The following Fedora 23 Security updates need testing: Age URL 346 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23 304 https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe miniupnpc-1.9-6.fc23 277 https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324 jbig2dec-0.12-2.fc23 227 https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1 python-pymongo-3.0.3-1.fc23 227 https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8 thttpd-2.25b-37.fc23 192 https://bodhi.fedoraproject.org/updates/FEDORA-2016-637618fcd4 mingw-nsis-2.50-1.fc23 68 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fcccb0a547 nodejs-0.10.46-1.fc23 46 https://bodhi.fedoraproject.org/updates/FEDORA-2016-70b5173c05 ecryptfs-utils-111-1.fc23 34 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9402100276 openssh-7.2p2-5.fc23 selinux-policy-3.13.1-158.22.fc23 33 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8d79ade826 flex-2.6.0-2.fc23 33 https://bodhi.fedoraproject.org/updates/FEDORA-2016-aa394a130e nodejs-string-dot-prototype-dot-repeat-0.2.0-2.fc23 23 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c2ec9c716e redis-3.2.3-1.fc23 19 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b1a36cccc8 389-ds-base-1.3.4.14-1.fc23 19 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5aa6973100 jasper-1.900.1-33.fc23 16 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d6288f555c libarchive-3.2.1-3.fc23 python-libarchive-c-2.5-1.fc23 14 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f9e951386e ca-certificates-2016.2.9-1.0.fc23 14 https://bodhi.fedoraproject.org/updates/FEDORA-2016-47dc2b203f firewalld-0.4.3.3-1.fc23 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2b4ecfa79f libgcrypt-1.6.6-1.fc23 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8e55114267 lcms2-2.8-2.fc23 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-87dde780b8 glibc-2.22-18.fc23 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3a0195918f gnupg-1.4.21-1.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-00ffbe6f4c canl-c-2.1.7-1.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d349b1c5f1 ganglia-3.7.2-10.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d957ffbac1 webkitgtk4-2.12.4-1.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-06e4de8210 phpMyAdmin-4.6.4-2.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ce1678471e mediawiki-1.26.4-1.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-db62a2d5a6 libksba-1.3.5-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f1adaaadc6 kernel-4.7.2-101.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4a36663643 krb5-1.14.3-8.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1f2444f878 vdsm-4.18.999-440.git0bb7717.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-820a4795a9 elog-3.1.1-7.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7e817cbf55 slock-1.3-2.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b3a6435b14 dhcpcd-6.11.3-1.fc23
The following Fedora 23 Critical Path updates have yet to be approved: Age URL 43 https://bodhi.fedoraproject.org/updates/FEDORA-2016-98a7a1b6e0 abrt-2.8.0-6.fc23 libreport-2.6.4-3.fc23 34 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9402100276 openssh-7.2p2-5.fc23 selinux-policy-3.13.1-158.22.fc23 19 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5aa6973100 jasper-1.900.1-33.fc23 16 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d6288f555c libarchive-3.2.1-3.fc23 python-libarchive-c-2.5-1.fc23 15 https://bodhi.fedoraproject.org/updates/FEDORA-2016-343c55ea44 linux-firmware-20160816-67.git7c3dfc0b.fc23 14 https://bodhi.fedoraproject.org/updates/FEDORA-2016-471ab66d4d nss-3.26.0-1.0.fc23 nss-softokn-3.26.0-1.0.fc23 nss-util-3.26.0-1.0.fc23 14 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f9e951386e ca-certificates-2016.2.9-1.0.fc23 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-87dde780b8 glibc-2.22-18.fc23 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f1f7e3722d systemd-222-16.fc23 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8e55114267 lcms2-2.8-2.fc23 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-66a914144d libfm-1.2.4-6.D20160627git2a537414de.fc23 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2b4ecfa79f libgcrypt-1.6.6-1.fc23 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1e281b415b redhat-rpm-config-37-1.fc23.1 10 https://bodhi.fedoraproject.org/updates/FEDORA-2016-bebe7b9c5b libavc1394-0.5.4-1.fc23 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3a0195918f gnupg-1.4.21-1.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4de7497ac4 gnupg2-2.1.13-2.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-221e4b44b9 gnome-online-accounts-3.18.6-1.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-22e1403506 livecd-tools-23.4-1.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4299886c3e curl-7.43.0-9.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-dee73b9cb5 selinux-policy-3.13.1-158.23.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6b2a994a0a hwdata-0.292-1.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1a0c6260d0 libgweather-3.18.2-1.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1a5504f544 pcmanfm-1.2.4-3.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e71eb7777e lxsession-0.5.2-11.D20160817git699c1695c2.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-eb1654ad5f pcre-8.39-3.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4a36663643 krb5-1.14.3-8.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f1adaaadc6 kernel-4.7.2-101.fc23
The following builds have been pushed to Fedora 23 updates-testing
dhcpcd-6.11.3-1.fc23 elog-3.1.1-7.fc23 git-cola-2.8-1.fc23 glusterfs-3.7.15-1.fc23 gnustep-base-1.24.9-1.fc23 jpnevulator-2.3.4-1.fc23 mpdecimal-2.4.2-4.fc23 ostree-2016.7-2.fc23 postfix-3.0.6-1.fc23 python-biopython-1.68-1.fc23 python-fedimg-0.7-1.fc23 shotwell-0.23.6-1.fc23 slock-1.3-2.fc23 spasm-ng-0.5-0.4.beta.2.fc23 tin-2.4.0-1.fc23 tomboy-1.15.5-1.fc23 vagrant-sshfs-1.2.0-2.fc23
Details about builds:
================================================================================ dhcpcd-6.11.3-1.fc23 (FEDORA-2016-b3a6435b14) A minimalistic network configuration daemon with DHCPv4, rdisc and DHCPv6 support -------------------------------------------------------------------------------- Update Information:
Enhancement update. ---- Security update. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1334634 - CVE-2014-7913 dhcpcd: Misinterpreted return value of snprintf function https://bugzilla.redhat.com/show_bug.cgi?id=1334634 --------------------------------------------------------------------------------
================================================================================ elog-3.1.1-7.fc23 (FEDORA-2016-820a4795a9) Logbook system to manage notes through a Web interface -------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2016-6342 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1371328 - CVE-2016-6342 elog: posting entry as arbitrary username by improper authentication https://bugzilla.redhat.com/show_bug.cgi?id=1371328 --------------------------------------------------------------------------------
================================================================================ git-cola-2.8-1.fc23 (FEDORA-2016-1abb203f0b) A sleek and powerful git GUI -------------------------------------------------------------------------------- Update Information:
git-cola update to 2.8 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1371413 - git-cola 2.7 fails to launch https://bugzilla.redhat.com/show_bug.cgi?id=1371413 [ 2 ] Bug #1371529 - git-cola-2.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=1371529 --------------------------------------------------------------------------------
================================================================================ glusterfs-3.7.15-1.fc23 (FEDORA-2016-4b6527ebaa) Distributed File System -------------------------------------------------------------------------------- Update Information:
GlusterFS 3.7.15 GA --------------------------------------------------------------------------------
================================================================================ gnustep-base-1.24.9-1.fc23 (FEDORA-2016-1507c57405) GNUstep Base library package -------------------------------------------------------------------------------- Update Information:
- Update to 1.24.9 - Utilize system-wide crypto-policies (bz#1179297) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1312706 - update 1.24.8 https://bugzilla.redhat.com/show_bug.cgi?id=1312706 [ 2 ] Bug #1204510 - gnustep-base should have Requires: make https://bugzilla.redhat.com/show_bug.cgi?id=1204510 [ 3 ] Bug #1179297 - Utilize system-wide crypto-policies https://bugzilla.redhat.com/show_bug.cgi?id=1179297 --------------------------------------------------------------------------------
================================================================================ jpnevulator-2.3.4-1.fc23 (FEDORA-2016-e0d2d86787) Serial line sniffer including very simple terminal emulator -------------------------------------------------------------------------------- Update Information:
This is new version of the package. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1370757 - jpnevulator-2.3.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1370757 --------------------------------------------------------------------------------
================================================================================ mpdecimal-2.4.2-4.fc23 (FEDORA-2016-6d2c1cdc13) Library for general decimal arithmetic -------------------------------------------------------------------------------- Update Information:
New package. --------------------------------------------------------------------------------
================================================================================ ostree-2016.7-2.fc23 (FEDORA-2016-4b3c8e53d5) Tool for managing bootable, immutable filesystem trees -------------------------------------------------------------------------------- Update Information:
This update fixes a possible crash when doing a flatpak update. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1347293 - [abrt] flatpak: mkdir_p_at_internal(): flatpak killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1347293 --------------------------------------------------------------------------------
================================================================================ postfix-3.0.6-1.fc23 (FEDORA-2016-156a5d06ee) Postfix Mail Transport Agent -------------------------------------------------------------------------------- Update Information:
This is new version of postfix, for details see upstream announcement: http://www.postfix.org/announcements/postfix-3.1.2.html -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1370899 - postfix-3.1.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1370899 --------------------------------------------------------------------------------
================================================================================ python-biopython-1.68-1.fc23 (FEDORA-2016-4e7007c25d) Python tools for computational molecular biology -------------------------------------------------------------------------------- Update Information:
- Update to 1.68 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1370687 - python-biopython-1.68 is available https://bugzilla.redhat.com/show_bug.cgi?id=1370687 --------------------------------------------------------------------------------
================================================================================ python-fedimg-0.7-1.fc23 (FEDORA-2016-b45abcb209) Automatically upload Fedora Cloud images to cloud providers -------------------------------------------------------------------------------- Update Information:
Migrate to compose-based uploading -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1371241 - python-fedimg-0.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1371241 --------------------------------------------------------------------------------
================================================================================ shotwell-0.23.6-1.fc23 (FEDORA-2016-49608f2aa3) A photo organizer for the GNOME desktop -------------------------------------------------------------------------------- Update Information:
#### Shotwell 0.23.6 - 29 Aug 2016 #### * Fix locale-dependent times * Use nl_langinfo instead of custom LConv * Fix renaming of tags and saved searches * Improve message shown on empty camera * Make thm a recognized extension for JPEG files --------------------------------------------------------------------------------
================================================================================ slock-1.3-2.fc23 (FEDORA-2016-7e817cbf55) Simple X display locker -------------------------------------------------------------------------------- Update Information:
This release fixes CVE-2016-6866, a crash when verifying a password for a user without a valid shadow hash entry. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1368369 - CVE-2016-6866 slock: Null pointer dereference results in segmentation fault https://bugzilla.redhat.com/show_bug.cgi?id=1368369 --------------------------------------------------------------------------------
================================================================================ spasm-ng-0.5-0.4.beta.2.fc23 (FEDORA-2016-4f36d66bea) A z80 assembler with extra features for TI calculators -------------------------------------------------------------------------------- Update Information:
A z80 assembler with extra features for TI calculators -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1325378 - Review Request: spasm-ng - A z80 assembler with extra features for TI calculators https://bugzilla.redhat.com/show_bug.cgi?id=1325378 --------------------------------------------------------------------------------
================================================================================ tin-2.4.0-1.fc23 (FEDORA-2016-56ddc5c6cc) Basic Internet news reader -------------------------------------------------------------------------------- Update Information:
updated to 2.4.0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1369576 - tin 2.4.0 available https://bugzilla.redhat.com/show_bug.cgi?id=1369576 --------------------------------------------------------------------------------
================================================================================ tomboy-1.15.5-1.fc23 (FEDORA-2016-1653dcfd44) Note-taking application -------------------------------------------------------------------------------- Update Information:
Update tomboy to 1.15.5. From the upstream changelog: * Translation updates: zh_CN, sr, hu, lt, id, es, el, eu, sv, fi, ro, cs, tr, ca, bs, oc, pl, pt, de, pt_BR * Update copyright to 2016 * gitignore additions for newer autotools, Visual Studio * Updated FSF address (Daniel Mustieles) * Updated DOAP file: corrected URLs, added category, description and programming-language (Piotr Dr��g, Alex Tereschenko) * Use gacutil when searching for Mono.Cairo in configure instead of hardcoded paths * Fix icon loading on Windows (Benjamin Podszun, #734399) * Help corrections: index and pin-notes pages (Ekaterina Gerasimova, #730502) * Typo fixes in tomboy.schemas.in and FuseSyncServiceAddin (Anders Jonsson) --------------------------------------------------------------------------------
================================================================================ vagrant-sshfs-1.2.0-2.fc23 (FEDORA-2016-5f59853c6a) A Vagrant synced folder plugin that mounts folders via SSHFS -------------------------------------------------------------------------------- Update Information:
Bump release to 2 because vagrant-sshfs-1.2.0-1.fc2{2,3,4} is what -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1343814 - Review Request: vagrant-sshfs - A Vagrant synced folder plugin that mounts folders via SSHFS. https://bugzilla.redhat.com/show_bug.cgi?id=1343814 --------------------------------------------------------------------------------