The following Fedora 23 Security updates need testing: Age URL 193 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23 151 https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe miniupnpc-1.9-6.fc23 124 https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324 jbig2dec-0.12-2.fc23 75 https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1 python-pymongo-3.0.3-1.fc23 74 https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8 thttpd-2.25b-37.fc23 63 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a69ee02554 xulrunner-44.0-1.fc23 39 https://bodhi.fedoraproject.org/updates/FEDORA-2016-637618fcd4 mingw-nsis-2.50-1.fc23 28 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3e4408f350 squid-3.5.10-1.fc23 21 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d7dafbf27f python-tgcaptcha2-0.3.1-1.fc23 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0fb6577f07 vtun-3.0.3-15.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-df2529c86c python-rsa-3.4.1-1.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b05672c54f libmaxminddb-1.2.0-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0d5b1b498f xen-4.5.2-10.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b7f1f8e3bf mercurial-3.5.2-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-de909cc333 xstream-1.4.9-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b9368247d4 latex2rtf-2.3.10-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1cf1b49047 php-5.6.20-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-858277b967 fuse-encfs-1.8.1-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7e602c0e5e kernel-4.4.6-301.fc23
The following Fedora 23 Critical Path updates have yet to be approved: Age URL 63 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a69ee02554 xulrunner-44.0-1.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d8dbbc4b73 kde-settings-23-11.fc23.1 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5d2823c643 breeze-icon-theme-5.20.0-1.fc23 extra-cmake-modules-5.20.0-1.fc23 kactivitymanagerd-5.5.0-1.fc23 kf5-5.20.0-1.fc23 kf5-attica-5.20.0-1.fc23 kf5-baloo-5.20.0-1.fc23 kf5-bluez-qt-5.20.0-1.fc23 kf5-frameworkintegration-5.20.0-2.fc23 kf5-kactivities-5.20.0-2.fc23 kf5-kapidox-5.20.0-1.fc23 kf5-karchive-5.20.0-1.fc23 kf5-kauth-5.20.0-1.fc23 kf5-kbookmarks-5.20.0-1.fc23 kf5-kcmutils-5.20.0-1.fc23 kf5-kcodecs-5.20.0-1.fc23 kf5-kcompletion-5.20.0-1.fc23 kf5-kconfig-5.20.0-1.fc23 kf5-kconfigwidgets-5.20.0-1.fc23 kf5-kcoreaddons-5.20.0-1.fc23 kf5-kcrash-5.20.0-1.fc23 kf5-kdbusaddons-5.20.0-1.fc23 kf5-kdeclarative-5.20.0-1.fc23 kf5-kded-5.20.0-1.fc23 kf5-kdelibs4support-5.20.0-1.fc23 kf5-kdesignerplugin-5.20.0-1.fc23 kf5-kdesu-5.20.0-1.fc23 kf5-kdewebkit-5.20.0-1.fc23 kf5-kdnssd-5.20.0-1.fc23 kf5-kdoctools-5.20.0-1.fc23 kf5-kemoticons-5.20.0-1.fc23 kf5-kfilemetadata-5.20.0-1.fc23 kf5-kglobalaccel-5.20.0-1.fc23 kf5-kgu iaddons- 5.20.0-1.fc23 kf5-khtml-5.20.0-1.fc23 kf5-ki18n-5.20.0-1.fc23 kf5-kiconthemes-5.20.0-1.fc23 kf5-kidletime-5.20.0-1.fc23 kf5-kimageformats-5.20.0-1.fc23 kf5-kinit-5.20.0-1.fc23 kf5-kio-5.20.0-1.fc23 kf5-kitemmodels-5.20.0-1.fc23 kf5-kitemviews-5.20.0-1.fc23 kf5-kjobwidgets-5.20.0-1.fc23 kf5-kjs-5.20.0-1.fc23 kf5-kjsembed-5.20.0-1.fc23 kf5-kmediaplayer-5.20.0-1.fc23 kf5-knewstuff-5.20.0-1.fc23 kf5-knotifications-5.20.0-2.fc23 kf5-knotifyconfig-5.20.0-1.fc23 kf5-kpackage-5.20.0-1.fc23 kf5-kparts-5.20.0-1.fc23 kf5-kpeople-5.20.0-1.fc23 kf5-kplotting-5.20.0-1.fc23 kf5-kpty-5.20.0-1.fc23 kf5-kross-5.20.0-1.fc23 kf5-krunner-5.20.0-1.fc23 kf5-kservice-5.20.0-1.fc23 kf5-ktexteditor-5.20.0-2.fc23 kf5-ktextwidgets-5.20.0-1.fc23 kf5-kunitconversion-5.20.0-1.fc23 kf5-kwallet-5.20.0-1.fc23 kf5-kwidgetsaddons-5.20.0-1.fc23 kf5-kwindowsystem-5.20.0-1.fc23 kf5-kxmlgui-5.20.0-1.fc23 kf5-kxmlrpcclient-5.20.0-1.fc23 kf5-modemmanager-qt-5.20.0-1.fc23 kf5-networkmanager-qt-5.20.0-1.fc23 kf5-plasm a-5.20.0 -1.fc23 kf5-solid-5.20.0-1.fc23 kf5-sonnet-5.20.0-1.fc23 kf5-threadweaver-5.20.0-1.fc23 oxygen-icon-theme-5.20.0-1.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d6d6d4d8f8 ntfs-3g-2016.2.22-1.fc23 testdisk-7.0-7.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-86fd9bc8c4 pungi-4.0.11-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7190703cf1 lorax-23.20-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1cdba6b1c7 selinux-policy-3.13.1-158.12.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2e693afc7d baloo-widgets-15.12.3-1.fc23 dolphin-15.12.3-1.fc23 kate-15.12.3-1.fc23 konsole5-15.12.3-2.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e7216423d2 parted-3.2-17.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5138079046 alsa-tools-1.1.0-2.fc23 alsa-plugins-1.1.1-1.fc23 alsa-utils-1.1.1-1.fc23 alsa-lib-1.1.1-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7e602c0e5e kernel-4.4.6-301.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-bbba3bf922 ModemManager-1.4.14-1.fc23 libmbim-1.12.4-2.fc23 libqmi-1.12.10-1.fc23
The following builds have been pushed to Fedora 23 updates-testing
ModemManager-1.4.14-1.fc23 alsa-lib-1.1.1-1.fc23 alsa-plugins-1.1.1-1.fc23 alsa-tools-1.1.0-2.fc23 alsa-utils-1.1.1-1.fc23 android-tools-20160327git3761365735de-1.fc23 archlinux-keyring-20160215-1.fc23 fedfind-2.4.3-1.fc23 fonttools-3.0-4.fc23 fuse-encfs-1.8.1-1.fc23 gnome-chemistry-utils-0.14.12-1.fc23 gnumeric-1.12.28-1.fc23 goffice-0.10.28-1.fc23 javapackages-tools-4.6.0-8.fc23 kernel-4.4.6-301.fc23 latex2rtf-2.3.10-1.fc23 libbson-1.3.5-1.fc23 libmbim-1.12.4-2.fc23 libqmi-1.12.10-1.fc23 mongodb-3.0.10-2.fc23 nfs-ganesha-2.3.1-3.fc23 pacman-5.0.1-1.fc23 php-5.6.20-1.fc23 php-composer-semver-1.4.0-1.fc23 php-doctrine-doctrine-cache-bundle-1.3.0-1.fc23 plasma-workspace-5.5.5-5.fc23 proxytunnel-1.9.1-1.fc23 python-wikitcms-2.1.4-1.fc23 subscription-manager-1.17.4-1.fc23 trustedqsl-2.2.1-1.fc23 uispec4j-2.5-0.2.20150412gitfdc0b42.fc23 xen-4.5.3-1.fc23
Details about builds:
================================================================================ ModemManager-1.4.14-1.fc23 (FEDORA-2016-bbba3bf922) Mobile broadband modem management service -------------------------------------------------------------------------------- Update Information:
Update to ModemManager 1.4.14 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1010538 - Useless "Couldn't find support for device" warning in the log https://bugzilla.redhat.com/show_bug.cgi?id=1010538 [ 2 ] Bug #972335 - Huawei E3276: Failed to find primary port https://bugzilla.redhat.com/show_bug.cgi?id=972335 [ 3 ] Bug #1304814 - Update to ModemManager 1.4.12 to disable CDMA capabilities when using MBIM https://bugzilla.redhat.com/show_bug.cgi?id=1304814 --------------------------------------------------------------------------------
================================================================================ alsa-lib-1.1.1-1.fc23 (FEDORA-2016-5138079046) The Advanced Linux Sound Architecture (ALSA) library -------------------------------------------------------------------------------- Update Information:
Update ALSA packages to version 1.1.1 (and alsa-tools to 1.1.0). --------------------------------------------------------------------------------
================================================================================ alsa-plugins-1.1.1-1.fc23 (FEDORA-2016-5138079046) The Advanced Linux Sound Architecture (ALSA) Plugins -------------------------------------------------------------------------------- Update Information:
Update ALSA packages to version 1.1.1 (and alsa-tools to 1.1.0). --------------------------------------------------------------------------------
================================================================================ alsa-tools-1.1.0-2.fc23 (FEDORA-2016-5138079046) Specialist tools for ALSA -------------------------------------------------------------------------------- Update Information:
Update ALSA packages to version 1.1.1 (and alsa-tools to 1.1.0). --------------------------------------------------------------------------------
================================================================================ alsa-utils-1.1.1-1.fc23 (FEDORA-2016-5138079046) Advanced Linux Sound Architecture (ALSA) utilities -------------------------------------------------------------------------------- Update Information:
Update ALSA packages to version 1.1.1 (and alsa-tools to 1.1.0). --------------------------------------------------------------------------------
================================================================================ android-tools-20160327git3761365735de-1.fc23 (FEDORA-2016-f21852d13b) Android platform tools(adb, fastboot) -------------------------------------------------------------------------------- Update Information:
- Update to upstream git commit 3761365735de - Resolves: rhbz#1278769 rhbz#1318099 Migrate to ruby generate_build. Support new versions -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1318099 - android-tools severely needs update https://bugzilla.redhat.com/show_bug.cgi?id=1318099 [ 2 ] Bug #1306107 - [abrt] android-tools: write_all_blocks(): fastboot killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1306107 [ 3 ] Bug #1278769 - latest fastboot required to unlock Nexus 6P (and maybe 5X) https://bugzilla.redhat.com/show_bug.cgi?id=1278769 --------------------------------------------------------------------------------
================================================================================ archlinux-keyring-20160215-1.fc23 (FEDORA-2016-151ea289e2) GPG keys used by Arch distribution to sign packages -------------------------------------------------------------------------------- Update Information:
Update to latest version. Previous versions of pacman will stop working with new packages after April 23rd https://www.archlinux.org/news/required-update-to- pacman-501-before-2016-04-23/. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1308758 - archlinux-keyring-20160215 is available https://bugzilla.redhat.com/show_bug.cgi?id=1308758 [ 2 ] Bug #1311111 - pacman-5.0.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1311111 --------------------------------------------------------------------------------
================================================================================ fedfind-2.4.3-1.fc23 (FEDORA-2016-cb0556c0f6) Fedora Finder finds Fedora -------------------------------------------------------------------------------- Update Information:
This update provides the latest releases of [python- wikitcms](https://www.happyassassin.net/wikitcms) and [fedfind](https://www.happyassassin.net/fedfind). The wikitcms release drops a now-unneeded workaround for a missing PDC feature which was now implemented (and enables tests in the package); the fedfind update *adds* a workaround for a newly-discovered [PDC issue](https://github.com/fedora-infra/pdc- updater/issues/10) (ironically, along the same lines). This will fix an issue with automated creation of release validation test events. It also restores support for 'milestone' releases (i.e. Alphas and Betas). --------------------------------------------------------------------------------
================================================================================ fonttools-3.0-4.fc23 (FEDORA-2016-f3240920b0) A tool to convert True/OpenType fonts to XML and back -------------------------------------------------------------------------------- Update Information:
Resolves:rh#1240265- fonttools 2.5 takes too much memory -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1240265 - fonttools 2.5 takes too much memory https://bugzilla.redhat.com/show_bug.cgi?id=1240265 --------------------------------------------------------------------------------
================================================================================ fuse-encfs-1.8.1-1.fc23 (FEDORA-2016-858277b967) Encrypted pass-thru filesystem in userspace -------------------------------------------------------------------------------- Update Information:
Update to 1.8.1. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1119122 - fuse-encfs is missing from EPEL 7 https://bugzilla.redhat.com/show_bug.cgi?id=1119122 [ 2 ] Bug #1097540 - fuse-encfs: multiple cryptography issues [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1097540 [ 3 ] Bug #906390 - Man page does not mention ENCFS6_CONFIG variable name. https://bugzilla.redhat.com/show_bug.cgi?id=906390 [ 4 ] Bug #1307518 - fuse-encfs: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1307518 [ 5 ] Bug #1234255 - New version available - 1.8.1 https://bugzilla.redhat.com/show_bug.cgi?id=1234255 --------------------------------------------------------------------------------
================================================================================ gnome-chemistry-utils-0.14.12-1.fc23 (FEDORA-2016-9afe8ad335) A set of chemical utilities -------------------------------------------------------------------------------- Update Information:
This is an update to the latest upstream releases of gnumeric, goffice and gnome-chemistry-utils: * http://gnumeric.org/announcements/1.12/gnumeric-1.12.28.html * http://lists.nongnu.org/archive/html/gchemutils-main/2016-03/msg00001.html --------------------------------------------------------------------------------
================================================================================ gnumeric-1.12.28-1.fc23 (FEDORA-2016-9afe8ad335) Spreadsheet program for GNOME -------------------------------------------------------------------------------- Update Information:
This is an update to the latest upstream releases of gnumeric, goffice and gnome-chemistry-utils: * http://gnumeric.org/announcements/1.12/gnumeric-1.12.28.html * http://lists.nongnu.org/archive/html/gchemutils-main/2016-03/msg00001.html --------------------------------------------------------------------------------
================================================================================ goffice-0.10.28-1.fc23 (FEDORA-2016-9afe8ad335) G Office support libraries -------------------------------------------------------------------------------- Update Information:
This is an update to the latest upstream releases of gnumeric, goffice and gnome-chemistry-utils: * http://gnumeric.org/announcements/1.12/gnumeric-1.12.28.html * http://lists.nongnu.org/archive/html/gchemutils-main/2016-03/msg00001.html --------------------------------------------------------------------------------
================================================================================ javapackages-tools-4.6.0-8.fc23 (FEDORA-2016-2e49e6c66e) Macros and scripts for Java packaging support -------------------------------------------------------------------------------- Update Information:
Add missing dependency on findutils (thanks Tatsuyuki Ishi) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1321401 - Missing dependency: findutils https://bugzilla.redhat.com/show_bug.cgi?id=1321401 --------------------------------------------------------------------------------
================================================================================ kernel-4.4.6-301.fc23 (FEDORA-2016-7e602c0e5e) The Linux kernel -------------------------------------------------------------------------------- Update Information:
This is an incremental update for a set of bugzillas in the kernel -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1315711 - CVE-2016-3157 kernel: xen: Privilege escalation on 64-bit Xen PV domains with IO port access privileges (XSA-171) https://bugzilla.redhat.com/show_bug.cgi?id=1315711 [ 2 ] Bug #1317007 - CVE-2016-3136 kernel: Crash on invalid USB device descriptors (mct_u232 driver) https://bugzilla.redhat.com/show_bug.cgi?id=1317007 [ 3 ] Bug #1317017 - CVE-2016-2187 kernel: Kernel panic on invalid USB device descriptor (gtco driver) https://bugzilla.redhat.com/show_bug.cgi?id=1317017 [ 4 ] Bug #1316995 - CVE-2016-3140 kernel: Crash on invalid USB device descriptors (digi_acceleport driver) https://bugzilla.redhat.com/show_bug.cgi?id=1316995 [ 5 ] Bug #1316204 - CVE-2016-3138 kernel: Crash on invalid USB device descriptors (cdc_acm driver) https://bugzilla.redhat.com/show_bug.cgi?id=1316204 [ 6 ] Bug #1317014 - CVE-2016-2185 kernel: Kernel panic on invalid USB device descriptor (ati_remote2 driver) https://bugzilla.redhat.com/show_bug.cgi?id=1317014 [ 7 ] Bug #1317018 - CVE-2016-2188 kernel: Kernel panic on invalid USB device descriptor (iowarrior driver) https://bugzilla.redhat.com/show_bug.cgi?id=1317018 [ 8 ] Bug #1317015 - CVE-2016-2186 kernel: Kernel panic on invalid USB device descriptor (powermate driver) https://bugzilla.redhat.com/show_bug.cgi?id=1317015 [ 9 ] Bug #1316996 - CVE-2016-3137 kernel: Crash on invalid USB device descriptors (cypress_m8 driver) https://bugzilla.redhat.com/show_bug.cgi?id=1316996 [ 10 ] Bug #1317012 - CVE-2016-2184 kernel: Kernel panic on invalid USB device descriptor (snd_usb_audio driver) https://bugzilla.redhat.com/show_bug.cgi?id=1317012 --------------------------------------------------------------------------------
================================================================================ latex2rtf-2.3.10-1.fc23 (FEDORA-2016-b9368247d4) LaTeX to RTF converter that handles equations, figures, and cross-references -------------------------------------------------------------------------------- Update Information:
Update to 2.3.10 for CVE-2015-8106 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1282492 - CVE-2015-8106 latex2rtf: Format string vulnerability in CmdKeywords https://bugzilla.redhat.com/show_bug.cgi?id=1282492 --------------------------------------------------------------------------------
================================================================================ libbson-1.3.5-1.fc23 (FEDORA-2016-08d3d4a04b) Building, parsing, and iterating BSON documents -------------------------------------------------------------------------------- Update Information:
There are no changes in the code. We deliver this release only because of the new version string. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1322634 - libbson-1.3.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1322634 --------------------------------------------------------------------------------
================================================================================ libmbim-1.12.4-2.fc23 (FEDORA-2016-bbba3bf922) Support library for the Mobile Broadband Interface Model protocol -------------------------------------------------------------------------------- Update Information:
Update to ModemManager 1.4.14 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1010538 - Useless "Couldn't find support for device" warning in the log https://bugzilla.redhat.com/show_bug.cgi?id=1010538 [ 2 ] Bug #972335 - Huawei E3276: Failed to find primary port https://bugzilla.redhat.com/show_bug.cgi?id=972335 [ 3 ] Bug #1304814 - Update to ModemManager 1.4.12 to disable CDMA capabilities when using MBIM https://bugzilla.redhat.com/show_bug.cgi?id=1304814 --------------------------------------------------------------------------------
================================================================================ libqmi-1.12.10-1.fc23 (FEDORA-2016-bbba3bf922) Support library to use the Qualcomm MSM Interface (QMI) protocol -------------------------------------------------------------------------------- Update Information:
Update to ModemManager 1.4.14 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1010538 - Useless "Couldn't find support for device" warning in the log https://bugzilla.redhat.com/show_bug.cgi?id=1010538 [ 2 ] Bug #972335 - Huawei E3276: Failed to find primary port https://bugzilla.redhat.com/show_bug.cgi?id=972335 [ 3 ] Bug #1304814 - Update to ModemManager 1.4.12 to disable CDMA capabilities when using MBIM https://bugzilla.redhat.com/show_bug.cgi?id=1304814 --------------------------------------------------------------------------------
================================================================================ mongodb-3.0.10-2.fc23 (FEDORA-2016-ad367c57b0) High-performance, schema-free document-oriented database -------------------------------------------------------------------------------- Update Information:
MongoDB now use -O2 instead of -O3 which caused segfault on ARM. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1303864 - mongod crashes on armv7hl https://bugzilla.redhat.com/show_bug.cgi?id=1303864 --------------------------------------------------------------------------------
================================================================================ nfs-ganesha-2.3.1-3.fc23 (FEDORA-2016-fb412711f6) NFS Server running in user space -------------------------------------------------------------------------------- Update Information:
w/ nfs-ganesha-config.service --------------------------------------------------------------------------------
================================================================================ pacman-5.0.1-1.fc23 (FEDORA-2016-151ea289e2) Package manager for the Arch distribution -------------------------------------------------------------------------------- Update Information:
Update to latest version. Previous versions of pacman will stop working with new packages after April 23rd https://www.archlinux.org/news/required-update-to- pacman-501-before-2016-04-23/. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1308758 - archlinux-keyring-20160215 is available https://bugzilla.redhat.com/show_bug.cgi?id=1308758 [ 2 ] Bug #1311111 - pacman-5.0.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1311111 --------------------------------------------------------------------------------
================================================================================ php-5.6.20-1.fc23 (FEDORA-2016-1cf1b49047) PHP scripting language for creating dynamic web sites -------------------------------------------------------------------------------- Update Information:
31 Mar 2016, **PHP 5.6.20** **CLI Server:** * Fixed bug php#69953 (Support MKCALENDAR request method). (Christoph) **Core:** * Fixed bug php#71596 (Segmentation fault on ZTS with date function (setlocale)). (Anatol) **Curl:** * Fixed bug php#71694 (Support constant CURLM_ADDED_ALREADY). (mpyw) **Date:** * Fixed bug php#71635 (DatePeriod::getEndDate segfault). (Thomas Punt) **Fileinfo:** * Fixed bug php#71527 (Buffer over-write in finfo_open with malformed magic file). (Anatol) **Mbstring:** * Fixed bug php#71906 (AddressSanitizer: negative-size-param (-1) in mbfl_strcut). (Stas) **ODBC:** * Fixed bug php#47803, php#69526 (Executing prepared statements is succesfull only for the first two statements). (einavitamar, Anatol) * Fixed bug php#71860 (Invalid memory write in phar on filename with \0 in name). (Stas) **PDO_DBlib:** * Fixed bug php#54648 (PDO::MSSQL forces format of datetime fields). (steven, Anatol) **Phar:** * Fixed bug php#71625 (Crash in php7.dll with bad phar filename). (Anatol) * Fixed bug php#71504 (Parsing of tar file with duplicate filenames causes memory leak). (Jos Elstgeest) **SNMP:** * Fixed bug php#71704 (php_snmp_error() Format String Vulnerability). (andrew) **Standard** * Fixed bug php#71798 (Integer Overflow in php_raw_url_encode). (taoguangchen, Stas) --------------------------------------------------------------------------------
================================================================================ php-composer-semver-1.4.0-1.fc23 (FEDORA-2016-607f1d4c33) Semver library that offers utilities, version constraint parsing and validation -------------------------------------------------------------------------------- Update Information:
**Version 1.4.0** * Added: getters on MultiConstraint --------------------------------------------------------------------------------
================================================================================ php-doctrine-doctrine-cache-bundle-1.3.0-1.fc23 (FEDORA-2016-5db095b1a3) Symfony2 Bundle for Doctrine Cache -------------------------------------------------------------------------------- Update Information:
### 1.3.0 * Added apcu driver * Added predis driver * Fixed mangling issue with memcache driver * Reorganized documentation * Added persistent id to memcache driver ### 1.2.2 * Made Symfony Security ACL an optional dependency ### 1.2.1 * Relaxed Symfony requirements allowing old installs ### 1.2.0 * Fixes [#47](https://github.com/doctrine/DoctrineCacheBundle/pull/47) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1279828 - php-doctrine-doctrine-cache-bundle-1.3.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1279828 --------------------------------------------------------------------------------
================================================================================ plasma-workspace-5.5.5-5.fc23 (FEDORA-2016-c38859cb6a) Plasma workspace, applications and applets -------------------------------------------------------------------------------- Update Information:
- drop Requires: sddm-breeze (workaround for bug #1261034) --------------------------------------------------------------------------------
================================================================================ proxytunnel-1.9.1-1.fc23 (FEDORA-2016-5b17da9f49) Tool to tunnel a connection through an standard HTTP(S) proxy -------------------------------------------------------------------------------- Update Information:
Update to current upstream release, and add support for modern TLS protocols, needed to communicate with current Fedora mod_ssl default configurations. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1284776 - [PATCH] TLS Protocols not supported https://bugzilla.redhat.com/show_bug.cgi?id=1284776 [ 2 ] Bug #1239800 - proxytunnel: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1239800 --------------------------------------------------------------------------------
================================================================================ python-wikitcms-2.1.4-1.fc23 (FEDORA-2016-cb0556c0f6) Fedora QA wiki test management Python library -------------------------------------------------------------------------------- Update Information:
This update provides the latest releases of [python- wikitcms](https://www.happyassassin.net/wikitcms) and [fedfind](https://www.happyassassin.net/fedfind). The wikitcms release drops a now-unneeded workaround for a missing PDC feature which was now implemented (and enables tests in the package); the fedfind update *adds* a workaround for a newly-discovered [PDC issue](https://github.com/fedora-infra/pdc- updater/issues/10) (ironically, along the same lines). This will fix an issue with automated creation of release validation test events. It also restores support for 'milestone' releases (i.e. Alphas and Betas). --------------------------------------------------------------------------------
================================================================================ subscription-manager-1.17.4-1.fc23 (FEDORA-2016-b2c8c39135) Tools and libraries for subscription and repository management -------------------------------------------------------------------------------- Update Information:
Bug fix for duplicate display of proxy configuration dialog in GUI. --------------------------------------------------------------------------------
================================================================================ trustedqsl-2.2.1-1.fc23 (FEDORA-2016-9efd9bc50c) TrustedQSL ham-radio applications -------------------------------------------------------------------------------- Update Information:
TQSL changes Defects Corrected: When installing a .TQ6 file succeeded, TQSL would delete any other certificate files for that callsign, under the assumption that they were no longer needed. If an operator with a pending callsign certificate request would then install a TQ6 file for their former callsign certificate (one that was being renewed), the private key for the pending renewal could be deleted. This would cause the subsequent TQ6 file to fail to install. TQSL no longer deletes anything unless it can verfify on-line with LoTW that the installed certificate is the current one. When uploading logs, TQSL would always display the progress bar. This should not have been done when signing via the command line when batch mode (-x or -q) was enabled. TQSL 2.2.1 no longer displays the progress bar for these operations. When using the language selection dialog, TQSL could cause the main window to close and re- appear on a different area of the screen. The window location is now preserved when the language is changed. In addition, TQSL doesn't destroy and re-create the main window when the language is not changed. Updating the LoTW configuration file could fail if the user's home directory contained non-ASCII characters (Windows only). TQSL now handles this properly for such users. TQSL now ensures that the password prompt window appears on top of other windows when a password is requested while signing a log. This will cause the main TQSL window to appear along with the password prompt. No change will be seen if there is no password set on the associated callsign certificate. TQSL would reject Cabrillo "Light" mode QSOs (300 GHz) as having an invalid frequency. TQSL now accepts these as valid. TQSL could misinterpret unrecognized ADIF MODE/SUBMODE entries in an ADIF file by not using the user���s ADIF mode settings. TQSL now will use the mode maps when a mode/submode is not recognized. There was a defect on OSX that would cause an incorrect error message to be displayed when an incorrect password was entered for a callsign certificate. TQSL now displays an appropriate error message in this circumstance. Restoring an incorrect .TQ6 file when there was a pending callsign certificate request could cause the pending request to be deleted. TQSL now rejects the invalid TQ6 file and takes no other action. Major feature Additions: The callsign certificate properties displays now include "Replaced" and "Expired" indicators. TQSL now attempts to cleanly close out the duplicates database when the window is closed while a signing operation is underway. TQSL now allows an alternate layout for the user interface that moves the status log to a separate tab. This is useful for users with long lists of station locations or callsign certificates. The TQSL duplicate QSO tracking was updated to allow reporting of station location changes when the same QSO is signed from more than one station location. This makes it less likely that an operator will mistakenly re-upload an already QSLd contact with incorrect station location information. The TQSL ADIF editor was updated to automatically select the appropriate band when a frequency is entered. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1304113 - trustedqsl-2.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1304113 --------------------------------------------------------------------------------
================================================================================ uispec4j-2.5-0.2.20150412gitfdc0b42.fc23 (FEDORA-2016-c44e5407a7) Java/Swing GUI testing made simple -------------------------------------------------------------------------------- Update Information:
initial package, rhbz#1305650 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1305650 - Review Request: uispec4j - Java/Swing GUI testing made simple https://bugzilla.redhat.com/show_bug.cgi?id=1305650 --------------------------------------------------------------------------------
================================================================================ xen-4.5.3-1.fc23 (FEDORA-2016-e5432ca977) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information:
update to 4.5.3 --------------------------------------------------------------------------------