to the parser And many, many more. Please see the ChangeLog for full details of bugs fixes. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1399197 - CVE-2016-4412 phpMyAdmin: Multiple vulnerabilities fixed in 4.0.10.18, 4.4.15.9 and 4.6.5 versions https://bugzilla.redhat.com/show_bug.cgi?id=1399197 -------------------------------------------------------------------------------- ================================================================================ roundcubemail-1.2.3-1.fc23 (FEDORA-2016-b4896f20b3) Round Cube Webmail is a browser-based multilingual IMAP client -------------------------------------------------------------------------------- Update Information: **Version 1.2.3** - Searching in both contacts and groups when LDAP addressbook with group_filters option is used - Fix vulnerability in handling of mail()'s 5th argument - Fix To: header encoding in mail sent with mail() method (#5475) - Fix flickering of header topline in min-mode (#5426) - Fix bug where folders list would scroll to top when clicking on subscription checkbox (#5447) - Fix decoding of GB2312/GBK text when iconv is not installed (#5448) - Fix regression where creation of default folders wasn't functioning without prefix (#5460) - Enigma: Fix bug where last records on keys list were hidden (#5461) - Enigma: Fix key search with keyword containing non-ascii characters (#5459) - Fix bug where deleting folders with subfolders could fail in some cases (#5466) - Fix bug where IMAP password could be exposed via error message (#5472) - Fix bug where it wasn't possible to store more that 2MB objects in memcache/apc, Added memcache_max_allowed_packet and apc_max_allowed_packet settings (#5452) - Fix "Illegal string offset" warning in rcube::log_bug() on PHP 7.1 (#5508) - Fix storing "empty" values in rcube_cache/rcube_cache_shared (#5519) - Fix missing content check when image resize fails on attachment thumbnail generation (#5485) - Fix displaying attached images with wrong Content-Type specified (#5527) -------------------------------------------------------------------------------- ================================================================================ scap-security-guide-0.1.31-1.fc23 (FEDORA-2016-8ad41cc4f9) Security guidance and baselines in SCAP formats -------------------------------------------------------------------------------- Update Information: update to the latest upstream release -------------------------------------------------------------------------------- ================================================================================ screengrab-1.2.1-1.fc23 (FEDORA-2016-643c82b484) Screen grabber -------------------------------------------------------------------------------- Update Information: Version bump -------------------------------------------------------------------------------- ================================================================================ vim-8.0.104-2.fc23 (FEDORA-2016-79a059792b) The VIM editor -------------------------------------------------------------------------------- Update Information: Do not ship vim.desktop -------------------------------------------------------------------------------- References: [ 1 ] Bug #1398212 - Don't install vim.desktop file https://bugzilla.redhat.com/show_bug.cgi?id=1398212 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
