The following Fedora 23 Security updates need testing: Age URL 438 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23 396 https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe miniupnpc-1.9-6.fc23 369 https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324 jbig2dec-0.12-2.fc23 319 https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1 python-pymongo-3.0.3-1.fc23 319 https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8 thttpd-2.25b-37.fc23 284 https://bodhi.fedoraproject.org/updates/FEDORA-2016-637618fcd4 mingw-nsis-2.50-1.fc23 125 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8d79ade826 flex-2.6.0-2.fc23 114 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c2ec9c716e redis-3.2.3-1.fc23 107 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d6288f555c libarchive-3.2.1-3.fc23 python-libarchive-c-2.5-1.fc23 91 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b3a6435b14 dhcpcd-6.11.3-1.fc23 57 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1649cc31e0 ca-certificates-2016.2.10-1.0.fc23 49 https://bodhi.fedoraproject.org/updates/FEDORA-2016-17ea599651 compat-guile18-1.8.8-14.fc23 34 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b89e991e63 nodejs-0.10.48-1.fc23 24 https://bodhi.fedoraproject.org/updates/FEDORA-2016-272fa6b96e dracut-043-67.fc23 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5afe06026b jenkins-1.625.3-5.fc23 jenkins-remoting-2.62.3-1.fc23 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1ca07cdcde p7zip-16.02-2.fc23 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e8a8561ee7 ntp-4.2.6p5-43.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-68b71978a1 xen-4.5.5-4.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-10ec03ed27 dpkg-1.17.27-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7fc142da66 phpMyAdmin-4.6.5.1-2.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a571b97ebb php-php-gettext-1.0.12-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b4896f20b3 roundcubemail-1.2.3-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a820774fc2 kernel-4.8.11-100.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-bf6c3ea62c perl-DBD-MySQL-4.033-4.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-75c323ccbe thunderbird-45.5.0-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7da97a3914 mcabber-1.0.4-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9c33466fbb tomcat-8.0.39-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d2cbcd602d firefox-50.0.2-1.fc23 The following Fedora 23 Critical Path updates have yet to be approved: Age URL 134 https://bodhi.fedoraproject.org/updates/FEDORA-2016-98a7a1b6e0 abrt-2.8.0-6.fc23 libreport-2.6.4-3.fc23 107 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d6288f555c libarchive-3.2.1-3.fc23 python-libarchive-c-2.5-1.fc23 69 https://bodhi.fedoraproject.org/updates/FEDORA-2016-79072fd70e python-virtkey-0.63.0-1.fc23 62 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d26923757a koji-1.10.1-13.fc23 57 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1649cc31e0 ca-certificates-2016.2.10-1.0.fc23 42 https://bodhi.fedoraproject.org/updates/FEDORA-2016-79669f13cf dmidecode-3.0-6.fc23 40 https://bodhi.fedoraproject.org/updates/FEDORA-2016-86a2119f42 nspr-4.13.1-1.fc23 25 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0906f64ec8 rpm-4.13.0-1.fc23 24 https://bodhi.fedoraproject.org/updates/FEDORA-2016-272fa6b96e dracut-043-67.fc23 20 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c72c2c5531 dnsmasq-2.76-2.fc23 16 https://bodhi.fedoraproject.org/updates/FEDORA-2016-62b8930463 pciutils-3.5.2-1.fc23 14 https://bodhi.fedoraproject.org/updates/FEDORA-2016-03d76071b6 nss-3.27.0-1.3.fc23 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c33289a2c6 breeze-icon-theme-5.27.0-2.fc23 extra-cmake-modules-5.27.0-1.fc23 kf5-5.27.0-1.fc23 kf5-attica-5.27.0-1.fc23 kf5-baloo-5.27.0-1.fc23 kf5-bluez-qt-5.27.0-1.fc23 kf5-frameworkintegration-5.27.0-1.fc23 kf5-kactivities-5.27.0-1.fc23 kf5-kactivities-stats-5.27.0-1.fc23 kf5-kapidox-5.27.0-1.fc23 kf5-karchive-5.27.0-1.fc23 kf5-kauth-5.27.0-1.fc23 kf5-kbookmarks-5.27.0-1.fc23 kf5-kcmutils-5.27.0-1.fc23 kf5-kcodecs-5.27.0-1.fc23 kf5-kcompletion-5.27.0-1.fc23 kf5-kconfig-5.27.0-1.fc23 kf5-kconfigwidgets-5.27.0-1.fc23 kf5-kcoreaddons-5.27.0-1.fc23 kf5-kcrash-5.27.0-1.fc23 kf5-kdbusaddons-5.27.0-1.fc23 kf5-kdeclarative-5.27.0-1.fc23 kf5-kded-5.27.0-1.fc23 kf5-kdelibs4support-5.27.0-1.fc23 kf5-kdesignerplugin-5.27.0-1.fc23 kf5-kdesu-5.27.0-1.fc23 kf5-kdewebkit-5.27.0-1.fc23 kf5-kdnssd-5.27.0-1.fc23 kf5-kdoctools-5.27.0-1.fc23 kf5-kemoticons-5.27.0-1.fc23 kf5-kfilemetadata-5.27.0-1.fc23 kf5-kglobalaccel-5.27.0-1.fc23 kf5-kguiad dons-5.27.0-1.fc23 kf5-khtml-5.27.0-1.fc23 kf5-ki18n-5.27.0-1.fc23 kf5-kiconthemes-5.27.0-1.fc23 kf5-kidletime-5.27.0-1.fc23 kf5-kimageformats-5.27.0-1.fc23 kf5-kinit-5.27.0-1.fc23 kf5-kio-5.27.0-1.fc23 kf5-kitemmodels-5.27.0-1.fc23 kf5-kitemviews-5.27.0-1.fc23 kf5-kjobwidgets-5.27.0-1.fc23 kf5-kjs-5.27.0-1.fc23 kf5-kjsembed-5.27.0-1.fc23 kf5-kmediaplayer-5.27.0-1.fc23 kf5-knewstuff-5.27.0-1.fc23 kf5-knotifications-5.27.0-1.fc23 kf5-knotifyconfig-5.27.0-1.fc23 kf5-kpackage-5.27.0-1.fc23 kf5-kparts-5.27.0-1.fc23 kf5-kpeople-5.27.0-1.fc23 kf5-kplotting-5.27.0-1.fc23 kf5-kpty-5.27.0-4.fc23 kf5-kross-5.27.0-1.fc23 kf5-krunner-5.27.0-1.fc23 kf5-kservice-5.27.0-1.fc23 kf5-ktexteditor-5.27.0-1.fc23 kf5-ktextwidgets-5.27.0-1.fc23 kf5-kunitconversion-5.27.0-1.fc23 kf5-kwallet-5.27.0-1.fc23 kf5-kwayland-5.27.0-1.fc23 kf5-kwidgetsaddons-5.27.0-1.fc23 kf5-kwindowsystem-5.27.0-1.fc23 kf5-kxmlgui-5.27.0-1.fc23 kf5-kxmlrpcclient-5.27.0-1.fc23 kf5-modemmanager-qt-5.27.0-1.fc23 kf5-networkmanager-qt -5.27.0-1.fc23 kf5-plasma-5.27.0-1.fc23 kf5-solid-5.27.0-1.fc23 kf5-sonnet-5.27.0-1.fc23 kf5-threadweaver-5.27.0-1.fc23 oxygen-icon-theme-5.27.0-1.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b5b28b69e2 mod_perl-2.0.10-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8ec81aeba6 dbus-1.10.14-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-79a059792b vim-8.0.104-2.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d2cbcd602d firefox-50.0.2-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-75c323ccbe thunderbird-45.5.0-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-bf6c3ea62c perl-DBD-MySQL-4.033-4.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a820774fc2 kernel-4.8.11-100.fc23 The following builds have been pushed to Fedora 23 updates-testing R-qtl-1.40.8-1.fc23 bodhi-0.9.12.2-4.fc23 deja-dup-34.3-1.fc23 distribution-gpg-keys-1.9-1.fc23 dmlite-0.8.4-1.fc23 email2trac-2.10.0-1.fc23 firefox-50.0.2-1.fc23 iftop-1.0-0.12.pre4.fc23 java-1.8.0-openjdk-1.8.0.111-4.b16.fc23 kernel-4.8.11-100.fc23 mcabber-1.0.4-1.fc23 mirmon-2.11-1.fc23 notmuch-0.23.3-1.fc23 perl-DBD-MySQL-4.033-4.fc23 perl-Perl-Critic-Pulp-92-1.fc23 php-punic-1.6.4-1.fc23 recoverjpeg-2.6.1-1.fc23 smb4k-1.2.2-1.fc23 thunderbird-45.5.0-1.fc23 tomcat-8.0.39-1.fc23 Details about builds: ================================================================================ R-qtl-1.40.8-1.fc23 (FEDORA-2016-fe60fec39a) Tools for analyzing QTL experiments -------------------------------------------------------------------------------- Update Information: Version 1.40, 2016-10-31 Major changes: - cim() now halts with an error for cross type "4way". The method has not been implemented for 4-way crosses, and the results are not meaningful. Minor changes: - Small change to the way Bayesian credible intervals are calculated by bayesint(), concerning the treatment of widths of intervals between positions. - Fix bug in switchAlleles() so that it works with cross type "bcsft" (and will give an appropriate error message for unsupported cross types). - sim.cross gives a warning if model is specified but not used (this is the case for RILs, where we've not implemented the simulation of QTL effects) - plot.pxg (aka plotPXG) passes ... to plot(), so now you can control the y-axis limits via ylim. - Fixed a problem with column names of output of scantwopermhk. -------------------------------------------------------------------------------- ================================================================================ bodhi-0.9.12.2-4.fc23 (FEDORA-2016-59cac52504) A modular framework that facilitates publishing software updates -------------------------------------------------------------------------------- Update Information: Add a requires on python2-dnf to the client -------------------------------------------------------------------------------- References: [ 1 ] Bug #1366229 - Missing Requires python2-dnf https://bugzilla.redhat.com/show_bug.cgi?id=1366229 -------------------------------------------------------------------------------- ================================================================================ deja-dup-34.3-1.fc23 (FEDORA-2016-2de433006a) Simple backup tool and frontend for duplicity -------------------------------------------------------------------------------- Update Information: https://launchpad.net/deja-dup/+announcement/14368 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1400115 - deja-dup-34.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1400115 -------------------------------------------------------------------------------- ================================================================================ distribution-gpg-keys-1.9-1.fc23 (FEDORA-2016-730aae3fa3) GPG keys of various Linux distributions -------------------------------------------------------------------------------- Update Information: - add new Copr' keys - add Fedora 26 keys - add more CentOS 7 keys (aarch64, debug, SIGs, testing) -------------------------------------------------------------------------------- ================================================================================ dmlite-0.8.4-1.fc23 (FEDORA-2016-cadf273fc6) Lcgdm grid data management and storage framework -------------------------------------------------------------------------------- Update Information: * new upstrem release ---- * new upstream release ---- * new upstream release ---- * bug fixes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1384305 - dnf upgrade produces error msgs https://bugzilla.redhat.com/show_bug.cgi?id=1384305 -------------------------------------------------------------------------------- ================================================================================ email2trac-2.10.0-1.fc23 (FEDORA-2016-b21c35ed8d) Utilities for converting emails to trac tickets -------------------------------------------------------------------------------- Update Information: Update email2trac to the latest stable release. See the [upstream changelog](https://gitlab.com/surfsara/email2trac/blob/master/ChangeLog) for the full list of changes. -------------------------------------------------------------------------------- ================================================================================ firefox-50.0.2-1.fc23 (FEDORA-2016-d2cbcd602d) Mozilla Firefox Web browser -------------------------------------------------------------------------------- Update Information: - Update to new upstream (50.0.2) - fixes the 0-day vulnerability -------------------------------------------------------------------------------- ================================================================================ iftop-1.0-0.12.pre4.fc23 (FEDORA-2016-54fc3c907c) Command line tool that displays bandwidth usage on an interface -------------------------------------------------------------------------------- Update Information: - Added patch to fix broken MAC address output (#1063298, #1165349) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1063298 - MAC address incorrectly displayed https://bugzilla.redhat.com/show_bug.cgi?id=1063298 -------------------------------------------------------------------------------- ================================================================================ java-1.8.0-openjdk-1.8.0.111-4.b16.fc23 (FEDORA-2016-e40387f6df) OpenJDK Runtime Environment -------------------------------------------------------------------------------- Update Information: disabled accidentally enabled (not working) system security settings -------------------------------------------------------------------------------- ================================================================================ kernel-4.8.11-100.fc23 (FEDORA-2016-a820774fc2) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 4.8.11 stable kernel update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1395187 - CVE-2016-8650 kernel: Null pointer dereference via keyctl https://bugzilla.redhat.com/show_bug.cgi?id=1395187 -------------------------------------------------------------------------------- ================================================================================ mcabber-1.0.4-1.fc23 (FEDORA-2016-7da97a3914) Console Jabber instant messaging client -------------------------------------------------------------------------------- Update Information: update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1397220 - mcabber-1.0.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1397220 -------------------------------------------------------------------------------- ================================================================================ mirmon-2.11-1.fc23 (FEDORA-2016-f6d818fc00) Monitor the status of mirrors -------------------------------------------------------------------------------- Update Information: New upstream vesion, 2.11 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1359445 - mirmon-2.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=1359445 -------------------------------------------------------------------------------- ================================================================================ notmuch-0.23.3-1.fc23 (FEDORA-2016-47e0499b0d) System for indexing, searching, and tagging email -------------------------------------------------------------------------------- Update Information: Latest upstream: https://notmuchmail.org/news/ -------------------------------------------------------------------------------- References: [ 1 ] Bug #1396859 - notmuch-0.23.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1396859 -------------------------------------------------------------------------------- ================================================================================ perl-DBD-MySQL-4.033-4.fc23 (FEDORA-2016-bf6c3ea62c) A MySQL interface for Perl -------------------------------------------------------------------------------- Update Information: This release fixes CVE-2016-1249 (out-of-bound read when using server-side prepared statements) and CVE-2016-1251 vulnerability (a use after free when using prepared statements). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1395591 - CVE-2016-1249 perl-DBD-MySQL: Out-of-bounds read when using server-side prepared statement support https://bugzilla.redhat.com/show_bug.cgi?id=1395591 [ 2 ] Bug #1399580 - CVE-2016-1251 perl-DBD-MySQL: Use after free when using prepared statements https://bugzilla.redhat.com/show_bug.cgi?id=1399580 -------------------------------------------------------------------------------- ================================================================================ perl-Perl-Critic-Pulp-92-1.fc23 (FEDORA-2016-177bbd6ad1) Some add-on perlcritic policies -------------------------------------------------------------------------------- Update Information: This release restores compatibility with old perls. We deliver it only to provide up-to-date version string. ---- This release allows =cut directive without a blank line before. It also accepts example.com URLs. In addition, documentation was improved. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1400224 - perl-Perl-Critic-Pulp-92 is available https://bugzilla.redhat.com/show_bug.cgi?id=1400224 [ 2 ] Bug #1398478 - perl-Perl-Critic-Pulp-91 is available https://bugzilla.redhat.com/show_bug.cgi?id=1398478 -------------------------------------------------------------------------------- ================================================================================ php-punic-1.6.4-1.fc23 (FEDORA-2016-a8871a95b6) PHP-Unicode CLDR -------------------------------------------------------------------------------- Update Information: ## v1.6.4 * Fix edge case when `\Collator` is an alias of `\Symfony\Component\Intl\Collator\Collator` -------------------------------------------------------------------------------- References: [ 1 ] Bug #1397224 - php-punic-1.6.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1397224 -------------------------------------------------------------------------------- ================================================================================ recoverjpeg-2.6.1-1.fc23 (FEDORA-2016-67fd1d6c2f) Recover JPEG pictures and MOV movies from damaged devices -------------------------------------------------------------------------------- Update Information: update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1394479 - recoverjpeg-2.6.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1394479 -------------------------------------------------------------------------------- ================================================================================ smb4k-1.2.2-1.fc23 (FEDORA-2016-8f80a57d82) The SMB/CIFS Share Browser for KDE -------------------------------------------------------------------------------- Update Information: New upstream vesion, 1.2.2 -------------------------------------------------------------------------------- ================================================================================ thunderbird-45.5.0-1.fc23 (FEDORA-2016-75c323ccbe) Mozilla Thunderbird mail/newsgroup client -------------------------------------------------------------------------------- Update Information: For changes see: https://www.mozilla.org/en-US/thunderbird/45.5.0/releasenotes/ -------------------------------------------------------------------------------- ================================================================================ tomcat-8.0.39-1.fc23 (FEDORA-2016-9c33466fbb) Apache Servlet/JSP Engine, RI for Servlet 3.1/JSP 2.3 API -------------------------------------------------------------------------------- Update Information: This updates includes a rebase from tomcat 8.0.38 up to 8.0.39 which resolves multiple CVEs: * \#1397493 - CVE-2016-6816 CVE-2016-6817 CVE-2016-8735 tomcat: various flaws -------------------------------------------------------------------------------- References: [ 1 ] Bug #1397493 - CVE-2016-6816 CVE-2016-6817 CVE-2016-8735 tomcat: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1397493 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
