The following Fedora 23 Security updates need testing: Age URL 446 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23 404 https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe miniupnpc-1.9-6.fc23 377 https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324 jbig2dec-0.12-2.fc23 327 https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1 python-pymongo-3.0.3-1.fc23 327 https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8 thttpd-2.25b-37.fc23 123 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c2ec9c716e redis-3.2.3-1.fc23 116 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d6288f555c libarchive-3.2.1-3.fc23 python-libarchive-c-2.5-1.fc23 100 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b3a6435b14 dhcpcd-6.11.3-1.fc23 65 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1649cc31e0 ca-certificates-2016.2.10-1.0.fc23 58 https://bodhi.fedoraproject.org/updates/FEDORA-2016-17ea599651 compat-guile18-1.8.8-14.fc23 42 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b89e991e63 nodejs-0.10.48-1.fc23 32 https://bodhi.fedoraproject.org/updates/FEDORA-2016-272fa6b96e dracut-043-67.fc23 20 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5afe06026b jenkins-1.625.3-5.fc23 jenkins-remoting-2.62.3-1.fc23 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b4896f20b3 roundcubemail-1.2.3-1.fc23 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-bf6c3ea62c perl-DBD-MySQL-4.033-4.fc23 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7da97a3914 mcabber-1.0.4-1.fc23 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9c33466fbb tomcat-8.0.39-1.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a400e4cd90 thunderbird-45.5.1-1.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5c32bae671 php-simplesamlphp-saml2-2.3.3-1.fc23 php-simplesamlphp-saml2_1-1.10.3-1.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-30077d1b37 ipsilon-2.0.2-2.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e5ff0ed40c lxc-2.0.6-2.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3c01772ff6 httpd-2.4.23-5.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cad9307ce0 gd-2.1.1-11.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7eea952041 golang-1.5.4-5.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-570c603276 openjpeg2-2.1.2-2.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5f5d42d2d8 mingw-openjpeg2-2.1.2-2.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ad82c71a1b dovecot-2.2.27-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-98aed7ae50 libgsf-1.14.33-3.fc23 The following Fedora 23 Critical Path updates have yet to be approved: Age URL 143 https://bodhi.fedoraproject.org/updates/FEDORA-2016-98a7a1b6e0 abrt-2.8.0-6.fc23 libreport-2.6.4-3.fc23 116 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d6288f555c libarchive-3.2.1-3.fc23 python-libarchive-c-2.5-1.fc23 77 https://bodhi.fedoraproject.org/updates/FEDORA-2016-79072fd70e python-virtkey-0.63.0-1.fc23 70 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d26923757a koji-1.10.1-13.fc23 65 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1649cc31e0 ca-certificates-2016.2.10-1.0.fc23 49 https://bodhi.fedoraproject.org/updates/FEDORA-2016-86a2119f42 nspr-4.13.1-1.fc23 34 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0906f64ec8 rpm-4.13.0-1.fc23 32 https://bodhi.fedoraproject.org/updates/FEDORA-2016-272fa6b96e dracut-043-67.fc23 23 https://bodhi.fedoraproject.org/updates/FEDORA-2016-03d76071b6 nss-3.27.0-1.3.fc23 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8ec81aeba6 dbus-1.10.14-1.fc23 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-bf6c3ea62c perl-DBD-MySQL-4.033-4.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6064f86234 vim-8.0.118-1.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a400e4cd90 thunderbird-45.5.1-1.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ac1042dfcc libbluray-0.9.3-3.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cad9307ce0 gd-2.1.1-11.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3c01772ff6 httpd-2.4.23-5.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-09abe47360 boost-1.58.0-12.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6ecaf251f6 poppler-data-0.4.7-5.fc23 The following builds have been pushed to Fedora 23 updates-testing 64tass-1.52.1237-1.fc23 boost-1.58.0-12.fc23 dovecot-2.2.27-1.fc23 inxi-2.3.5-1.fc23 knot-2.3.3-1.fc23 libabigail-1.0-0.8.rc6.4.fc23 libgsf-1.14.33-3.fc23 pcre2-10.21-10.fc23 perl-iCal-Parser-1.21-1.fc23 poppler-data-0.4.7-5.fc23 python-requestbuilder-0.7.1-1.fc23 tor-0.2.8.11-1.fc23 valabind-0.10.0-1.fc23 zile-2.4.13-1.fc23 Details about builds: ================================================================================ 64tass-1.52.1237-1.fc23 (FEDORA-2016-ce2323d88e) 6502 assembler -------------------------------------------------------------------------------- Update Information: - Rebuilt for new upstream release 1.52.1237, fixes rhbz #1063717 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1063717 - 64tass-1.52.1237 is available https://bugzilla.redhat.com/show_bug.cgi?id=1063717 -------------------------------------------------------------------------------- ================================================================================ boost-1.58.0-12.fc23 (FEDORA-2016-09abe47360) The free peer-reviewed portable C++ source libraries -------------------------------------------------------------------------------- Update Information: The Boost libraries have been updated to fix compilation errors when using `boost::asio::use_future`. A bug in the C++ standard library shipped with Fedora caused an incompatibility with part of Boost.Asio. The fix for that bug is not included in Fedora yet, so the Boost packages have been rebuilt to include a workaround taken from the latest Boost release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1403165 - boost::asio::use_future can't be used on Fedora https://bugzilla.redhat.com/show_bug.cgi?id=1403165 -------------------------------------------------------------------------------- ================================================================================ dovecot-2.2.27-1.fc23 (FEDORA-2016-ad82c71a1b) Secure imap and pop3 server -------------------------------------------------------------------------------- Update Information: - Fixed crash in auth process when auth-policy was configured and authentication was aborted/failed without a username set. - director: If two users had different tags but the same hash, the users may have been redirected to the wrong tag's hosts. - Index files may have been thought incorrectly lost, causing "Missing middle file seq=.." to be logged and index rebuild. This happened more easily with IMAP hibernation enabled. - Various fixes to restoring state correctly in un-hibernation. - dovecot.index files were commonly 4 bytes per email too large. This is because 3 bytes per email were being wasted that could have been used for IMAP keywords. - Various fixes to handle dovecot.list.index corruption better. - lib-fts: Fixed assert-crash in address tokenizer with specific input. - Fixed assert-crash in HTML to text parsing with specific input (e.g. for FTS indexing or snippet generation) - doveadm sync -1: Fixed handling mailbox GUID conflicts. - sdbox, mdbox: Perform full index rebuild if corruption is detected inside lib-index, which runs index fsck. - quota: Don't skip quota checks when moving mails between different quota roots. - search: Multiple sequence sets or UID sets in search parameters weren't handled correctly. They were incorrectly merged together. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1401025 - CVE-2016-8652 dovecot: Remote crash when auth-policy component is activated [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1401025 -------------------------------------------------------------------------------- ================================================================================ inxi-2.3.5-1.fc23 (FEDORA-2016-3c78a98d80) A full featured system information script -------------------------------------------------------------------------------- Update Information: Update to 2.3.5. -------------------------------------------------------------------------------- ================================================================================ knot-2.3.3-1.fc23 (FEDORA-2016-447658ae1b) High-performance authoritative DNS server -------------------------------------------------------------------------------- Update Information: new upstream release -------------------------------------------------------------------------------- ================================================================================ libabigail-1.0-0.8.rc6.4.fc23 (FEDORA-2016-1722c27046) Set of ABI analysis tools -------------------------------------------------------------------------------- Update Information: Fix upstream bug - Fix aborting when reading .foo symbols from a ppc64 binary ---- Fix upstream Bug 20927 - Segfault when abidiff is invoked with $HOME not set ---- Fix an issue where some suppressed diff nodes are still visible in change reports ---- Update to upstream 1.0.rc6 tarball -------------------------------------------------------------------------------- References: [ 1 ] Bug #1352547 - Missing pyxdg as Requires in libabigail-1.0-0.8.rc5.3.fc24 https://bugzilla.redhat.com/show_bug.cgi?id=1352547 [ 2 ] Bug #19658 - None https://bugzilla.redhat.com/show_bug.cgi?id=19658 -------------------------------------------------------------------------------- ================================================================================ libgsf-1.14.33-3.fc23 (FEDORA-2016-98aed7ae50) GNOME Structured File library -------------------------------------------------------------------------------- Update Information: * Security fix for CVE-2016-9888 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1403198 - CVE-2016-9888 libgsf: Null pointer dereference in tar_directory_for_file() https://bugzilla.redhat.com/show_bug.cgi?id=1403198 -------------------------------------------------------------------------------- ================================================================================ pcre2-10.21-10.fc23 (FEDORA-2016-971905fc6f) Perl-compatible regular expression library -------------------------------------------------------------------------------- Update Information: This release fixes "pcre2-config --libs-posix" output, a memory leak in pcre2test tool, a buffer overflow in the library when partial-matching for CR-LF in an empty buffer and a crash in pcre2test tool when diplaying wide characters. -------------------------------------------------------------------------------- ================================================================================ perl-iCal-Parser-1.21-1.fc23 (FEDORA-2016-93431904d1) Parse iCalendar files into a data structure -------------------------------------------------------------------------------- Update Information: This release fixes various parser failures. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1403038 - perl-iCal-Parser-1.21 is available https://bugzilla.redhat.com/show_bug.cgi?id=1403038 -------------------------------------------------------------------------------- ================================================================================ poppler-data-0.4.7-5.fc23 (FEDORA-2016-6ecaf251f6) Encoding files -------------------------------------------------------------------------------- Update Information: Simple rebuild to fix paths for ghostscript, no changes in behaviour expected. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1402306 - Can't find CMap Identity-UTF16-H https://bugzilla.redhat.com/show_bug.cgi?id=1402306 -------------------------------------------------------------------------------- ================================================================================ python-requestbuilder-0.7.1-1.fc23 (FEDORA-2016-e185ddfe2c) Command line-driven HTTP request builder -------------------------------------------------------------------------------- Update Information: This update fixes bugs in configuration file handling and commands' help output formatting. It also adds a NOTICE logging level. -------------------------------------------------------------------------------- ================================================================================ tor-0.2.8.11-1.fc23 (FEDORA-2016-4d0abbf814) Anonymizing overlay network for TCP -------------------------------------------------------------------------------- Update Information: update to upstream release 0.2.8.11 ---- update to upstream release 0.2.8.10 -------------------------------------------------------------------------------- ================================================================================ valabind-0.10.0-1.fc23 (FEDORA-2016-64a9668e05) Transform vala or vapi files into swig, C++, NodeJS-ffi, or GIR -------------------------------------------------------------------------------- Update Information: - Rebuilt for new upstream release 0.10.0, fixes rhbz #1310921 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1310921 - valabind-0.10.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1310921 -------------------------------------------------------------------------------- ================================================================================ zile-2.4.13-1.fc23 (FEDORA-2016-87a05cd95f) Zile Is Lossy Emacs -------------------------------------------------------------------------------- Update Information: - Rebuilt for new upstream release 2.4.13, fixes rhbz #1385997 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1385997 - zile-2.4.13 is available https://bugzilla.redhat.com/show_bug.cgi?id=1385997 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
