The following Fedora 23 Security updates need testing:
Age URL
150 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23
108 https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe miniupnpc-1.9-6.fc23
80 https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324 jbig2dec-0.12-2.fc23
31 https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1 python-pymongo-3.0.3-1.fc23
31 https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8 thttpd-2.25b-37.fc23
20 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a69ee02554 xulrunner-44.0-1.fc23
16 https://bodhi.fedoraproject.org/updates/FEDORA-2016-97002ad37b rubygem-actionview-4.2.3-3.fc23
16 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f486068393 rubygem-actionpack-4.2.3-4.fc23
15 https://bodhi.fedoraproject.org/updates/FEDORA-2016-eb4d6e8aab rubygem-activemodel-4.2.3-2.fc23
15 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3ede04cd79 rubygem-activesupport-4.2.3-3.fc23
15 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cc465a34df rubygem-activerecord-4.2.3-2.fc23
8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5d0e7f15ef php-horde-horde-5.2.9-1.fc23
6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-17670e1b90 kscreenlocker-5.5.4-3.fc23
6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-59ce8b61dd rubygem-rails-html-sanitizer-1.0.3-1.fc23
3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e0a6c9ebc4 postgresql-9.4.6-1.fc23
2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-40401300ed 389-ds-base-1.3.4.8-1.fc23
2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-65a1f22818 community-mysql-5.6.29-1.fc23
2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-94b0b50351 gummi-0.6.6-1.fc23
0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ba6fd98830 jabberd-2.3.3-7.fc23
0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fb9b356b74 qt-creator-3.6.0-6.fc23 qca-2.1.1-4.fc23 code-editor-2.8.1-13.fc23 monotone-1.1-13.fc23 botan-1.10.12-1.fc23
0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4154a4d0ba graphite2-1.3.5-1.fc23
The following Fedora 23 Critical Path updates have yet to be approved:
Age URL
20 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a69ee02554 xulrunner-44.0-1.fc23
0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-054e18a33d htdig-3.2.0-0.23.b6.fc23
0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9ce8624a6c selinux-policy-3.13.1-158.7.fc23
0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-990c070b19 spatialite-tools-4.3.0-9.fc23 sqlite-3.11.0-1.fc23
0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-aba95ed7ff gnome-online-accounts-3.18.4-1.fc23
0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a7c44257a0 breeze-icon-theme-5.19.0-1.fc23 extra-cmake-modules-5.19.0-1.fc23 kf5-5.19.0-1.fc23 kf5-attica-5.19.0-1.fc23 kf5-baloo-5.19.0-1.fc23 kf5-bluez-qt-5.19.0-1.fc23 kf5-frameworkintegration-5.19.0-1.fc23 kf5-kactivities-5.19.0-1.fc23 kf5-kapidox-5.19.0-1.fc23 kf5-karchive-5.19.0-1.fc23 kf5-kauth-5.19.0-1.fc23 kf5-kbookmarks-5.19.0-1.fc23 kf5-kcmutils-5.19.0-1.fc23 kf5-kcodecs-5.19.0-1.fc23 kf5-kcompletion-5.19.0-1.fc23 kf5-kconfig-5.19.0-1.fc23 kf5-kconfigwidgets-5.19.0-1.fc23 kf5-kcoreaddons-5.19.0-1.fc23 kf5-kcrash-5.19.0-1.fc23 kf5-kdbusaddons-5.19.0-1.fc23 kf5-kdeclarative-5.19.0-2.fc23 kf5-kded-5.19.0-1.fc23 kf5-kdelibs4support-5.19.0-1.fc23 kf5-kdesignerplugin-5.19.0-1.fc23 kf5-kdesu-5.19.0-1.fc23 kf5-kdewebkit-5.19.0-1.fc23 kf5-kdnssd-5.19.0-1.fc23 kf5-kdoctools-5.19.0-1.fc23 kf5-kemoticons-5.19.0-1.fc23 kf5-kfilemetadata-5.19.0-1.fc23 kf5-kglobalaccel-5.19.0-1.fc23 kf5-kguiaddons-5.19.0-1.fc23 kf5-khtml
-5.19.0-
1.fc23 kf5-ki18n-5.19.0-1.fc23 kf5-kiconthemes-5.19.0-1.fc23 kf5-kidletime-5.19.0-1.fc23 kf5-kimageformats-5.19.0-1.fc23 kf5-kinit-5.19.0-1.fc23 kf5-kio-5.19.0-1.fc23 kf5-kitemmodels-5.19.0-1.fc23 kf5-kitemviews-5.19.0-1.fc23 kf5-kjobwidgets-5.19.0-1.fc23 kf5-kjs-5.19.0-1.fc23 kf5-kjsembed-5.19.0-1.fc23 kf5-kmediaplayer-5.19.0-1.fc23 kf5-knewstuff-5.19.0-1.fc23 kf5-knotifications-5.19.0-1.fc23 kf5-knotifyconfig-5.19.0-1.fc23 kf5-kpackage-5.19.0-1.fc23 kf5-kparts-5.19.0-1.fc23 kf5-kpeople-5.19.0-1.fc23 kf5-kplotting-5.19.0-1.fc23 kf5-kpty-5.19.0-1.fc23 kf5-kross-5.19.0-1.fc23 kf5-krunner-5.19.0-1.fc23 kf5-kservice-5.19.0-1.fc23 kf5-ktexteditor-5.19.0-1.fc23 kf5-ktextwidgets-5.19.0-1.fc23 kf5-kunitconversion-5.19.0-1.fc23 kf5-kwallet-5.19.0-1.fc23 kf5-kwidgetsaddons-5.19.0-1.fc23 kf5-kwindowsystem-5.19.0-1.fc23 kf5-kxmlgui-5.19.0-1.fc23 kf5-kxmlrpcclient-5.19.0-1.fc23 kf5-modemmanager-qt-5.19.0-1.fc23 kf5-networkmanager-qt-5.19.0-1.fc23 kf5-plasma-5.19.0-2.fc23 kf5-solid-5.19.
0-1.fc23
kf5-sonnet-5.19.0-1.fc23 kf5-threadweaver-5.19.0-1.fc23 oxygen-icon-theme-5.19.0-3.fc23
0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7ccad9e603 kdepim-4.14.10-10.fc23 kdepim-runtime-4.14.10-6.fc23 kdepimlibs-4.14.10-8.fc23
The following builds have been pushed to Fedora 23 updates-testing
cachefilesd-0.10.9-1.fc23
catfish-1.3.4-1.fc23
eclipse-4.5.1-12.fc23
graphite2-1.3.5-1.fc23
htdig-3.2.0-0.23.b6.fc23
openqa-4.3-15.fc23
opensmtpd-5.7.3p2-1.fc23
perl-Parse-Gitignore-0.02-2.fc23
perl-Text-Fuzzy-0.24-3.fc23
python-funcsigs-0.4-2.fc23
python-pybeam-0.3.2-1.fc23
sayonara-0.8.2-1.20160214git.fc23
selinux-policy-3.13.1-158.7.fc23
spatialite-tools-4.3.0-9.fc23
sqlite-3.11.0-1.fc23
texlive-2014-19.20140525_r34255.fc23
vdr-epg-daemon-0.3.2-2.20160215gitbac34c9.fc23
Details about builds:
================================================================================
cachefilesd-0.10.9-1.fc23 (FEDORA-2016-eead0f3cc5)
CacheFiles user-space management daemon
--------------------------------------------------------------------------------
Update Information:
Update cachefilesd to interact with systemd in the correct way to change the
status of the cachefilesd during installation, fix the service file to refer to
/usr/sbin rather than /sbin and turn on build hardening (RELRO and PIE). ----
Suspend the scanning for cache objects that can be culled after a just completed
scan has turned up no usable candidates. This is typically due to the kernel
having all extant cache objects open and attached to network filesystem inodes.
With the aid of a kernel patch that is queued for 4.6, scanning will resume
when the cache has released sufficient objects or space to make it worth doing
another scan. If the kernel patch is not in place, this will be detected and
scanning will resume after 30 seconds. The thresholds for resumption when the
kernel patch is available can be configured in /etc/cachefilesd.conf. See the
manual page for that file.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #850053 - Introduce new systemd-rpm macros in cachefilesd spec file
https://bugzilla.redhat.com/show_bug.cgi?id=850053
[ 2 ] Bug #1301734 - cachefilesd spins in tight loop trying to cull empty cache
https://bugzilla.redhat.com/show_bug.cgi?id=1301734
--------------------------------------------------------------------------------
================================================================================
catfish-1.3.4-1.fc23 (FEDORA-2016-2780480426)
A handy file search tool
--------------------------------------------------------------------------------
Update Information:
New version 1.3.4 is released.
--------------------------------------------------------------------------------
================================================================================
eclipse-4.5.1-12.fc23 (FEDORA-2016-bfb1b334da)
An open, extensible IDE
--------------------------------------------------------------------------------
Update Information:
Fixes a crash in the webkit widget (seen in Eclipse web browser view and any SWT
application that uses the widget). Fixes testing framework to allow suites to
run to completion when PyDev is enabled.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1270612 - [abrt] java-1.8.0-openjdk-headless: signalHandler(): java killed by SIGABRT
https://bugzilla.redhat.com/show_bug.cgi?id=1270612
[ 2 ] Bug #1290685 - Can't run tests due to failure to correctly delete symlinks
https://bugzilla.redhat.com/show_bug.cgi?id=1290685
--------------------------------------------------------------------------------
================================================================================
graphite2-1.3.5-1.fc23 (FEDORA-2016-4154a4d0ba)
Font rendering capabilities for complex non-Roman writing systems
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2016-1521, CVE-2016-1522, CVE-2016-1523 and CVE-2016-1526
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1305806 - CVE-2016-1521 graphite2: Two out-of-bound read vulnerabilities triggered by crafted fonts [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1305806
[ 2 ] Bug #1308591 - CVE-2016-1526 graphite2: Out-of-bounds read vulnerability in TfUtil:LocaLookup [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1308591
[ 3 ] Bug #1305814 - CVE-2016-1523 graphite2: Heap-based buffer overflow in context item handling functionality [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1305814
[ 4 ] Bug #1305811 - CVE-2016-1522 graphite2: Null pointer dereference and out-of-bounds access vulnerabilities [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1305811
--------------------------------------------------------------------------------
================================================================================
htdig-3.2.0-0.23.b6.fc23 (FEDORA-2016-054e18a33d)
ht://Dig - Web search engine
--------------------------------------------------------------------------------
Update Information:
one bug fixed
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1230897 - RPM does not contain binary for htsearch
https://bugzilla.redhat.com/show_bug.cgi?id=1230897
--------------------------------------------------------------------------------
================================================================================
openqa-4.3-15.fc23 (FEDORA-2016-2f4ba2e1d3)
OS-level automated testing framework
--------------------------------------------------------------------------------
Update Information:
This update introduces openQA, an OS-level automated testing framework, to the
Fedora 23 repositories. Earlier builds of this package have already been in use
on the Fedora openQA installs - https://openqa.fedoraproject.org and
https://openqa.stg.fedoraproject.org - for some time.
--------------------------------------------------------------------------------
================================================================================
opensmtpd-5.7.3p2-1.fc23 (FEDORA-2016-58dde2301c)
Free implementation of the server-side SMTP protocol as defined by RFC 5321
--------------------------------------------------------------------------------
Update Information:
New release (5.7.3p2), fixing issue with OpenSSL API change.
https://github.com/OpenSMTPD/OpenSMTPD/issues/650#issuecomment-178120346
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1304134 - opensmtpd-5.7.3p2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1304134
--------------------------------------------------------------------------------
================================================================================
perl-Parse-Gitignore-0.02-2.fc23 (FEDORA-2016-8bb99cd844)
Parse a .gitignore file
--------------------------------------------------------------------------------
Update Information:
0.02 2016-02-04 - Testing problem resolved - Add "excludesfile" method 0.01
2016-02-03 - Initial version
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1305294 - Review Request: perl-Parse-Gitignore - Parse .gitignore files
https://bugzilla.redhat.com/show_bug.cgi?id=1305294
--------------------------------------------------------------------------------
================================================================================
perl-Text-Fuzzy-0.24-3.fc23 (FEDORA-2016-b9b25e2bf4)
Partial string matching using edit distances
--------------------------------------------------------------------------------
Update Information:
0.24 2015-11-06 * Array length underflow error * Documentation internal link
0.23 2015-11-05 * Minor documentation fixes * Fix for Windows and fuzzy_index
0.22 2015-10-19 * Minor documentation fixes 0.21 2015-10-19 * Documents
the undocumented fuzzy_index function * Fixes the return values for fuzzy_index
to make sense * Adds a simple test for fuzzy_index
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1305263 - Review Request: perl-Text-Fuzzy - Partial string matching using edit distances
https://bugzilla.redhat.com/show_bug.cgi?id=1305263
--------------------------------------------------------------------------------
================================================================================
python-funcsigs-0.4-2.fc23 (FEDORA-2016-38574b8369)
Python function signatures from PEP362 for Python 2.6, 2.7 and 3.2+
--------------------------------------------------------------------------------
Update Information:
This update introduces python2 and python3 packages for the `funcsigs` module.
--------------------------------------------------------------------------------
================================================================================
python-pybeam-0.3.2-1.fc23 (FEDORA-2016-a319fb7fff)
Python module to parse Erlang BEAM files
--------------------------------------------------------------------------------
Update Information:
* Initial build
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1308581 - Review Request: python-pybeam - Python module to parse Erlang BEAM files
https://bugzilla.redhat.com/show_bug.cgi?id=1308581
--------------------------------------------------------------------------------
================================================================================
sayonara-0.8.2-1.20160214git.fc23 (FEDORA-2016-d2ee68baea)
A lightweight Qt Audio player
--------------------------------------------------------------------------------
Update Information:
* Tue Feb 16 2016 Martin Gansser <martinkg(a)fedoraproject.org> -
0.8.2-1.20160214git - Update to 0.8.2
--------------------------------------------------------------------------------
================================================================================
selinux-policy-3.13.1-158.7.fc23 (FEDORA-2016-9ce8624a6c)
SELinux policy configuration
--------------------------------------------------------------------------------
Update Information:
This update contain new policy for lttng-sessiond, please be careful with karma.
More info: http://koji.fedoraproject.org/koji/buildinfo?buildID=736503
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1309235 - lttng-sessiond should be confined
https://bugzilla.redhat.com/show_bug.cgi?id=1309235
[ 2 ] Bug #1306819 - SELinux Prevents Mongodb from writing to syslog
https://bugzilla.redhat.com/show_bug.cgi?id=1306819
--------------------------------------------------------------------------------
================================================================================
spatialite-tools-4.3.0-9.fc23 (FEDORA-2016-990c070b19)
A set of useful CLI tools for SpatiaLite
--------------------------------------------------------------------------------
Update Information:
Update to the latest upstream version, with rebuilt spatialite-tools.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1288606 - Split library from binary to drop unnecessary dependencies.
https://bugzilla.redhat.com/show_bug.cgi?id=1288606
[ 2 ] Bug #1308765 - sqlite-3.11.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1308765
--------------------------------------------------------------------------------
================================================================================
sqlite-3.11.0-1.fc23 (FEDORA-2016-990c070b19)
Library that implements an embeddable SQL database engine
--------------------------------------------------------------------------------
Update Information:
Update to the latest upstream version, with rebuilt spatialite-tools.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1288606 - Split library from binary to drop unnecessary dependencies.
https://bugzilla.redhat.com/show_bug.cgi?id=1288606
[ 2 ] Bug #1308765 - sqlite-3.11.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1308765
--------------------------------------------------------------------------------
================================================================================
texlive-2014-19.20140525_r34255.fc23 (FEDORA-2016-0e583ec035)
TeX formatting system
--------------------------------------------------------------------------------
Update Information:
Fixed issue with thumbpdf not working with PDFs without streams (new default).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1305887 - thumbpdf fails with unrecoverable error
https://bugzilla.redhat.com/show_bug.cgi?id=1305887
--------------------------------------------------------------------------------
================================================================================
vdr-epg-daemon-0.3.2-2.20160215gitbac34c9.fc23 (FEDORA-2016-1240b94bbf)
A daemon to download EPG data from internet and manage it in a mysql database
--------------------------------------------------------------------------------
Update Information:
* Wed Feb 17 2016 Martin Gansser <martinkg(a)fedoraproject.org> -
0.3.2-2.20160215gitbac34c9 - rebuild for new git release - dropped
%%{name}-0.3.0-variable-overflow.patch * Mon Feb 15 2016 Martin Gansser
<martinkg(a)fedoraproject.org> - 0.3.2-1 - Update to 0.3.2 - Dropped
%%{name}-0.3.0-variable-overflow.patch * Wed Feb 10 2016 Martin Gansser
<martinkg(a)fedoraproject.org> - 0.3.0-1 - Update to 0.3.0 - moved
%%{name}-makefile.patch to %%{name}-0.3.0-makefile.patch - added %%{name}-0.3.0
-variable-overflow.patch
--------------------------------------------------------------------------------
I decided this morning (no idea why) to follow up on people saying "do
not use the NVIDIA driver with Rawhide, just use Nouveau". So I
uninstalled the NVIDIA driver, manually removed all the detritus the
uninstaller just leaves behind, undid the blacklisting of nouveau,
rebooted, created a new initramfs using dracut, and rebooted.
The nouveau driver loads and everything seems fine, except that GDM
doesn't do anything.
I am clearly missing something very simple, has anyone any possible
suggestions?
--
Russel.
=============================================================================
Dr Russel Winder t: +44 20 7585 2200 voip: sip:russel.winder@ekiga.net
41 Buckmaster Road m: +44 7770 465 077 xmpp: russel(a)winder.org.uk
London SW11 1EN, UK w: www.russel.org.uk skype: russel_winder