The following Fedora 23 Security updates need testing:
Age URL
339
https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23
297
https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe
miniupnpc-1.9-6.fc23
270
https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324
jbig2dec-0.12-2.fc23
220
https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1
python-pymongo-3.0.3-1.fc23
220
https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8
thttpd-2.25b-37.fc23
185
https://bodhi.fedoraproject.org/updates/FEDORA-2016-637618fcd4
mingw-nsis-2.50-1.fc23
61
https://bodhi.fedoraproject.org/updates/FEDORA-2016-fcccb0a547
nodejs-0.10.46-1.fc23
39
https://bodhi.fedoraproject.org/updates/FEDORA-2016-70b5173c05
ecryptfs-utils-111-1.fc23
28
https://bodhi.fedoraproject.org/updates/FEDORA-2016-9402100276
openssh-7.2p2-5.fc23 selinux-policy-3.13.1-158.22.fc23
27
https://bodhi.fedoraproject.org/updates/FEDORA-2016-8d79ade826 flex-2.6.0-2.fc23
27
https://bodhi.fedoraproject.org/updates/FEDORA-2016-aa394a130e
nodejs-string-dot-prototype-dot-repeat-0.2.0-2.fc23
16
https://bodhi.fedoraproject.org/updates/FEDORA-2016-c2ec9c716e redis-3.2.3-1.fc23
14
https://bodhi.fedoraproject.org/updates/FEDORA-2016-3e9c54e3b0
dhcpcd-6.11.2-1.fc23
13
https://bodhi.fedoraproject.org/updates/FEDORA-2016-f405b25923 krb5-1.14.3-4.fc23
12
https://bodhi.fedoraproject.org/updates/FEDORA-2016-0a4dccdd23
tomcat-8.0.36-2.fc23
12
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b1a36cccc8
389-ds-base-1.3.4.14-1.fc23
12
https://bodhi.fedoraproject.org/updates/FEDORA-2016-5aa6973100
jasper-1.900.1-33.fc23
9
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d6288f555c
libarchive-3.2.1-3.fc23 python-libarchive-c-2.5-1.fc23
7
https://bodhi.fedoraproject.org/updates/FEDORA-2016-f9e951386e
ca-certificates-2016.2.9-1.0.fc23
7
https://bodhi.fedoraproject.org/updates/FEDORA-2016-47dc2b203f
firewalld-0.4.3.3-1.fc23
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-2b4ecfa79f
libgcrypt-1.6.6-1.fc23
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-8e55114267 lcms2-2.8-2.fc23
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-87dde780b8 glibc-2.22-18.fc23
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-7898627d08
freeipa-4.2.4-2.fc23
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-f58d7ecc8a
rubygem-activerecord-4.2.3-3.fc23 rubygem-actionpack-4.2.3-6.fc23
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-f734302c3f
borgbackup-1.0.7-1.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-3a0195918f
gnupg-1.4.21-1.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-dc2cb4ad6b
openvpn-2.3.12-1.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-91e80601a0
kernel-4.7.2-100.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-00ffbe6f4c
canl-c-2.1.7-1.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d349b1c5f1
ganglia-3.7.2-10.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d957ffbac1
webkitgtk4-2.12.4-1.fc23
The following Fedora 23 Critical Path updates have yet to be approved:
Age URL
36
https://bodhi.fedoraproject.org/updates/FEDORA-2016-98a7a1b6e0 abrt-2.8.0-6.fc23
libreport-2.6.4-3.fc23
28
https://bodhi.fedoraproject.org/updates/FEDORA-2016-9402100276
openssh-7.2p2-5.fc23 selinux-policy-3.13.1-158.22.fc23
14
https://bodhi.fedoraproject.org/updates/FEDORA-2016-1db278c927
ntfs-3g-2016.2.22-2.fc23
13
https://bodhi.fedoraproject.org/updates/FEDORA-2016-f405b25923 krb5-1.14.3-4.fc23
13
https://bodhi.fedoraproject.org/updates/FEDORA-2016-f76b467679
breeze-icon-theme-5.25.0-1.fc23 extra-cmake-modules-5.25.0-1.fc23 kf5-5.25.0-2.fc23
kf5-attica-5.25.0-1.fc23 kf5-baloo-5.25.0-1.fc23 kf5-bluez-qt-5.25.0-1.fc23
kf5-frameworkintegration-5.25.0-1.fc23 kf5-kactivities-5.25.0-1.fc23
kf5-kactivities-stats-5.25.0-1.fc23 kf5-kapidox-5.25.0-1.fc23 kf5-karchive-5.25.0-1.fc23
kf5-kauth-5.25.0-1.fc23 kf5-kbookmarks-5.25.0-1.fc23 kf5-kcmutils-5.25.0-1.fc23
kf5-kcodecs-5.25.0-1.fc23 kf5-kcompletion-5.25.0-1.fc23 kf5-kconfig-5.25.0-1.fc23
kf5-kconfigwidgets-5.25.0-1.fc23 kf5-kcoreaddons-5.25.0-1.fc23 kf5-kcrash-5.25.0-1.fc23
kf5-kdbusaddons-5.25.0-1.fc23 kf5-kdeclarative-5.25.0-1.fc23 kf5-kded-5.25.0-1.fc23
kf5-kdelibs4support-5.25.0-1.fc23 kf5-kdesignerplugin-5.25.0-1.fc23
kf5-kdesu-5.25.0-1.fc23 kf5-kdewebkit-5.25.0-1.fc23 kf5-kdnssd-5.25.0-1.fc23
kf5-kdoctools-5.25.0-1.fc23 kf5-kemoticons-5.25.0-1.fc23 kf5-kfilemetadata-5.25.0-1.fc23
kf5-kglobalaccel-5.25.0-1.fc23 kf5-kguiad
dons-5.25.0-1.fc23 kf5-khtml-5.25.0-1.fc23 kf5-ki18n-5.25.0-1.fc23
kf5-kiconthemes-5.25.0-1.fc23 kf5-kidletime-5.25.0-1.fc23 kf5-kimageformats-5.25.0-1.fc23
kf5-kinit-5.25.0-1.fc23 kf5-kio-5.25.0-1.fc23 kf5-kitemmodels-5.25.0-1.fc23
kf5-kitemviews-5.25.0-1.fc23 kf5-kjobwidgets-5.25.0-1.fc23 kf5-kjs-5.25.0-1.fc23
kf5-kjsembed-5.25.0-1.fc23 kf5-kmediaplayer-5.25.0-1.fc23 kf5-knewstuff-5.25.0-1.fc23
kf5-knotifications-5.25.0-1.fc23 kf5-knotifyconfig-5.25.0-1.fc23
kf5-kpackage-5.25.0-1.fc23 kf5-kparts-5.25.0-1.fc23 kf5-kpeople-5.25.0-1.fc23
kf5-kplotting-5.25.0-1.fc23 kf5-kpty-5.25.0-1.fc23 kf5-kross-5.25.0-1.fc23
kf5-krunner-5.25.0-1.fc23 kf5-kservice-5.25.0-1.fc23 kf5-ktexteditor-5.25.0-1.fc23
kf5-ktextwidgets-5.25.0-1.fc23 kf5-kunitconversion-5.25.0-1.fc23 kf5-kwallet-5.25.0-1.fc23
kf5-kwayland-5.25.0-1.fc23 kf5-kwidgetsaddons-5.25.0-1.fc23
kf5-kwindowsystem-5.25.0-1.fc23 kf5-kxmlgui-5.25.0-1.fc23 kf5-kxmlrpcclient-5.25.0-1.fc23
kf5-modemmanager-qt-5.25.0-1.fc23 kf5-networkmanager-qt
-5.25.0-1.fc23 kf5-plasma-5.25.0-2.fc23 kf5-solid-5.25.0-1.fc23 kf5-sonnet-5.25.0-1.fc23
kf5-threadweaver-5.25.0-1.fc23 oxygen-icon-theme-5.25.0-1.fc23
12
https://bodhi.fedoraproject.org/updates/FEDORA-2016-5aa6973100
jasper-1.900.1-33.fc23
11
https://bodhi.fedoraproject.org/updates/FEDORA-2016-c55a630624
menu-cache-1.0.1-2.D20160506git2932d67f30.fc23
11
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d83028e264
perl-Socket-2.024-1.fc23
9
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d6288f555c
libarchive-3.2.1-3.fc23 python-libarchive-c-2.5-1.fc23
8
https://bodhi.fedoraproject.org/updates/FEDORA-2016-343c55ea44
linux-firmware-20160816-67.git7c3dfc0b.fc23
8
https://bodhi.fedoraproject.org/updates/FEDORA-2016-0af7b03c78
dbus-1.10.10-1.fc23
7
https://bodhi.fedoraproject.org/updates/FEDORA-2016-471ab66d4d nss-3.26.0-1.0.fc23
nss-softokn-3.26.0-1.0.fc23 nss-util-3.26.0-1.0.fc23
7
https://bodhi.fedoraproject.org/updates/FEDORA-2016-f9e951386e
ca-certificates-2016.2.9-1.0.fc23
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-87dde780b8 glibc-2.22-18.fc23
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-f1f7e3722d
systemd-222-16.fc23
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-8e55114267 lcms2-2.8-2.fc23
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-66a914144d
libfm-1.2.4-6.D20160627git2a537414de.fc23
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-2b4ecfa79f
libgcrypt-1.6.6-1.fc23
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-1e281b415b
redhat-rpm-config-37-1.fc23.1
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-bebe7b9c5b
libavc1394-0.5.4-1.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-3a0195918f
gnupg-1.4.21-1.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-91e80601a0
kernel-4.7.2-100.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4de7497ac4
gnupg2-2.1.13-2.fc23
The following builds have been pushed to Fedora 23 updates-testing
bind-dyndb-ldap-8.0-5.fc23
canl-c-2.1.7-1.fc23
docker-1.10.3-41.git78aa320.fc23
fedora-user-agent-chrome-0.0.0.4-1.fc23
ganglia-3.7.2-10.fc23
ibus-table-1.9.14-1.fc23
knot-resolver-1.1.1-1.fc23
libesedb-20120102-10.fc23
lshw-B.02.18-5.fc23
python-cvss-1.3-1.fc23
webkitgtk4-2.12.4-1.fc23
Details about builds:
================================================================================
bind-dyndb-ldap-8.0-5.fc23 (FEDORA-2016-53f4ab8db1)
LDAP back-end plug-in for BIND
--------------------------------------------------------------------------------
Update Information:
Patch & rebuild for bind 9.10.4-P2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1369738 - Error: nothing provides libdns.so.162()(64bit) needed by
bind-dyndb-ldap-8.0-4.fc23.x86_64
https://bugzilla.redhat.com/show_bug.cgi?id=1369738
--------------------------------------------------------------------------------
================================================================================
canl-c-2.1.7-1.fc23 (FEDORA-2016-00ffbe6f4c)
EMI Common Authentication library - bindings for C
--------------------------------------------------------------------------------
Update Information:
This is a hotfix for proxy DN manipulation vulnerabilities.
--------------------------------------------------------------------------------
================================================================================
docker-1.10.3-41.git78aa320.fc23 (FEDORA-2016-f2d2e7b09c)
Automates deployment of containerized applications
--------------------------------------------------------------------------------
Update Information:
built docker @projectatomic/fedora-1.10.3 commit 128f146 ---- built docker
@projectatomic/fedora-1.10.3 commit 128f146 ---- built docker
@projectatomic/fedora-1.10.3 commit 1ecb834 ---- built docker
@projectatomic/fedora-1.10.3 commit cba0656 ---- built docker
@projectatomic/fedora-1.10.3 commit 29066b4 ---- built docker
@projectatomic/fedora-1.10.3 commit 971d3bf ---- built docker
@projectatomic/fedora-1.10.3 commit 3b3d748 ---- built docker
@projectatomic/fedora-1.10.3 commit 19b5791 ---- remove dependency on
firewalld BZ#1348334 ---- remove MountFlags=slave from docker.service ----
built docker @projectatomic/fedora-1.10.3 commit ee81b72
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1330442 - Package docker-selinux is missing interface files
https://bugzilla.redhat.com/show_bug.cgi?id=1330442
[ 2 ] Bug #1316711 - docker-1.10.2-11.gitddbb15a.fc24 tries to use invalid %triggerpost
https://bugzilla.redhat.com/show_bug.cgi?id=1316711
[ 3 ] Bug #1340940 - Include v1.10-migrator-helper script in the docker-v1.10-migrator
RPM
https://bugzilla.redhat.com/show_bug.cgi?id=1340940
[ 4 ] Bug #1317561 - manpage for docker-daemon should exist but doesn't
https://bugzilla.redhat.com/show_bug.cgi?id=1317561
[ 5 ] Bug #1348334 - docker forces firewalld installation
https://bugzilla.redhat.com/show_bug.cgi?id=1348334
--------------------------------------------------------------------------------
================================================================================
fedora-user-agent-chrome-0.0.0.4-1.fc23 (FEDORA-2016-507a178f1f)
User-Agent Fedora branding for Google Chrome/Chromium browser
--------------------------------------------------------------------------------
Update Information:
Add support for Chromium browser.
--------------------------------------------------------------------------------
================================================================================
ganglia-3.7.2-10.fc23 (FEDORA-2016-d349b1c5f1)
Distributed Monitoring System
--------------------------------------------------------------------------------
Update Information:
Update to ganglia-web 3.7.2, fixing a XSS issue.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1369843 - ganglia: ganglia-web: Reflected XSS in the metrics API
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1369843
--------------------------------------------------------------------------------
================================================================================
ibus-table-1.9.14-1.fc23 (FEDORA-2016-2eee40cd61)
The Table engine for IBus platform
--------------------------------------------------------------------------------
Update Information:
update to 1.9.14; Fix bug in Unihan_Variants.txt, ��� U+4E7E is both simplified
and traditional Chinese (thanks to Heiher <r(a)hev.cc>)
--------------------------------------------------------------------------------
================================================================================
knot-resolver-1.1.1-1.fc23 (FEDORA-2016-4b3774fe4a)
Caching full DNS Resolver
--------------------------------------------------------------------------------
Update Information:
new upstream release
--------------------------------------------------------------------------------
================================================================================
libesedb-20120102-10.fc23 (FEDORA-2016-bd4916f41f)
Library to access the Extensible Storage Engine (ESE) Database File (EDB) format
--------------------------------------------------------------------------------
Update Information:
Rebuild, just to fix FTBFS.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1239642 - libesedb: FTBFS in rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1239642
--------------------------------------------------------------------------------
================================================================================
lshw-B.02.18-5.fc23 (FEDORA-2016-fbdb599590)
Hardware lister
--------------------------------------------------------------------------------
Update Information:
Fix issue when starting lshw from menu.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1368404 - lshw-gui does not start from gnome-shell-extension-apps-menu
https://bugzilla.redhat.com/show_bug.cgi?id=1368404
--------------------------------------------------------------------------------
================================================================================
python-cvss-1.3-1.fc23 (FEDORA-2016-02cbbe6305)
CVSS2/3 library with interactive calculator
--------------------------------------------------------------------------------
Update Information:
New package python-cvss: CVSS2/3 library with interactive calculator
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1334611 - Review Request: python-cvss - CVSS2/3 library with interactive
calculator
https://bugzilla.redhat.com/show_bug.cgi?id=1334611
--------------------------------------------------------------------------------
================================================================================
webkitgtk4-2.12.4-1.fc23 (FEDORA-2016-d957ffbac1)
GTK+ Web content engine library
--------------------------------------------------------------------------------
Update Information:
This update addresses the following vulnerabilities: *
[
CVE-2016-4622](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4622),
[
CVE-2016-4624](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4624),
[
CVE-2016-4591](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4591),
[
CVE-2016-4590](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4590)
Additional fixes: * Fix performance in accelerated compositing mode with the
modesetting intel driver and DRI3 enabled. * Reduce the amount of file
descriptors that the Web Process keeps open. * Fix Web Process deadlocks when
loading HLS videos. * Make CSS and SVG animations run at 60fps. * Make meter
elements accessible. * Improve accessibility name and description of elements to
make it more compatible with W3C specs and fix several bugs in which the
accessible name of objects was missing or broken. * Fix a crash when running
windowed plugins under Wayland. * Fix a crash at process exit under Wayland. *
Fix several crashes and rendering issues. Translation updates: * German.
--------------------------------------------------------------------------------