The following Fedora 23 Security updates need testing:
Age URL
451
https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23
409
https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe
miniupnpc-1.9-6.fc23
382
https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324
jbig2dec-0.12-2.fc23
332
https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1
python-pymongo-3.0.3-1.fc23
332
https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8
thttpd-2.25b-37.fc23
128
https://bodhi.fedoraproject.org/updates/FEDORA-2016-c2ec9c716e redis-3.2.3-1.fc23
121
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d6288f555c
libarchive-3.2.1-3.fc23 python-libarchive-c-2.5-1.fc23
105
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b3a6435b14
dhcpcd-6.11.3-1.fc23
70
https://bodhi.fedoraproject.org/updates/FEDORA-2016-1649cc31e0
ca-certificates-2016.2.10-1.0.fc23
62
https://bodhi.fedoraproject.org/updates/FEDORA-2016-17ea599651
compat-guile18-1.8.8-14.fc23
47
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b89e991e63
nodejs-0.10.48-1.fc23
37
https://bodhi.fedoraproject.org/updates/FEDORA-2016-272fa6b96e dracut-043-67.fc23
25
https://bodhi.fedoraproject.org/updates/FEDORA-2016-5afe06026b
jenkins-1.625.3-5.fc23 jenkins-remoting-2.62.3-1.fc23
13
https://bodhi.fedoraproject.org/updates/FEDORA-2016-bf6c3ea62c
perl-DBD-MySQL-4.033-4.fc23
11
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a400e4cd90
thunderbird-45.5.1-1.fc23
9
https://bodhi.fedoraproject.org/updates/FEDORA-2016-30077d1b37
ipsilon-2.0.2-2.fc23
8
https://bodhi.fedoraproject.org/updates/FEDORA-2016-3c01772ff6
httpd-2.4.23-5.fc23
8
https://bodhi.fedoraproject.org/updates/FEDORA-2016-cad9307ce0 gd-2.1.1-11.fc23
8
https://bodhi.fedoraproject.org/updates/FEDORA-2016-7eea952041
golang-1.5.4-5.fc23
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-570c603276
openjpeg2-2.1.2-2.fc23
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-5f5d42d2d8
mingw-openjpeg2-2.1.2-2.fc23
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-ad82c71a1b
dovecot-2.2.27-1.fc23
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-98aed7ae50
libgsf-1.14.33-3.fc23
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-cc2916dcf4 xen-4.5.5-5.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-8a0533d057
firewalld-0.4.4.2-2.fc23 selinux-policy-3.13.1-158.25.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-1b64186cbd
botan-1.10.14-3.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b69734181b
kernel-4.8.14-100.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b0dcb9cab6
chromium-55.0.2883.87-1.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-85eae56259
firefox-50.1.0-1.fc23
The following Fedora 23 Critical Path updates have yet to be approved:
Age URL
148
https://bodhi.fedoraproject.org/updates/FEDORA-2016-98a7a1b6e0 abrt-2.8.0-6.fc23
libreport-2.6.4-3.fc23
121
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d6288f555c
libarchive-3.2.1-3.fc23 python-libarchive-c-2.5-1.fc23
82
https://bodhi.fedoraproject.org/updates/FEDORA-2016-79072fd70e
python-virtkey-0.63.0-1.fc23
75
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d26923757a
koji-1.10.1-13.fc23
70
https://bodhi.fedoraproject.org/updates/FEDORA-2016-1649cc31e0
ca-certificates-2016.2.10-1.0.fc23
54
https://bodhi.fedoraproject.org/updates/FEDORA-2016-86a2119f42 nspr-4.13.1-1.fc23
39
https://bodhi.fedoraproject.org/updates/FEDORA-2016-0906f64ec8 rpm-4.13.0-1.fc23
37
https://bodhi.fedoraproject.org/updates/FEDORA-2016-272fa6b96e dracut-043-67.fc23
27
https://bodhi.fedoraproject.org/updates/FEDORA-2016-03d76071b6
nss-3.27.0-1.3.fc23
13
https://bodhi.fedoraproject.org/updates/FEDORA-2016-bf6c3ea62c
perl-DBD-MySQL-4.033-4.fc23
11
https://bodhi.fedoraproject.org/updates/FEDORA-2016-6064f86234 vim-8.0.118-1.fc23
11
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a400e4cd90
thunderbird-45.5.1-1.fc23
8
https://bodhi.fedoraproject.org/updates/FEDORA-2016-cad9307ce0 gd-2.1.1-11.fc23
8
https://bodhi.fedoraproject.org/updates/FEDORA-2016-3c01772ff6
httpd-2.4.23-5.fc23
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-09abe47360
boost-1.58.0-12.fc23
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-6ecaf251f6
poppler-data-0.4.7-5.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-8a0533d057
firewalld-0.4.4.2-2.fc23 selinux-policy-3.13.1-158.25.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-85eae56259
firefox-50.1.0-1.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b69734181b
kernel-4.8.14-100.fc23
The following builds have been pushed to Fedora 23 updates-testing
awscli-1.11.28-2.fc23
chromium-55.0.2883.87-1.fc23
clufter-0.59.7-1.fc23
firefox-50.1.0-1.fc23
kernel-4.8.14-100.fc23
mariadb-10.0.28-2.fc23
opendmarc-1.3.2-0.10.fc23
python-boto-2.44.0-1.fc23
sssd-1.14.2-2.fc23
strace-4.15-1.fc23
tomboy-1.15.6-1.fc23
Details about builds:
================================================================================
awscli-1.11.28-2.fc23 (FEDORA-2016-cad3dd7c2f)
Universal Command Line Environment for AWS
--------------------------------------------------------------------------------
Update Information:
Fix pyyaml dependency
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1404255 - awscli requires python3-PyYAML
https://bugzilla.redhat.com/show_bug.cgi?id=1404255
--------------------------------------------------------------------------------
================================================================================
chromium-55.0.2883.87-1.fc23 (FEDORA-2016-b0dcb9cab6)
A WebKit (Blink) powered web browser
--------------------------------------------------------------------------------
Update Information:
Update to Chromium 55. Security fix for CVE-2016-5199, CVE-2016-5200,
CVE-2016-5201, CVE-2016-5202, CVE-2016-9651, CVE-2016-5208, CVE-2016-5207,
CVE-2016-5206, CVE-2016-5205, CVE-2016-5204, CVE-2016-5209, CVE-2016-5203,
CVE-2016-5210, CVE-2016-5212, CVE-2016-5211, CVE-2016-5213, CVE-2016-5214,
CVE-2016-5216, CVE-2016-5215, CVE-2016-5217, CVE-2016-5218, CVE-2016-5219,
CVE-2016-5221, CVE-2016-5220, CVE-2016-5222, CVE-2016-9650, CVE-2016-5223,
CVE-2016-5226, CVE-2016-5225, CVE-2016-5224, CVE-2016-9652
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1393734 - CVE-2016-5202 chromium-browser: various fixes from internal audits
https://bugzilla.redhat.com/show_bug.cgi?id=1393734
[ 2 ] Bug #1393733 - CVE-2016-5201 chromium-browser: info leak in extensions
https://bugzilla.redhat.com/show_bug.cgi?id=1393733
[ 3 ] Bug #1393732 - CVE-2016-5200 chromium-browser: out of bounds memory access in v8
https://bugzilla.redhat.com/show_bug.cgi?id=1393732
[ 4 ] Bug #1393731 - CVE-2016-5199 chromium-browser: heap corruption in ffmpeg
https://bugzilla.redhat.com/show_bug.cgi?id=1393731
[ 5 ] Bug #1400879 - CVE-2016-9652 chromium-browser: various fixes from internal audits
https://bugzilla.redhat.com/show_bug.cgi?id=1400879
[ 6 ] Bug #1400878 - CVE-2016-5224 chromium-browser: same-origin bypass in svg
https://bugzilla.redhat.com/show_bug.cgi?id=1400878
[ 7 ] Bug #1400877 - CVE-2016-5225 chromium-browser: csp bypass in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1400877
[ 8 ] Bug #1400876 - CVE-2016-5226 chromium-browser: limited xss in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1400876
[ 9 ] Bug #1400875 - CVE-2016-5223 chromium-browser: integer overflow in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1400875
[ 10 ] Bug #1400873 - CVE-2016-9650 chromium-browser: csp referrer disclosure
https://bugzilla.redhat.com/show_bug.cgi?id=1400873
[ 11 ] Bug #1400872 - CVE-2016-5222 chromium-browser: address spoofing in omnibox
https://bugzilla.redhat.com/show_bug.cgi?id=1400872
[ 12 ] Bug #1400871 - CVE-2016-5220 chromium-browser: local file access in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1400871
[ 13 ] Bug #1400870 - CVE-2016-5221 chromium-browser: integer overflow in angle
https://bugzilla.redhat.com/show_bug.cgi?id=1400870
[ 14 ] Bug #1400869 - CVE-2016-5219 chromium-browser: use after free in v8
https://bugzilla.redhat.com/show_bug.cgi?id=1400869
[ 15 ] Bug #1400868 - CVE-2016-5218 chromium-browser: address spoofing in omnibox
https://bugzilla.redhat.com/show_bug.cgi?id=1400868
[ 16 ] Bug #1400867 - CVE-2016-5217 chromium-browser: use of unvalidated data in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1400867
[ 17 ] Bug #1400866 - CVE-2016-5215 chromium-browser: use after free in webaudio
https://bugzilla.redhat.com/show_bug.cgi?id=1400866
[ 18 ] Bug #1400865 - CVE-2016-5216 chromium-browser: use after free in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1400865
[ 19 ] Bug #1400864 - CVE-2016-5214 chromium-browser: file download protection bypass
https://bugzilla.redhat.com/show_bug.cgi?id=1400864
[ 20 ] Bug #1400863 - CVE-2016-5213 chromium-browser: use after free in v8
https://bugzilla.redhat.com/show_bug.cgi?id=1400863
[ 21 ] Bug #1400862 - CVE-2016-5211 chromium-browser: use after free in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1400862
[ 22 ] Bug #1400861 - CVE-2016-5212 chromium-browser: local file disclosure in devtools
https://bugzilla.redhat.com/show_bug.cgi?id=1400861
[ 23 ] Bug #1400859 - CVE-2016-5210 chromium-browser: out of bounds write in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1400859
[ 24 ] Bug #1400857 - CVE-2016-5203 chromium-browser: use after free in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1400857
[ 25 ] Bug #1400856 - CVE-2016-5209 chromium-browser: out of bounds write in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1400856
[ 26 ] Bug #1400855 - CVE-2016-5204 chromium-browser: universal xss in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1400855
[ 27 ] Bug #1400854 - CVE-2016-5205 chromium-browser: universal xss in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1400854
[ 28 ] Bug #1400853 - CVE-2016-5206 chromium-browser: same-origin bypass in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1400853
[ 29 ] Bug #1400852 - CVE-2016-5207 chromium-browser: universal xss in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1400852
[ 30 ] Bug #1400851 - CVE-2016-5208 chromium-browser: universal xss in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1400851
[ 31 ] Bug #1400850 - CVE-2016-9651 chromium-browser: private property access in v8
https://bugzilla.redhat.com/show_bug.cgi?id=1400850
--------------------------------------------------------------------------------
================================================================================
clufter-0.59.7-1.fc23 (FEDORA-2016-b55c0632be)
Tool/library for transforming/analyzing cluster configuration formats
--------------------------------------------------------------------------------
Update Information:
- bump upstream package, see
https://github.com/jnpkrn/clufter/releases/tag/v0.59.7
--------------------------------------------------------------------------------
================================================================================
firefox-50.1.0-1.fc23 (FEDORA-2016-85eae56259)
Mozilla Firefox Web browser
--------------------------------------------------------------------------------
Update Information:
- update to the new upstream version (50.1.0) - fixed X Window crashes
(mozbz#1271100)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1403420 - firefox crashes with Gdk-ERROR BadAccess
https://bugzilla.redhat.com/show_bug.cgi?id=1403420
--------------------------------------------------------------------------------
================================================================================
kernel-4.8.14-100.fc23 (FEDORA-2016-b69734181b)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
The 4.8.14 stable kernel update contains a number of important fixes across the
tree.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1403833 - CVE-2016-8399 kernel: net: Out of bounds stack read in
memcpy_fromiovec
https://bugzilla.redhat.com/show_bug.cgi?id=1403833
--------------------------------------------------------------------------------
================================================================================
mariadb-10.0.28-2.fc23 (FEDORA-2016-05ad83ca82)
A community developed branch of MySQL
--------------------------------------------------------------------------------
Update Information:
Last update before Fedora 23 EOL.
--------------------------------------------------------------------------------
================================================================================
opendmarc-1.3.2-0.10.fc23 (FEDORA-2016-e94f822499)
A Domain-based Message Authentication, Reporting & Conformance (DMARC) milter and
library
--------------------------------------------------------------------------------
Update Information:
This update fixes a bug that would cause opendmarc to crash soon after starting
up. See [RHBZ #1398444](https://bugzilla.redhat.com/show_bug.cgi?id=1398444) and
upstream [#185](https://sourceforge.net/p/opendmarc/tickets/185/). It also
includes many other bug fixes from Juri Haberland's [tracking
page](http://batleth.sapienti-sat.org/projects/opendmarc/). ---- Fixed path in
import-stats patch ---- Updating to 1.3.2.Beta0 release, in anticipation of
full release. This version incorporates a number of patches since the 1.3.1
release. See:
https://sourceforge.net/p/opendmarc/activity/
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1398444 - [abrt] opendmarc: mlfi_connect(): opendmarc killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1398444
[ 2 ] Bug #1293279 - opendkim miss LDAP support
https://bugzilla.redhat.com/show_bug.cgi?id=1293279
[ 3 ] Bug #1287176 - OpenDMARC does not accept valid mail size limiting syntax in DMARC
record
https://bugzilla.redhat.com/show_bug.cgi?id=1287176
[ 4 ] Bug #1331971 - wrong result with self SPF check
https://bugzilla.redhat.com/show_bug.cgi?id=1331971
[ 5 ] Bug #1332521 - opendmarc always adds spf=pass
https://bugzilla.redhat.com/show_bug.cgi?id=1332521
--------------------------------------------------------------------------------
================================================================================
python-boto-2.44.0-1.fc23 (FEDORA-2016-378a043317)
A simple, lightweight interface to Amazon Web Services
--------------------------------------------------------------------------------
Update Information:
This update adds support for AWS's new `ca-central-1` region in Montr��al,
Canada.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1403362 - Update boto 2 package to version 2.44.0 to support AWS ca-central-1
(Montreal) region
https://bugzilla.redhat.com/show_bug.cgi?id=1403362
--------------------------------------------------------------------------------
================================================================================
sssd-1.14.2-2.fc23 (FEDORA-2016-b0d27da617)
System Security Services Daemon
--------------------------------------------------------------------------------
Update Information:
- rhbz#1369130 - nss_sss should not link against libpthread - rhbz#1392916 -
sssd failes to start after updat - rhbz#1398789 - SELinux is preventing sssd
from 'write' accessess on the directory /etc/sssd
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1398789 - SELinux is preventing sssd from 'write' accesses on the
directory /etc/sssd.
https://bugzilla.redhat.com/show_bug.cgi?id=1398789
[ 2 ] Bug #1392916 - sssd failes to start after update
https://bugzilla.redhat.com/show_bug.cgi?id=1392916
[ 3 ] Bug #1369130 - nss_sss should not link against libpthread
https://bugzilla.redhat.com/show_bug.cgi?id=1369130
--------------------------------------------------------------------------------
================================================================================
strace-4.15-1.fc23 (FEDORA-2016-ad581317a8)
Tracks and displays system calls associated with a running process
--------------------------------------------------------------------------------
Update Information:
v4.14 -> v4.15.
--------------------------------------------------------------------------------
================================================================================
tomboy-1.15.6-1.fc23 (FEDORA-2016-3f4072db31)
Note-taking application
--------------------------------------------------------------------------------
Update Information:
### Version 1.15.6 ### * Translation updates: pl, lt, sr, sv, cs, hu, da, pt,
pt_BR, de, fr * Multiple build infrastructure updates and general cleanup
(Alex Tereschenko with contribution from Philip Withnall) * Updates for
modern versions of Mono, make and autotools * Migrated off of gnome-common
infrastructure * We are now using Yelp for doc generation * Fixed
building on Debian and derivatives with DBus 2.0 (inspired by Debian's distro-
level patch by Iain Lane, gh9) * Added a copy of ax_require_config macro
into our repo to fix building on Ubuntu 14 (gh26) * Fixed bug with note still
being shown in Search All after deletion from Note window (gh13, David Bannon) *
Removed GNOME panel mention from Start Here note (bgo559723, Jared Jennings) *
Made FUSE module load dialog more readable (gh21, bgo595283, Alex Tereschenko) *
Reworked note saving exception handling to avoid program crashes on disk full
(gh24, Alex Tereschenko) * Fixed crash upon exporting notes to HTML when a
linked note is not found (gh25, Alex Tereschenko) * Windows: fixed URL
generation for drag'n'drop, updated GTK# download link (gh22, bgo604671, Alex
Tereschenko) * Some housekeeping (Alex Tereschenko): * Removed unused files
(Changelog.pre-git, MAINTAINERS) * Updated information in NEWS and main
README files * Added contribution guidelines * .gitignore updates
--------------------------------------------------------------------------------