The following Fedora 23 Security updates need testing: Age URL 155 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23 113 https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe miniupnpc-1.9-6.fc23 86 https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324 jbig2dec-0.12-2.fc23 37 https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1 python-pymongo-3.0.3-1.fc23 36 https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8 thttpd-2.25b-37.fc23 25 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a69ee02554 xulrunner-44.0-1.fc23 22 https://bodhi.fedoraproject.org/updates/FEDORA-2016-97002ad37b rubygem-actionview-4.2.3-3.fc23 22 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f486068393 rubygem-actionpack-4.2.3-4.fc23 21 https://bodhi.fedoraproject.org/updates/FEDORA-2016-eb4d6e8aab rubygem-activemodel-4.2.3-2.fc23 21 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3ede04cd79 rubygem-activesupport-4.2.3-3.fc23 21 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cc465a34df rubygem-activerecord-4.2.3-2.fc23 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-59ce8b61dd rubygem-rails-html-sanitizer-1.0.3-1.fc23 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-40401300ed 389-ds-base-1.3.4.8-1.fc23 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-65a1f22818 community-mysql-5.6.29-1.fc23 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-94b0b50351 gummi-0.6.6-1.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ba6fd98830 jabberd-2.3.3-7.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-65b7608d8b okhttp-2.7.4-1.fc23 okio-1.6.0-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e48f4bd14f xen-4.5.2-8.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-637618fcd4 mingw-nsis-2.50-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ec8b4ce774 kernel-4.4.2-300.fc23
The following Fedora 23 Critical Path updates have yet to be approved: Age URL 25 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a69ee02554 xulrunner-44.0-1.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-054e18a33d htdig-3.2.0-0.23.b6.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9ce8624a6c selinux-policy-3.13.1-158.7.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8dde5e377c lxsession-0.5.2-8.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ec8b4ce774 kernel-4.4.2-300.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2400dcd3d1 virtuoso-opensource-6.1.6-10.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e7e8a7d33a gnupg2-2.1.11-1.fc23
The following builds have been pushed to Fedora 23 updates-testing
0install-2.11-1.fc23 bwm-ng-0.6.1-2.fc23 cross-binutils-2.26-6.fc23 docker-1.10.2-1.git86e59a5.fc23 dtv-scan-tables-1-1.20160106git9d6094a7c41e.fc23 easytag-2.4.2-1.fc23 gambit-c-4.8.4-1.fc23 gnupg2-2.1.11-1.fc23 mkvtoolnix-8.9.0-1.fc23 nmh-1.6-6.fc23 perl-DBD-SQLite-1.48-4.fc23 perl-Module-CoreList-5.20160121-1.fc23 perl-MooseX-App-1.34-1.fc23 pgadmin3-1.22.1-1.fc23 php-mock-1.0.1-2.fc23 php-nette-2.3.9-1.fc23 php-nette-caching-2.3.5-1.fc23 php-tracy-2.3.9-1.fc23 postfix-3.0.4-1.fc23 rebase-helper-0.7.1-1.fc23 roxterm-3.3.2-1.fc23 salt-2015.5.9-4.fc23 shogun-4.1.0-1.fc23 shogun-data-0.10-1.fc23 yad-0.34.0-1.fc23
Details about builds:
================================================================================ 0install-2.11-1.fc23 (FEDORA-2016-7d842c8284) A decentralized cross-distribution software installation system -------------------------------------------------------------------------------- Update Information:
- Upstream update to 2.11. - Exclude ppc64le and ppc --------------------------------------------------------------------------------
================================================================================ bwm-ng-0.6.1-2.fc23 (FEDORA-2016-9f76cf19e6) Bandwidth Monitor NG -------------------------------------------------------------------------------- Update Information:
New upstream release removing the dependency on libstatgrab. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1308798 - Please update to v0.6.1 https://bugzilla.redhat.com/show_bug.cgi?id=1308798 --------------------------------------------------------------------------------
================================================================================ cross-binutils-2.26-6.fc23 (FEDORA-2016-48f4d42d63) A GNU collection of cross-compilation binary utilities -------------------------------------------------------------------------------- Update Information:
Update to binutils-2.26-12. This brings with it plugin support which permits this binutils to be used with LTO support from current cross-gcc. ---- Update to latest binutils package and fix the bits that cause compilation failures with gcc-6. Further, drop sh-elf support from the SH binutils to solve the problem with binutils being unable to determine whether to use the elf32-sh-linux or the elf32-shl format to decode a binary (#1296814). -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1296814 - sh binutils: Matching formats: elf32-sh-linux elf32-shl https://bugzilla.redhat.com/show_bug.cgi?id=1296814 --------------------------------------------------------------------------------
================================================================================ docker-1.10.2-1.git86e59a5.fc23 (FEDORA-2016-f9d972be2c) Automates deployment of containerized applications -------------------------------------------------------------------------------- Update Information:
built docker @projectatomic/fedora-1.10.2 commit#86e59a5 ---- rebuilt with seccomp enabled ---- built docker @projectatomic/fedora-1.10.1 commit#6c71d8f ---- built docker @projectatomic/fedora-1.10.1 commit#6c71d8f ---- rebuilt, no change -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1289851 - Docker.service does not require docker.socket which can lead to Docker crash when docker.sock is host mounted https://bugzilla.redhat.com/show_bug.cgi?id=1289851 [ 2 ] Bug #1254694 - "man docker-login" incorrectly claims that you can "docker login" to Docker Hub as non-root user https://bugzilla.redhat.com/show_bug.cgi?id=1254694 --------------------------------------------------------------------------------
================================================================================ dtv-scan-tables-1-1.20160106git9d6094a7c41e.fc23 (FEDORA-2016-fc3d90e4ba) Digital TV scan tables -------------------------------------------------------------------------------- Update Information:
Update DTV channel tables to sync with upstream additions -------------------------------------------------------------------------------- ChangeLog:
* Sun Feb 21 2016 Mauro Carvalho Chehab m.chehab@samsung.com - 1-1.20160106git9d6094a7c41e - Update to the latest release * Wed Jan 6 2016 Ville Skytt�� ville.skytta@iki.fi - 1-3.20151108gitfe6079b60c6b - Update to 2015-11-08-fe6079b60c6b, ship COPYING* as %license --------------------------------------------------------------------------------
================================================================================ easytag-2.4.2-1.fc23 (FEDORA-2016-2a764dcf9f) Tag editor for MP3, Ogg, FLAC and other music files -------------------------------------------------------------------------------- Update Information:
Update to 2.4.2 --------------------------------------------------------------------------------
================================================================================ gambit-c-4.8.4-1.fc23 (FEDORA-2016-e959d30112) Scheme programming system -------------------------------------------------------------------------------- Update Information:
Update to latest upstream release. Temporarily not available on ARMv7HL due to a bug in displaying scientific notation numbers (#1310438) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1307519 - gambit-c: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1307519 [ 2 ] Bug #1267410 - gambit-c-v4.8.4-bootstrap is available https://bugzilla.redhat.com/show_bug.cgi?id=1267410 --------------------------------------------------------------------------------
================================================================================ gnupg2-2.1.11-1.fc23 (FEDORA-2016-e7e8a7d33a) Utility for secure communication and data storage -------------------------------------------------------------------------------- Update Information:
New upstream release fixing minor bugs and adding enhancements. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1193725 - gnupg2-2.1.x keyring conversions sometimes fail https://bugzilla.redhat.com/show_bug.cgi?id=1193725 --------------------------------------------------------------------------------
================================================================================ mkvtoolnix-8.9.0-1.fc23 (FEDORA-2016-4c87a9e11f) Matroska container manipulation utilities -------------------------------------------------------------------------------- Update Information:
* MKVToolNix GUI: the default font size adjustment has been deactivated for the time being as it causes problems on high DPI displays. See #1602. * MKVToolNix GUI: bug fix: ampersands (&) in file names were shown as keyboard shortcuts in tab titles in various tools (merge tool, chapter and header editors, job output tool). Fixes #1603. * MKVToolNix GUI: header editor enhancement: when the user drags & drops files on an open header editor tab the GUI will ask the user what to do with them: either open the files as new header editor tabs or add the files as new attachments to the current tab. The action can also be set as the default. Implements #1585. * MKVToolNix GUI: chapter & header editor enhancement: Matroska files are initially opened in read-only mode and only later re-opened in read/write mode in order to enable reading from write- protected files. Part of the implementation of #1594. * MKVToolNix GUI: chapter & header enhancement: the error messages shown when a Matroska file could not be parsed have been improved to include the most likely reasons. Part of the implementation of #1594. * MKVToolNix GUI: chapter editor enhancement: added a menu entry for removing chapters from an existing Matroska file. Inspired by #1593. * MKVToolNix GUI: chapter editor enhancement: it is now possible to save chapters to Matroska files after having removed all entries (editions and chapter atoms). This effectively removes the chapters from the file. Implements #1593. * MKVToolNix GUI: job queue enhancement: added keyboard shortcuts for removing all completed jobs and for removing successfully completed jobs. Implements #1599. * MKVToolNix GUI: merge tool enhancement: added icons to the context menu actions in the "attachments" sub-tab. Implements #1596. * MKVToolNix GUI: merge tool enhancement: made the context menu entries in the "attachments" sub-tab clearer. Implements #1597. * mkvmerge: bug fix: fixed the handling of AVIs with a negative video height (which signals that the rows are arranged top-to-bottom). * MKVToolNix GUI: job queue bug fix: fixed an invalid memory access in the "edit in corresponding tool and remove from queue" functionality. * MKVToolNix GUI: re-write, merge tool bug fix: the file identification is now based on mkvmerge's JSON output instead of its verbose output. This also fixes the merge tool not showing names of attachments inside Matroska files properly if those names contain spaces (#1583). * MKVToolNix GUI: merge tool bug fix: the "mux this" combo box was disabled if a single attachment was selected. * mkvmerge: bug fix: removed spurious output generated during file identification in the HEVC detection code (e.g. "Error No Error"). * mkvmerge: bug fix: fixed the output of the "playlist_file" and "other_file" properties of the "container" entity in the JSON identification format from a single string to an array of strings. The format version has been bumped to 3 due to this change. * docs: added a Polish translation of the man pages by Daniel Kluz (see AUTHORS). * MKVToolNix GUI: "run program after XYZ" enhancement: configurations can now be deactivated without having to change them. Implements #1581. * mkvmerge: bug fix: fixed parsing of AAC in MP4 with a program config element with an empty comment field at the end of the GA specific config. Fixes #1578. * mkvmerge: enhancement: when reading Matroska files created by HandBrake that contain chapters the existing edition UIDs and chapter UIDs are removed and random ones created. This is necessary as HandBrake assigns sequential numbers starting at 1 for each file. Therefore there are two chapter entries with the UID 1, two with the UID 2 etc. and those should, strictly speaking, be treated as if they were a single chapter whereas the user expects those entries to stay separate entries. Implements an improvement for issues such as #1561. * MKVToolNix GUI: merge tool bug fix: the GUI no longer requires at least one source file to be present before muxing can start in order to allow creation of track-less files. Fixes #1576. * MKVToolNix GUI: enhancement: the "escape for Windows' cmd.exe" mechanism will only escape arguments that actually need escaping in order to produce easier to read command lines. * mkvmerge: QuickTime/MP4 reader: fix a division by zero in the index generation for certain old audio codecs that have certain header fields (bytes_per_frame, samples_per_packet) set to 0. * mkvinfo: bug fix: global elements (EBML void and CRC-32 elements) are now handled correctly if they're located inside the segment info or the chapter translate parents. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1310480 - mkvtoolnix-8.9.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1310480 --------------------------------------------------------------------------------
================================================================================ nmh-1.6-6.fc23 (FEDORA-2016-364d084d97) A capable mail handling system with a command line interface -------------------------------------------------------------------------------- Update Information:
Added build dependency on w3m, and changed Requires to be on that package. --------------------------------------------------------------------------------
================================================================================ perl-DBD-SQLite-1.48-4.fc23 (FEDORA-2016-0e67ba6792) SQLite DBI Driver -------------------------------------------------------------------------------- Update Information:
This release adapts to disabled FTS3 tokenizer in sqlite-3.11.0. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1309675 - perl-DBD-SQLite-1.50-1.fc24 FTBFS: t/43_fts3.t test fails https://bugzilla.redhat.com/show_bug.cgi?id=1309675 --------------------------------------------------------------------------------
================================================================================ perl-Module-CoreList-5.20160121-1.fc23 (FEDORA-2016-4753d509c1) What modules are shipped with versions of perl -------------------------------------------------------------------------------- Update Information:
This release provides data for perl 5.23.8. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1310412 - perl-Module-CoreList-5.20160121 is available https://bugzilla.redhat.com/show_bug.cgi?id=1310412 --------------------------------------------------------------------------------
================================================================================ perl-MooseX-App-1.34-1.fc23 (FEDORA-2016-ff70e06a4c) Write user-friendly command line apps with even less suffering -------------------------------------------------------------------------------- Update Information:
A new version of MooseX-App is available. See http://cpansearch.perl.org/src/MAROS/MooseX-App-1.34/Changes for the summary of changes in this release. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1310479 - perl-MooseX-App-1.34 is available https://bugzilla.redhat.com/show_bug.cgi?id=1310479 --------------------------------------------------------------------------------
================================================================================ pgadmin3-1.22.1-1.fc23 (FEDORA-2016-390ea81769) Graphical client for PostgreSQL -------------------------------------------------------------------------------- Update Information:
Update to 1.22.1 --------------------------------------------------------------------------------
================================================================================ php-mock-1.0.1-2.fc23 (FEDORA-2016-e1c6e043cf) PHP-Mock can mock built-in PHP functions -------------------------------------------------------------------------------- Update Information:
PHP-Mock can mock built-in PHP functions (e.g. time()). PHP-Mock relies on PHP's namespace fallback policy. No further extension is needed. Autoloader: /usr/share/php/phpmock/autoload.php -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1306968 - Review Request: php-mock - PHP-Mock can mock built-in PHP functions https://bugzilla.redhat.com/show_bug.cgi?id=1306968 --------------------------------------------------------------------------------
================================================================================ php-nette-2.3.9-1.fc23 (FEDORA-2016-ab6c547355) Nette Framework -------------------------------------------------------------------------------- Update Information:
Nette Framework is a popular tool for PHP web development It is designed to be as usable and as friendly as possible. It focuses on security and performance and is definitely one of the safest PHP frameworks. Nette Framework speaks your language and helps you to easily build better websites. Cache accelerates your application by storing data, once hardly retrieved, for future use. To use this library, you just have to add, in your project: require_once '/usr/share/php/Nette/autoload.php'; -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1277484 - Review Request: php-nette - Nette Framework https://bugzilla.redhat.com/show_bug.cgi?id=1277484 --------------------------------------------------------------------------------
================================================================================ php-nette-caching-2.3.5-1.fc23 (FEDORA-2016-63a186bf54) Nette Caching Component -------------------------------------------------------------------------------- Update Information:
**Released version 2.3.5** * added NewMemcachedStorage using memcached extension #38 * CacheMacro: better error message --------------------------------------------------------------------------------
================================================================================ php-tracy-2.3.9-1.fc23 (FEDORA-2016-e976b3feff) Tracy: useful PHP debugger -------------------------------------------------------------------------------- Update Information:
**Released version 2.3.9** * bar.js: MouseEvent.buttons is not supported by Safari #134 * Dumper: support for general object exporter which is called for every object * Dumper: object exporters are called in order from most specific to general * Debugger: removes output buffer for Bar, Bluescreen and production error. It decides whether clean or flush output buffers. * Dumper: variable term=xterm-256color enables colors ---- **Released version 2.3.8** * added Debugger::$showBar, can disable debug bar #132 #83 #82 * Bluescreen: link to google opens in new window * Bar: add xdebug version to info panel * Dumper::encodeString() is independent on iconv #126 * Dumper: fixed dumping INF in PHP 7.0.2 --------------------------------------------------------------------------------
================================================================================ postfix-3.0.4-1.fc23 (FEDORA-2016-ee114777ec) Postfix Mail Transport Agent -------------------------------------------------------------------------------- Update Information:
This is new version of postfix, minor bugfix release, for details see upstream announcement: -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1310481 - postfix-3.0.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1310481 --------------------------------------------------------------------------------
================================================================================ rebase-helper-0.7.1-1.fc23 (FEDORA-2016-6de00f0e68) The tool which helps you with rebase package -------------------------------------------------------------------------------- Update Information:
New upstream version 0.7.1 (#1310640) ---- new upstream release 0.7.0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1310640 - rebase-helper-0.7.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1310640 [ 2 ] Bug #1298403 - rebase-helper-0.7.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1298403 --------------------------------------------------------------------------------
================================================================================ roxterm-3.3.2-1.fc23 (FEDORA-2016-40c7315bf3) A fast terminal emulator -------------------------------------------------------------------------------- Update Information:
== Version 3.3.2 == * Document shortcuts quirk re Debian bug #809719 * Fade text and bg colour labels along with buttons * Update New Window/Tab With Profile submenus (bug #121) * Fixed ssh port number in config ui (bug #120) * Fixed configure --disable-nls == Version 3.3.1 == * Only warn about closing shells with child procs * Fixed colour palette radio grouping * Don't recalculate size in "window-resize" handler * Use new vte API for checking URL matches == Version 3.2.1 == * Use vte 0.40's new word chars API --------------------------------------------------------------------------------
================================================================================ salt-2015.5.9-4.fc23 (FEDORA-2016-04fd54c536) A parallel remote execution system -------------------------------------------------------------------------------- Update Information:
Updated dnf patch ---- Corrected Requires for salt-syndic package --------------------------------------------------------------------------------
================================================================================ shogun-4.1.0-1.fc23 (FEDORA-2016-e2fbe00070) Large Scale Machine Learning Toolbox -------------------------------------------------------------------------------- Update Information:
* new upstream release (#1306079) * fix build/testsuite with gcc 6.0.0 (#1308270) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1308270 - shogun: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1308270 [ 2 ] Bug #1306079 - shogun-4.1.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1306079 --------------------------------------------------------------------------------
================================================================================ shogun-data-0.10-1.fc23 (FEDORA-2016-e2fbe00070) Data-files for the SHOGUN machine learning toolbox -------------------------------------------------------------------------------- Update Information:
* new upstream release (#1306079) * fix build/testsuite with gcc 6.0.0 (#1308270) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1308270 - shogun: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1308270 [ 2 ] Bug #1306079 - shogun-4.1.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1306079 --------------------------------------------------------------------------------
================================================================================ yad-0.34.0-1.fc23 (FEDORA-2016-4f6cd157d0) Display graphical dialogs from shell scripts or command line -------------------------------------------------------------------------------- Update Information:
update to 0.34.0 ---- Update to yad-0.33.1 ---- update to 0.33.0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1310485 - yad-0.34.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1310485 [ 2 ] Bug #1297601 - yad-0.33.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1297601 [ 3 ] Bug #1296780 - yad-0.33.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1296780 --------------------------------------------------------------------------------