The following Fedora 23 Security updates need testing:
Age URL
253
https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23
211
https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe
miniupnpc-1.9-6.fc23
184
https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324
jbig2dec-0.12-2.fc23
134
https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1
python-pymongo-3.0.3-1.fc23
134
https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8
thttpd-2.25b-37.fc23
99
https://bodhi.fedoraproject.org/updates/FEDORA-2016-637618fcd4
mingw-nsis-2.50-1.fc23
54
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b8f91621c7
optipng-0.7.6-1.fc23
19
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b3b9407940
squid-3.5.10-4.fc23
7
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d9dbd6d339
openslp-2.0.0-8.fc23
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-06f1572324
kernel-4.5.5-201.fc23
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d94300845b
compat-nettle27-2.7.1-2.fc23
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-55261b6815
phpMyAdmin-4.6.2-1.fc23
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-396403ec02
roundcubemail-1.2.0-1.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-8d3fe9914b xen-4.5.3-6.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-6472a8cdc7
docker-1.10.3-22.git4158ccc.fc23
The following Fedora 23 Critical Path updates have yet to be approved:
Age URL
13
https://bodhi.fedoraproject.org/updates/FEDORA-2016-728a7def67
pungi-4.0.15-2.fc23
7
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d9dbd6d339
openslp-2.0.0-8.fc23
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-06f1572324
kernel-4.5.5-201.fc23
The following builds have been pushed to Fedora 23 updates-testing
NetworkManager-l2tp-1.0.2-1.fc23
cinnamon-menus-3.0.2-1.fc23
cinnamon-screensaver-3.0.1-1.fc23
compose-utils-0.1.6-1.fc23
docker-1.10.3-22.git4158ccc.fc23
gtengine-2.5-1.fc23
knot-2.2.1-1.fc23
lyx-2.2.0-1.fc23
openblas-0.2.18-1.fc23
php-guzzlehttp-promises-1.2.0-1.fc23
php-guzzlehttp-psr7-1.3.0-1.fc23
php-latte-2.3.12-1.fc23
php-pear-Net-SMTP-1.7.2-1.fc23
php-tracy-2.3.11-1.fc23
php-twig-1.24.1-1.fc23
python-copr-1.70-1.fc23
texstudio-2.11.0-1.fc23
Details about builds:
================================================================================
NetworkManager-l2tp-1.0.2-1.fc23 (FEDORA-2016-54c8a74b61)
NetworkManager VPN plugin for L2TP and L2TP/IPSec
--------------------------------------------------------------------------------
Update Information:
Update to 1.0.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #887674 - NetworkManager-l2tp not establishing connection
https://bugzilla.redhat.com/show_bug.cgi?id=887674
[ 2 ] Bug #1299119 - Don't establish a l2tp vpn connect used NetworkManager-l2tp
component
https://bugzilla.redhat.com/show_bug.cgi?id=1299119
[ 3 ] Bug #1083223 - NetworkManager-l2tp 0.9.8.6-1.fc20 can't establish L2TP
connections
https://bugzilla.redhat.com/show_bug.cgi?id=1083223
--------------------------------------------------------------------------------
================================================================================
cinnamon-menus-3.0.2-1.fc23 (FEDORA-2016-be09cb7e35)
A menu system for the Cinnamon project
--------------------------------------------------------------------------------
Update Information:
updates
--------------------------------------------------------------------------------
================================================================================
cinnamon-screensaver-3.0.1-1.fc23 (FEDORA-2016-be09cb7e35)
Cinnamon Screensaver
--------------------------------------------------------------------------------
Update Information:
updates
--------------------------------------------------------------------------------
================================================================================
compose-utils-0.1.6-1.fc23 (FEDORA-2016-5820f4419e)
Utilities for working with composes
--------------------------------------------------------------------------------
Update Information:
* Fix getting SRPM summary * Add utility for listing composes (It allows
listing all composes in a directory in a sorted way, finding latest compose in a
directory, generating next compose id to be used, finding preceding compose for
a given compose etc.) * Add better error message on missing metadata ---- Add
image diff to changelog ---- * correctly handle epochs * work with rpms.json
file only
--------------------------------------------------------------------------------
================================================================================
docker-1.10.3-22.git4158ccc.fc23 (FEDORA-2016-6472a8cdc7)
Automates deployment of containerized applications
--------------------------------------------------------------------------------
Update Information:
built docker @projectatomic/fedora-1.10.3 commit 4158ccc ---- Resolves:
#1335649 - enable Red Hat subscription use in Docker containers on Fedora ----
built docker @projectatomic/fedora-1.10.3 commit 8ecd47f ---- built docker
@projectatomic/fedora-1.10.3 commit 8ecd47f ---- built docker
@projectatomic/fedora-1.10.3 commit 667d6d1 ---- built docker
@projectatomic/fedora-1.10.3 commit bba2d6d ---- built docker
@projectatomic/fedora-1.10.3 commit a41254f ---- built docker
@projectatomic/fedora-1.10.3 commit#964eda6 ---- built docker
@projectatomic/fedora-1.10.3 commit#ef2fa35 ---- docker package runtime
depends on docker-forward-journald ---- rebuilt to remove dockerroot user
creation ---- rebuilt to remove dockerroot user creation ---- rebuilt to
include dss_libdir directory ---- built docker @projectatomic/fedora-1.10.2
commit#86e59a5 ---- rebuilt with seccomp enabled ---- built docker
@projectatomic/fedora-1.10.1 commit#6c71d8f ---- built docker
@projectatomic/fedora-1.10.1 commit#6c71d8f ---- rebuilt, no change ----
built docker @projectatomic/fedora-1.10.2 commit#0f5ac89
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1335649 - Enable use of Red Hat subscriptions in docker containers on Fedora
https://bugzilla.redhat.com/show_bug.cgi?id=1335649
[ 2 ] Bug #1289851 - Docker.service does not require docker.socket which can lead to
Docker crash when docker.sock is host mounted
https://bugzilla.redhat.com/show_bug.cgi?id=1289851
[ 3 ] Bug #1254694 - "man docker-login" incorrectly claims that you can
"docker login" to Docker Hub as non-root user
https://bugzilla.redhat.com/show_bug.cgi?id=1254694
[ 4 ] Bug #1269602 - Secrets patch does not work in Fedora
https://bugzilla.redhat.com/show_bug.cgi?id=1269602
[ 5 ] Bug #1289963 - docker push not working in 1.9.1
https://bugzilla.redhat.com/show_bug.cgi?id=1289963
[ 6 ] Bug #1303105 - Docker does not own /usr/lib/docker-storage-setup
https://bugzilla.redhat.com/show_bug.cgi?id=1303105
[ 7 ] Bug #1326110 - Unable to create containers with Kubernetes master and Docker
1.9.1-9
https://bugzilla.redhat.com/show_bug.cgi?id=1326110
[ 8 ] Bug #1312934 - "docker images" command returns all the repositories
prepended with the "docker.io/" string
https://bugzilla.redhat.com/show_bug.cgi?id=1312934
[ 9 ] Bug #1329454 - CVE-2016-3697 docker: privilege escalation via confusion of
usernames and UIDs [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1329454
[ 10 ] Bug #1340921 - "Failed to get pwuid struct: user: unknown userid " log
spam
https://bugzilla.redhat.com/show_bug.cgi?id=1340921
--------------------------------------------------------------------------------
================================================================================
gtengine-2.5-1.fc23 (FEDORA-2016-54b1313af5)
Library for computations in mathematics, graphics, image analysis, and physics
--------------------------------------------------------------------------------
Update Information:
- Update to 2.5
--------------------------------------------------------------------------------
================================================================================
knot-2.2.1-1.fc23 (FEDORA-2016-c738c6c6b4)
High-performance authoritative DNS server
--------------------------------------------------------------------------------
Update Information:
new upstream release ---- Fix default configuration file.
--------------------------------------------------------------------------------
================================================================================
lyx-2.2.0-1.fc23 (FEDORA-2016-782ef161fa)
WYSIWYM (What You See Is What You Mean) document processor
--------------------------------------------------------------------------------
Update Information:
Update to the latest stable release. Among the most important of these are: *
HiDPI display support * Qt5 support * New text display algorithm * Horizontal
scrolling for large insets * Improved control of paragraph breaks * Improved
text color support * Reworked instant preview
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1297051 - [abrt] lyx: lyx::error_handler(): lyx killed by SIGABRT
https://bugzilla.redhat.com/show_bug.cgi?id=1297051
[ 2 ] Bug #1249411 - [abrt] lyx: lyx::error_handler(): lyx killed by SIGABRT
https://bugzilla.redhat.com/show_bug.cgi?id=1249411
[ 3 ] Bug #1208209 - [abrt] lyx-common: configure.py:1289:checkLatexConfig:IOError:
[Errno 2] No such file or directory: 'chkconfig.vars'
https://bugzilla.redhat.com/show_bug.cgi?id=1208209
--------------------------------------------------------------------------------
================================================================================
openblas-0.2.18-1.fc23 (FEDORA-2016-8d84437bb8)
An optimized BLAS library based on GotoBLAS2
--------------------------------------------------------------------------------
Update Information:
Optimizations on ARM and Power architectures.
--------------------------------------------------------------------------------
================================================================================
php-guzzlehttp-promises-1.2.0-1.fc23 (FEDORA-2016-abfccd7783)
Guzzle promises library
--------------------------------------------------------------------------------
Update Information:
## 1.2.0 - 2016-05-18 * Update to now catch `\Throwable` on PHP 7+
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1337366 - php-guzzlehttp-promises-1.2.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1337366
--------------------------------------------------------------------------------
================================================================================
php-guzzlehttp-psr7-1.3.0-1.fc23 (FEDORA-2016-6a3facdf05)
PSR-7 message implementation
--------------------------------------------------------------------------------
Update Information:
## 1.3.0 - 2016-04-13 * Added remaining interfaces needed for full PSR7
compatibility (ServerRequestInterface, UploadedFileInterface, etc.). * Added
support for stream_for from scalars. * Can now extend Uri. * Fixed a bug in
validating request methods by making it more permissive.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1326975 - php-guzzlehttp-psr7-1.3.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1326975
--------------------------------------------------------------------------------
================================================================================
php-latte-2.3.12-1.fc23 (FEDORA-2016-d88d9f5211)
Latte: the amazing template engine for PHP
--------------------------------------------------------------------------------
Update Information:
**Released version 2.3.12** * Filter strip: fixed bug when input begins with
`<pre> <script>` or `<textarea>` * Filters::escapeHtml escapes all
entities *
Compiler: pretty whitespace around comments * MacroTokens: added new
operators <=> ** ... * Compiler: improved error messages
--------------------------------------------------------------------------------
================================================================================
php-pear-Net-SMTP-1.7.2-1.fc23 (FEDORA-2016-7dc418b5e5)
Provides an implementation of the SMTP protocol
--------------------------------------------------------------------------------
Update Information:
**Version 1.7.2** - Fix size calculation when headers are provided (#27)
--------------------------------------------------------------------------------
================================================================================
php-tracy-2.3.11-1.fc23 (FEDORA-2016-69e614ae4a)
Tracy: useful PHP debugger
--------------------------------------------------------------------------------
Update Information:
**Released version 2.3.11** * Dumper: fixed missing escape for & (#187) *
bar.js: fixed evaluating script tags in panels in window-mode (#174) *
Bluescreen: rel=noopener for target=_blank * BlueScreen::highlightLine() line
may be out of range #148 * Bar: versioning of data in session #146 #149
--------------------------------------------------------------------------------
================================================================================
php-twig-1.24.1-1.fc23 (FEDORA-2016-04823f026f)
The flexible, fast, and secure template engine for PHP
--------------------------------------------------------------------------------
Update Information:
**Version 1.24.1** (2016-05-30) * fixed reserved keywords (forbids true,
false, null and none keywords for variables names) * fixed support for PHP7
(Throwable support) * marked the following methods as being internals on
Twig_Environment: getFunctions(), getFilters(), getTests(), getFunction(),
getFilter(), getTest(), getTokenParsers(), getTags(), getNodeVisitors(),
getUnaryOperators(), getBinaryOperators(), getFunctions(), getFilters(),
getGlobals(), initGlobals(), initExtensions(), and initExtension()
--------------------------------------------------------------------------------
================================================================================
python-copr-1.70-1.fc23 (FEDORA-2016-14c6d04e21)
Python interface for Copr
--------------------------------------------------------------------------------
Update Information:
This release mainly fixes bug Bug 1340650 - SRPM builds submitted from CLI fail:
"invalid request". ---- Support for Rubygems Package handling
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1335163 - Add fork subcommand to Copr CLI
https://bugzilla.redhat.com/show_bug.cgi?id=1335163
[ 2 ] Bug #1340650 - SRPM builds submitted from CLI fail: "invalid request"
https://bugzilla.redhat.com/show_bug.cgi?id=1340650
--------------------------------------------------------------------------------
================================================================================
texstudio-2.11.0-1.fc23 (FEDORA-2016-a6caa69bc3)
A feature-rich editor for LaTeX documents
--------------------------------------------------------------------------------
Update Information:
- update to 2.11.0 -
http://texstudio.sourceforge.net/manual/current/CHANGELOG.txt
--------------------------------------------------------------------------------