The following Fedora 23 Security updates need testing:
Age URL
193
https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23
151
https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe
miniupnpc-1.9-6.fc23
124
https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324
jbig2dec-0.12-2.fc23
75
https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1
python-pymongo-3.0.3-1.fc23
74
https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8
thttpd-2.25b-37.fc23
63
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a69ee02554
xulrunner-44.0-1.fc23
39
https://bodhi.fedoraproject.org/updates/FEDORA-2016-637618fcd4
mingw-nsis-2.50-1.fc23
28
https://bodhi.fedoraproject.org/updates/FEDORA-2016-3e4408f350
squid-3.5.10-1.fc23
21
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d7dafbf27f
python-tgcaptcha2-0.3.1-1.fc23
9
https://bodhi.fedoraproject.org/updates/FEDORA-2016-0fb6577f07 vtun-3.0.3-15.fc23
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-df2529c86c
python-rsa-3.4.1-1.fc23
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b05672c54f
libmaxminddb-1.2.0-1.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-0d5b1b498f xen-4.5.2-10.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b7f1f8e3bf
mercurial-3.5.2-1.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-de909cc333
xstream-1.4.9-1.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b9368247d4
latex2rtf-2.3.10-1.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-1cf1b49047 php-5.6.20-1.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-858277b967
fuse-encfs-1.8.1-1.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-7e602c0e5e
kernel-4.4.6-301.fc23
The following Fedora 23 Critical Path updates have yet to be approved:
Age URL
63
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a69ee02554
xulrunner-44.0-1.fc23
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d8dbbc4b73
kde-settings-23-11.fc23.1
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-5d2823c643
breeze-icon-theme-5.20.0-1.fc23 extra-cmake-modules-5.20.0-1.fc23
kactivitymanagerd-5.5.0-1.fc23 kf5-5.20.0-1.fc23 kf5-attica-5.20.0-1.fc23
kf5-baloo-5.20.0-1.fc23 kf5-bluez-qt-5.20.0-1.fc23 kf5-frameworkintegration-5.20.0-2.fc23
kf5-kactivities-5.20.0-2.fc23 kf5-kapidox-5.20.0-1.fc23 kf5-karchive-5.20.0-1.fc23
kf5-kauth-5.20.0-1.fc23 kf5-kbookmarks-5.20.0-1.fc23 kf5-kcmutils-5.20.0-1.fc23
kf5-kcodecs-5.20.0-1.fc23 kf5-kcompletion-5.20.0-1.fc23 kf5-kconfig-5.20.0-1.fc23
kf5-kconfigwidgets-5.20.0-1.fc23 kf5-kcoreaddons-5.20.0-1.fc23 kf5-kcrash-5.20.0-1.fc23
kf5-kdbusaddons-5.20.0-1.fc23 kf5-kdeclarative-5.20.0-1.fc23 kf5-kded-5.20.0-1.fc23
kf5-kdelibs4support-5.20.0-1.fc23 kf5-kdesignerplugin-5.20.0-1.fc23
kf5-kdesu-5.20.0-1.fc23 kf5-kdewebkit-5.20.0-1.fc23 kf5-kdnssd-5.20.0-1.fc23
kf5-kdoctools-5.20.0-1.fc23 kf5-kemoticons-5.20.0-1.fc23 kf5-kfilemetadata-5.20.0-1.fc23
kf5-kglobalaccel-5.20.0-1.fc23 kf5-kgu
iaddons-
5.20.0-1.fc23 kf5-khtml-5.20.0-1.fc23 kf5-ki18n-5.20.0-1.fc23
kf5-kiconthemes-5.20.0-1.fc23 kf5-kidletime-5.20.0-1.fc23 kf5-kimageformats-5.20.0-1.fc23
kf5-kinit-5.20.0-1.fc23 kf5-kio-5.20.0-1.fc23 kf5-kitemmodels-5.20.0-1.fc23
kf5-kitemviews-5.20.0-1.fc23 kf5-kjobwidgets-5.20.0-1.fc23 kf5-kjs-5.20.0-1.fc23
kf5-kjsembed-5.20.0-1.fc23 kf5-kmediaplayer-5.20.0-1.fc23 kf5-knewstuff-5.20.0-1.fc23
kf5-knotifications-5.20.0-2.fc23 kf5-knotifyconfig-5.20.0-1.fc23
kf5-kpackage-5.20.0-1.fc23 kf5-kparts-5.20.0-1.fc23 kf5-kpeople-5.20.0-1.fc23
kf5-kplotting-5.20.0-1.fc23 kf5-kpty-5.20.0-1.fc23 kf5-kross-5.20.0-1.fc23
kf5-krunner-5.20.0-1.fc23 kf5-kservice-5.20.0-1.fc23 kf5-ktexteditor-5.20.0-2.fc23
kf5-ktextwidgets-5.20.0-1.fc23 kf5-kunitconversion-5.20.0-1.fc23 kf5-kwallet-5.20.0-1.fc23
kf5-kwidgetsaddons-5.20.0-1.fc23 kf5-kwindowsystem-5.20.0-1.fc23 kf5-kxmlgui-5.20.0-1.fc23
kf5-kxmlrpcclient-5.20.0-1.fc23 kf5-modemmanager-qt-5.20.0-1.fc23
kf5-networkmanager-qt-5.20.0-1.fc23 kf5-plasm
a-5.20.0
-1.fc23 kf5-solid-5.20.0-1.fc23 kf5-sonnet-5.20.0-1.fc23 kf5-threadweaver-5.20.0-1.fc23
oxygen-icon-theme-5.20.0-1.fc23
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d6d6d4d8f8
ntfs-3g-2016.2.22-1.fc23 testdisk-7.0-7.fc23
2
https://bodhi.fedoraproject.org/updates/FEDORA-2016-86fd9bc8c4
pungi-4.0.11-1.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-7190703cf1 lorax-23.20-1.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-1cdba6b1c7
selinux-policy-3.13.1-158.12.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-2e693afc7d
baloo-widgets-15.12.3-1.fc23 dolphin-15.12.3-1.fc23 kate-15.12.3-1.fc23
konsole5-15.12.3-2.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-e7216423d2 parted-3.2-17.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-5138079046
alsa-tools-1.1.0-2.fc23 alsa-plugins-1.1.1-1.fc23 alsa-utils-1.1.1-1.fc23
alsa-lib-1.1.1-1.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-7e602c0e5e
kernel-4.4.6-301.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-bbba3bf922
ModemManager-1.4.14-1.fc23 libmbim-1.12.4-2.fc23 libqmi-1.12.10-1.fc23
The following builds have been pushed to Fedora 23 updates-testing
ModemManager-1.4.14-1.fc23
alsa-lib-1.1.1-1.fc23
alsa-plugins-1.1.1-1.fc23
alsa-tools-1.1.0-2.fc23
alsa-utils-1.1.1-1.fc23
android-tools-20160327git3761365735de-1.fc23
archlinux-keyring-20160215-1.fc23
fedfind-2.4.3-1.fc23
fonttools-3.0-4.fc23
fuse-encfs-1.8.1-1.fc23
gnome-chemistry-utils-0.14.12-1.fc23
gnumeric-1.12.28-1.fc23
goffice-0.10.28-1.fc23
javapackages-tools-4.6.0-8.fc23
kernel-4.4.6-301.fc23
latex2rtf-2.3.10-1.fc23
libbson-1.3.5-1.fc23
libmbim-1.12.4-2.fc23
libqmi-1.12.10-1.fc23
mongodb-3.0.10-2.fc23
nfs-ganesha-2.3.1-3.fc23
pacman-5.0.1-1.fc23
php-5.6.20-1.fc23
php-composer-semver-1.4.0-1.fc23
php-doctrine-doctrine-cache-bundle-1.3.0-1.fc23
plasma-workspace-5.5.5-5.fc23
proxytunnel-1.9.1-1.fc23
python-wikitcms-2.1.4-1.fc23
subscription-manager-1.17.4-1.fc23
trustedqsl-2.2.1-1.fc23
uispec4j-2.5-0.2.20150412gitfdc0b42.fc23
xen-4.5.3-1.fc23
Details about builds:
================================================================================
ModemManager-1.4.14-1.fc23 (FEDORA-2016-bbba3bf922)
Mobile broadband modem management service
--------------------------------------------------------------------------------
Update Information:
Update to ModemManager 1.4.14
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1010538 - Useless "Couldn't find support for device" warning in
the log
https://bugzilla.redhat.com/show_bug.cgi?id=1010538
[ 2 ] Bug #972335 - Huawei E3276: Failed to find primary port
https://bugzilla.redhat.com/show_bug.cgi?id=972335
[ 3 ] Bug #1304814 - Update to ModemManager 1.4.12 to disable CDMA capabilities when
using MBIM
https://bugzilla.redhat.com/show_bug.cgi?id=1304814
--------------------------------------------------------------------------------
================================================================================
alsa-lib-1.1.1-1.fc23 (FEDORA-2016-5138079046)
The Advanced Linux Sound Architecture (ALSA) library
--------------------------------------------------------------------------------
Update Information:
Update ALSA packages to version 1.1.1 (and alsa-tools to 1.1.0).
--------------------------------------------------------------------------------
================================================================================
alsa-plugins-1.1.1-1.fc23 (FEDORA-2016-5138079046)
The Advanced Linux Sound Architecture (ALSA) Plugins
--------------------------------------------------------------------------------
Update Information:
Update ALSA packages to version 1.1.1 (and alsa-tools to 1.1.0).
--------------------------------------------------------------------------------
================================================================================
alsa-tools-1.1.0-2.fc23 (FEDORA-2016-5138079046)
Specialist tools for ALSA
--------------------------------------------------------------------------------
Update Information:
Update ALSA packages to version 1.1.1 (and alsa-tools to 1.1.0).
--------------------------------------------------------------------------------
================================================================================
alsa-utils-1.1.1-1.fc23 (FEDORA-2016-5138079046)
Advanced Linux Sound Architecture (ALSA) utilities
--------------------------------------------------------------------------------
Update Information:
Update ALSA packages to version 1.1.1 (and alsa-tools to 1.1.0).
--------------------------------------------------------------------------------
================================================================================
android-tools-20160327git3761365735de-1.fc23 (FEDORA-2016-f21852d13b)
Android platform tools(adb, fastboot)
--------------------------------------------------------------------------------
Update Information:
- Update to upstream git commit 3761365735de - Resolves: rhbz#1278769
rhbz#1318099 Migrate to ruby generate_build. Support new versions
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1318099 - android-tools severely needs update
https://bugzilla.redhat.com/show_bug.cgi?id=1318099
[ 2 ] Bug #1306107 - [abrt] android-tools: write_all_blocks(): fastboot killed by
SIGABRT
https://bugzilla.redhat.com/show_bug.cgi?id=1306107
[ 3 ] Bug #1278769 - latest fastboot required to unlock Nexus 6P (and maybe 5X)
https://bugzilla.redhat.com/show_bug.cgi?id=1278769
--------------------------------------------------------------------------------
================================================================================
archlinux-keyring-20160215-1.fc23 (FEDORA-2016-151ea289e2)
GPG keys used by Arch distribution to sign packages
--------------------------------------------------------------------------------
Update Information:
Update to latest version. Previous versions of pacman will stop working with new
packages after April 23rd
https://www.archlinux.org/news/required-update-to-
pacman-501-before-2016-04-23/.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1308758 - archlinux-keyring-20160215 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1308758
[ 2 ] Bug #1311111 - pacman-5.0.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1311111
--------------------------------------------------------------------------------
================================================================================
fedfind-2.4.3-1.fc23 (FEDORA-2016-cb0556c0f6)
Fedora Finder finds Fedora
--------------------------------------------------------------------------------
Update Information:
This update provides the latest releases of [python-
wikitcms](https://www.happyassassin.net/wikitcms) and
[
fedfind](https://www.happyassassin.net/fedfind). The wikitcms release drops a
now-unneeded workaround for a missing PDC feature which was now implemented (and
enables tests in the package); the fedfind update *adds* a workaround for a
newly-discovered [PDC
issue](https://github.com/fedora-infra/pdc-
updater/issues/10) (ironically, along the same lines). This will fix an issue
with automated creation of release validation test events. It also restores
support for 'milestone' releases (i.e. Alphas and Betas).
--------------------------------------------------------------------------------
================================================================================
fonttools-3.0-4.fc23 (FEDORA-2016-f3240920b0)
A tool to convert True/OpenType fonts to XML and back
--------------------------------------------------------------------------------
Update Information:
Resolves:rh#1240265- fonttools 2.5 takes too much memory
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1240265 - fonttools 2.5 takes too much memory
https://bugzilla.redhat.com/show_bug.cgi?id=1240265
--------------------------------------------------------------------------------
================================================================================
fuse-encfs-1.8.1-1.fc23 (FEDORA-2016-858277b967)
Encrypted pass-thru filesystem in userspace
--------------------------------------------------------------------------------
Update Information:
Update to 1.8.1.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1119122 - fuse-encfs is missing from EPEL 7
https://bugzilla.redhat.com/show_bug.cgi?id=1119122
[ 2 ] Bug #1097540 - fuse-encfs: multiple cryptography issues [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1097540
[ 3 ] Bug #906390 - Man page does not mention ENCFS6_CONFIG variable name.
https://bugzilla.redhat.com/show_bug.cgi?id=906390
[ 4 ] Bug #1307518 - fuse-encfs: FTBFS in rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1307518
[ 5 ] Bug #1234255 - New version available - 1.8.1
https://bugzilla.redhat.com/show_bug.cgi?id=1234255
--------------------------------------------------------------------------------
================================================================================
gnome-chemistry-utils-0.14.12-1.fc23 (FEDORA-2016-9afe8ad335)
A set of chemical utilities
--------------------------------------------------------------------------------
Update Information:
This is an update to the latest upstream releases of gnumeric, goffice and
gnome-chemistry-utils: *
http://gnumeric.org/announcements/1.12/gnumeric-1.12.28.html *
http://lists.nongnu.org/archive/html/gchemutils-main/2016-03/msg00001.html
--------------------------------------------------------------------------------
================================================================================
gnumeric-1.12.28-1.fc23 (FEDORA-2016-9afe8ad335)
Spreadsheet program for GNOME
--------------------------------------------------------------------------------
Update Information:
This is an update to the latest upstream releases of gnumeric, goffice and
gnome-chemistry-utils: *
http://gnumeric.org/announcements/1.12/gnumeric-1.12.28.html *
http://lists.nongnu.org/archive/html/gchemutils-main/2016-03/msg00001.html
--------------------------------------------------------------------------------
================================================================================
goffice-0.10.28-1.fc23 (FEDORA-2016-9afe8ad335)
G Office support libraries
--------------------------------------------------------------------------------
Update Information:
This is an update to the latest upstream releases of gnumeric, goffice and
gnome-chemistry-utils: *
http://gnumeric.org/announcements/1.12/gnumeric-1.12.28.html *
http://lists.nongnu.org/archive/html/gchemutils-main/2016-03/msg00001.html
--------------------------------------------------------------------------------
================================================================================
javapackages-tools-4.6.0-8.fc23 (FEDORA-2016-2e49e6c66e)
Macros and scripts for Java packaging support
--------------------------------------------------------------------------------
Update Information:
Add missing dependency on findutils (thanks Tatsuyuki Ishi)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1321401 - Missing dependency: findutils
https://bugzilla.redhat.com/show_bug.cgi?id=1321401
--------------------------------------------------------------------------------
================================================================================
kernel-4.4.6-301.fc23 (FEDORA-2016-7e602c0e5e)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
This is an incremental update for a set of bugzillas in the kernel
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1315711 - CVE-2016-3157 kernel: xen: Privilege escalation on 64-bit Xen PV
domains with IO port access privileges (XSA-171)
https://bugzilla.redhat.com/show_bug.cgi?id=1315711
[ 2 ] Bug #1317007 - CVE-2016-3136 kernel: Crash on invalid USB device descriptors
(mct_u232 driver)
https://bugzilla.redhat.com/show_bug.cgi?id=1317007
[ 3 ] Bug #1317017 - CVE-2016-2187 kernel: Kernel panic on invalid USB device descriptor
(gtco driver)
https://bugzilla.redhat.com/show_bug.cgi?id=1317017
[ 4 ] Bug #1316995 - CVE-2016-3140 kernel: Crash on invalid USB device descriptors
(digi_acceleport driver)
https://bugzilla.redhat.com/show_bug.cgi?id=1316995
[ 5 ] Bug #1316204 - CVE-2016-3138 kernel: Crash on invalid USB device descriptors
(cdc_acm driver)
https://bugzilla.redhat.com/show_bug.cgi?id=1316204
[ 6 ] Bug #1317014 - CVE-2016-2185 kernel: Kernel panic on invalid USB device descriptor
(ati_remote2 driver)
https://bugzilla.redhat.com/show_bug.cgi?id=1317014
[ 7 ] Bug #1317018 - CVE-2016-2188 kernel: Kernel panic on invalid USB device descriptor
(iowarrior driver)
https://bugzilla.redhat.com/show_bug.cgi?id=1317018
[ 8 ] Bug #1317015 - CVE-2016-2186 kernel: Kernel panic on invalid USB device descriptor
(powermate driver)
https://bugzilla.redhat.com/show_bug.cgi?id=1317015
[ 9 ] Bug #1316996 - CVE-2016-3137 kernel: Crash on invalid USB device descriptors
(cypress_m8 driver)
https://bugzilla.redhat.com/show_bug.cgi?id=1316996
[ 10 ] Bug #1317012 - CVE-2016-2184 kernel: Kernel panic on invalid USB device
descriptor (snd_usb_audio driver)
https://bugzilla.redhat.com/show_bug.cgi?id=1317012
--------------------------------------------------------------------------------
================================================================================
latex2rtf-2.3.10-1.fc23 (FEDORA-2016-b9368247d4)
LaTeX to RTF converter that handles equations, figures, and cross-references
--------------------------------------------------------------------------------
Update Information:
Update to 2.3.10 for CVE-2015-8106
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1282492 - CVE-2015-8106 latex2rtf: Format string vulnerability in
CmdKeywords
https://bugzilla.redhat.com/show_bug.cgi?id=1282492
--------------------------------------------------------------------------------
================================================================================
libbson-1.3.5-1.fc23 (FEDORA-2016-08d3d4a04b)
Building, parsing, and iterating BSON documents
--------------------------------------------------------------------------------
Update Information:
There are no changes in the code. We deliver this release only because of the
new version string.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1322634 - libbson-1.3.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1322634
--------------------------------------------------------------------------------
================================================================================
libmbim-1.12.4-2.fc23 (FEDORA-2016-bbba3bf922)
Support library for the Mobile Broadband Interface Model protocol
--------------------------------------------------------------------------------
Update Information:
Update to ModemManager 1.4.14
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1010538 - Useless "Couldn't find support for device" warning in
the log
https://bugzilla.redhat.com/show_bug.cgi?id=1010538
[ 2 ] Bug #972335 - Huawei E3276: Failed to find primary port
https://bugzilla.redhat.com/show_bug.cgi?id=972335
[ 3 ] Bug #1304814 - Update to ModemManager 1.4.12 to disable CDMA capabilities when
using MBIM
https://bugzilla.redhat.com/show_bug.cgi?id=1304814
--------------------------------------------------------------------------------
================================================================================
libqmi-1.12.10-1.fc23 (FEDORA-2016-bbba3bf922)
Support library to use the Qualcomm MSM Interface (QMI) protocol
--------------------------------------------------------------------------------
Update Information:
Update to ModemManager 1.4.14
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1010538 - Useless "Couldn't find support for device" warning in
the log
https://bugzilla.redhat.com/show_bug.cgi?id=1010538
[ 2 ] Bug #972335 - Huawei E3276: Failed to find primary port
https://bugzilla.redhat.com/show_bug.cgi?id=972335
[ 3 ] Bug #1304814 - Update to ModemManager 1.4.12 to disable CDMA capabilities when
using MBIM
https://bugzilla.redhat.com/show_bug.cgi?id=1304814
--------------------------------------------------------------------------------
================================================================================
mongodb-3.0.10-2.fc23 (FEDORA-2016-ad367c57b0)
High-performance, schema-free document-oriented database
--------------------------------------------------------------------------------
Update Information:
MongoDB now use -O2 instead of -O3 which caused segfault on ARM.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1303864 - mongod crashes on armv7hl
https://bugzilla.redhat.com/show_bug.cgi?id=1303864
--------------------------------------------------------------------------------
================================================================================
nfs-ganesha-2.3.1-3.fc23 (FEDORA-2016-fb412711f6)
NFS Server running in user space
--------------------------------------------------------------------------------
Update Information:
w/ nfs-ganesha-config.service
--------------------------------------------------------------------------------
================================================================================
pacman-5.0.1-1.fc23 (FEDORA-2016-151ea289e2)
Package manager for the Arch distribution
--------------------------------------------------------------------------------
Update Information:
Update to latest version. Previous versions of pacman will stop working with new
packages after April 23rd
https://www.archlinux.org/news/required-update-to-
pacman-501-before-2016-04-23/.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1308758 - archlinux-keyring-20160215 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1308758
[ 2 ] Bug #1311111 - pacman-5.0.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1311111
--------------------------------------------------------------------------------
================================================================================
php-5.6.20-1.fc23 (FEDORA-2016-1cf1b49047)
PHP scripting language for creating dynamic web sites
--------------------------------------------------------------------------------
Update Information:
31 Mar 2016, **PHP 5.6.20** **CLI Server:** * Fixed bug php#69953 (Support
MKCALENDAR request method). (Christoph) **Core:** * Fixed bug php#71596
(Segmentation fault on ZTS with date function (setlocale)). (Anatol) **Curl:**
* Fixed bug php#71694 (Support constant CURLM_ADDED_ALREADY). (mpyw) **Date:**
* Fixed bug php#71635 (DatePeriod::getEndDate segfault). (Thomas Punt)
**Fileinfo:** * Fixed bug php#71527 (Buffer over-write in finfo_open with
malformed magic file). (Anatol) **Mbstring:** * Fixed bug php#71906
(AddressSanitizer: negative-size-param (-1) in mbfl_strcut). (Stas) **ODBC:**
* Fixed bug php#47803, php#69526 (Executing prepared statements is succesfull
only for the first two statements). (einavitamar, Anatol) * Fixed bug php#71860
(Invalid memory write in phar on filename with \0 in name). (Stas)
**PDO_DBlib:** * Fixed bug php#54648 (PDO::MSSQL forces format of datetime
fields). (steven, Anatol) **Phar:** * Fixed bug php#71625 (Crash in php7.dll
with bad phar filename). (Anatol) * Fixed bug php#71504 (Parsing of tar file
with duplicate filenames causes memory leak). (Jos Elstgeest) **SNMP:** *
Fixed bug php#71704 (php_snmp_error() Format String Vulnerability). (andrew)
**Standard** * Fixed bug php#71798 (Integer Overflow in php_raw_url_encode).
(taoguangchen, Stas)
--------------------------------------------------------------------------------
================================================================================
php-composer-semver-1.4.0-1.fc23 (FEDORA-2016-607f1d4c33)
Semver library that offers utilities, version constraint parsing and validation
--------------------------------------------------------------------------------
Update Information:
**Version 1.4.0** * Added: getters on MultiConstraint
--------------------------------------------------------------------------------
================================================================================
php-doctrine-doctrine-cache-bundle-1.3.0-1.fc23 (FEDORA-2016-5db095b1a3)
Symfony2 Bundle for Doctrine Cache
--------------------------------------------------------------------------------
Update Information:
### 1.3.0 * Added apcu driver * Added predis driver * Fixed mangling issue with
memcache driver * Reorganized documentation * Added persistent id to memcache
driver ### 1.2.2 * Made Symfony Security ACL an optional dependency ### 1.2.1
* Relaxed Symfony requirements allowing old installs ### 1.2.0 * Fixes
[#47](https://github.com/doctrine/DoctrineCacheBundle/pull/47)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1279828 - php-doctrine-doctrine-cache-bundle-1.3.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1279828
--------------------------------------------------------------------------------
================================================================================
plasma-workspace-5.5.5-5.fc23 (FEDORA-2016-c38859cb6a)
Plasma workspace, applications and applets
--------------------------------------------------------------------------------
Update Information:
- drop Requires: sddm-breeze (workaround for bug #1261034)
--------------------------------------------------------------------------------
================================================================================
proxytunnel-1.9.1-1.fc23 (FEDORA-2016-5b17da9f49)
Tool to tunnel a connection through an standard HTTP(S) proxy
--------------------------------------------------------------------------------
Update Information:
Update to current upstream release, and add support for modern TLS protocols,
needed to communicate with current Fedora mod_ssl default configurations.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1284776 - [PATCH] TLS Protocols not supported
https://bugzilla.redhat.com/show_bug.cgi?id=1284776
[ 2 ] Bug #1239800 - proxytunnel: FTBFS in rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1239800
--------------------------------------------------------------------------------
================================================================================
python-wikitcms-2.1.4-1.fc23 (FEDORA-2016-cb0556c0f6)
Fedora QA wiki test management Python library
--------------------------------------------------------------------------------
Update Information:
This update provides the latest releases of [python-
wikitcms](https://www.happyassassin.net/wikitcms) and
[
fedfind](https://www.happyassassin.net/fedfind). The wikitcms release drops a
now-unneeded workaround for a missing PDC feature which was now implemented (and
enables tests in the package); the fedfind update *adds* a workaround for a
newly-discovered [PDC
issue](https://github.com/fedora-infra/pdc-
updater/issues/10) (ironically, along the same lines). This will fix an issue
with automated creation of release validation test events. It also restores
support for 'milestone' releases (i.e. Alphas and Betas).
--------------------------------------------------------------------------------
================================================================================
subscription-manager-1.17.4-1.fc23 (FEDORA-2016-b2c8c39135)
Tools and libraries for subscription and repository management
--------------------------------------------------------------------------------
Update Information:
Bug fix for duplicate display of proxy configuration dialog in GUI.
--------------------------------------------------------------------------------
================================================================================
trustedqsl-2.2.1-1.fc23 (FEDORA-2016-9efd9bc50c)
TrustedQSL ham-radio applications
--------------------------------------------------------------------------------
Update Information:
TQSL changes Defects Corrected: When installing a .TQ6 file succeeded, TQSL
would delete any other certificate files for that callsign, under the assumption
that they were no longer needed. If an operator with a pending callsign
certificate request would then install a TQ6 file for their former callsign
certificate (one that was being renewed), the private key for the pending
renewal could be deleted. This would cause the subsequent TQ6 file to fail to
install. TQSL no longer deletes anything unless it can verfify on-line with LoTW
that the installed certificate is the current one. When uploading logs, TQSL
would always display the progress bar. This should not have been done when
signing via the command line when batch mode (-x or -q) was enabled. TQSL 2.2.1
no longer displays the progress bar for these operations. When using the
language selection dialog, TQSL could cause the main window to close and re-
appear on a different area of the screen. The window location is now preserved
when the language is changed. In addition, TQSL doesn't destroy and re-create
the main window when the language is not changed. Updating the LoTW
configuration file could fail if the user's home directory contained non-ASCII
characters (Windows only). TQSL now handles this properly for such users. TQSL
now ensures that the password prompt window appears on top of other windows when
a password is requested while signing a log. This will cause the main TQSL
window to appear along with the password prompt. No change will be seen if there
is no password set on the associated callsign certificate. TQSL would reject
Cabrillo "Light" mode QSOs (300 GHz) as having an invalid frequency. TQSL now
accepts these as valid. TQSL could misinterpret unrecognized ADIF MODE/SUBMODE
entries in an ADIF file by not using the user���s ADIF mode settings. TQSL now
will use the mode maps when a mode/submode is not recognized. There was a
defect on OSX that would cause an incorrect error message to be displayed when
an incorrect password was entered for a callsign certificate. TQSL now displays
an appropriate error message in this circumstance. Restoring an incorrect .TQ6
file when there was a pending callsign certificate request could cause the
pending request to be deleted. TQSL now rejects the invalid TQ6 file and takes
no other action. Major feature Additions: The callsign certificate properties
displays now include "Replaced" and "Expired" indicators. TQSL now
attempts to
cleanly close out the duplicates database when the window is closed while a
signing operation is underway. TQSL now allows an alternate layout for the user
interface that moves the status log to a separate tab. This is useful for users
with long lists of station locations or callsign certificates. The TQSL
duplicate QSO tracking was updated to allow reporting of station location
changes when the same QSO is signed from more than one station location. This
makes it less likely that an operator will mistakenly re-upload an already QSLd
contact with incorrect station location information. The TQSL ADIF editor was
updated to automatically select the appropriate band when a frequency is
entered.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1304113 - trustedqsl-2.2.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1304113
--------------------------------------------------------------------------------
================================================================================
uispec4j-2.5-0.2.20150412gitfdc0b42.fc23 (FEDORA-2016-c44e5407a7)
Java/Swing GUI testing made simple
--------------------------------------------------------------------------------
Update Information:
initial package, rhbz#1305650
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1305650 - Review Request: uispec4j - Java/Swing GUI testing made simple
https://bugzilla.redhat.com/show_bug.cgi?id=1305650
--------------------------------------------------------------------------------
================================================================================
xen-4.5.3-1.fc23 (FEDORA-2016-e5432ca977)
Xen is a virtual machine monitor
--------------------------------------------------------------------------------
Update Information:
update to 4.5.3
--------------------------------------------------------------------------------