The following Fedora 23 Security updates need testing:
Age URL
252
https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23
210
https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe
miniupnpc-1.9-6.fc23
183
https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324
jbig2dec-0.12-2.fc23
133
https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1
python-pymongo-3.0.3-1.fc23
133
https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8
thttpd-2.25b-37.fc23
98
https://bodhi.fedoraproject.org/updates/FEDORA-2016-637618fcd4
mingw-nsis-2.50-1.fc23
53
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b8f91621c7
optipng-0.7.6-1.fc23
17
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b3b9407940
squid-3.5.10-4.fc23
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d9dbd6d339
openslp-2.0.0-8.fc23
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-06f1572324
kernel-4.5.5-201.fc23
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d94300845b
compat-nettle27-2.7.1-2.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-07eca37ea0 qemu-2.4.1-10.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-f5cdae8c6f
docker-1.10.3-21.git8ecd47f.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-55261b6815
phpMyAdmin-4.6.2-1.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-c1df5311c4
libusbmuxd-1.0.10-5.fc23 libimobiledevice-1.2.0-7.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-396403ec02
roundcubemail-1.2.0-1.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-8d3fe9914b xen-4.5.3-6.fc23
The following Fedora 23 Critical Path updates have yet to be approved:
Age URL
12
https://bodhi.fedoraproject.org/updates/FEDORA-2016-728a7def67
pungi-4.0.15-2.fc23
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d9dbd6d339
openslp-2.0.0-8.fc23
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-06f1572324
kernel-4.5.5-201.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-c1df5311c4
libusbmuxd-1.0.10-5.fc23 libimobiledevice-1.2.0-7.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-449e3091b8 parted-3.2-19.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-525d233f86 krb5-1.14.1-6.fc23
The following builds have been pushed to Fedora 23 updates-testing
atoum-2.7.0-1.fc23
chck-0-1.20160408git5275403.fc23
edgar-1.24-1.fc23
knot-2.2.0-3.fc23
pcsc-cyberjack-3.99.5final.SP09-1.fc23
php-bartlett-php-compatinfo-db-1.9.0-1.fc23
python-hypothesis-3.4.0-1.fc23
xemacs-21.5.34-13.20160507hgd5b51c618ef8.fc23
xen-4.5.3-6.fc23
Details about builds:
================================================================================
atoum-2.7.0-1.fc23 (FEDORA-2016-0fa7d01b99)
PHP Unit Testing framework
--------------------------------------------------------------------------------
Update Information:
**Version 2.7.0** - 2016-06-20 *
[#594](https://github.com/atoum/atoum/pull/594) Add telemtry report to CI builds
([jubianchi]) * [#600](https://github.com/atoum/atoum/pull/600) Reports override
correctly when using -ulr/-utr ([jubianchi]) *
[#593](https://github.com/atoum/atoum/pull/593) Assertions on PHP 7
exceptions/throwables/errors are now working correctly ([jubianchi])
--------------------------------------------------------------------------------
================================================================================
chck-0-1.20160408git5275403.fc23 (FEDORA-2016-76b4bb7ce6)
Collection of C utilities
--------------------------------------------------------------------------------
Update Information:
Update to more recent git commit
--------------------------------------------------------------------------------
================================================================================
edgar-1.24-1.fc23 (FEDORA-2016-ff1aa72099)
A platform game
--------------------------------------------------------------------------------
Update Information:
* Updated Brazilian Portuguese and German translations * The ice blocks dropped
by the large blue book's third form now shatter if they land on lifts
--------------------------------------------------------------------------------
================================================================================
knot-2.2.0-3.fc23 (FEDORA-2016-f71bc54b51)
High-performance authoritative DNS server
--------------------------------------------------------------------------------
Update Information:
Fix default configuration file.
--------------------------------------------------------------------------------
================================================================================
pcsc-cyberjack-3.99.5final.SP09-1.fc23 (FEDORA-2016-e144c413e3)
PC/SC driver for REINER SCT cyberjack USB chip card reader
--------------------------------------------------------------------------------
Update Information:
New upstream, which fixes an usb-bug. Gui finally removed by upstream, was not
build/packaged anyway. The cyberjack binary, used for troubleshooting the
install, was also removed upstream.
--------------------------------------------------------------------------------
================================================================================
php-bartlett-php-compatinfo-db-1.9.0-1.fc23 (FEDORA-2016-5f439c9379)
Reference Database to be used with php-compatinfo library
--------------------------------------------------------------------------------
Update Information:
**Version 1.9.0** - 2016-05-27 - Support to PHP 7.0.7 - Support to PHP 5.6.22 -
Support to PHP 5.5.36
--------------------------------------------------------------------------------
================================================================================
python-hypothesis-3.4.0-1.fc23 (FEDORA-2016-e575907560)
A library for property based testing
--------------------------------------------------------------------------------
Update Information:
Latest release, see
https://hypothesis.readthedocs.io/en/latest/changes.html for
changelog
--------------------------------------------------------------------------------
================================================================================
xemacs-21.5.34-13.20160507hgd5b51c618ef8.fc23 (FEDORA-2016-61b5826385)
Different version of Emacs
--------------------------------------------------------------------------------
Update Information:
This update fixes a problem that prevents M-x shell from working under tcsh.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1222897 - Warning: no access to tty (Inappropriate ioctl for device). When
opening a shell
https://bugzilla.redhat.com/show_bug.cgi?id=1222897
[ 2 ] Bug #1260785 - TCSH shells have process control problems in Xemacs
https://bugzilla.redhat.com/show_bug.cgi?id=1260785
--------------------------------------------------------------------------------
================================================================================
xen-4.5.3-6.fc23 (FEDORA-2016-8d3fe9914b)
Xen is a virtual machine monitor
--------------------------------------------------------------------------------
Update Information:
cleaner way to set kernel module load list Unrestricted qemu logging [XSA-180,
CVE-2014-3672] (#1339125) Qemu: scsi: esp: OOB write while writing to
's->cmdbuf' in esp_reg_write [CVE-2016-4439] (#1337502) Qemu: scsi: esp: OOB
write while writing to 's->cmdbuf' in get_cmd [CVE-2016-4441] (#1337505) Qemu:
scsi: megasas: out-of-bounds write while setting controller properties
[CVE-2016-5106] (#1339578) Qemu: scsi: megasas: stack information leakage while
reading configuration [CVE-2016-5105] (#1339583)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1337502 - CVE-2016-4439 Qemu: scsi: esp: OOB write while writing to
's->cmdbuf' in esp_reg_write
https://bugzilla.redhat.com/show_bug.cgi?id=1337502
[ 2 ] Bug #1337505 - CVE-2016-4441 Qemu: scsi: esp: OOB write while writing to
's->cmdbuf' in get_cmd
https://bugzilla.redhat.com/show_bug.cgi?id=1337505
[ 3 ] Bug #1339578 - CVE-2016-5106 Qemu: scsi: megasas: out-of-bounds write while
setting controller properties
https://bugzilla.redhat.com/show_bug.cgi?id=1339578
[ 4 ] Bug #1339583 - CVE-2016-5105 Qemu: scsi: megasas: stack information leakage while
reading configuration
https://bugzilla.redhat.com/show_bug.cgi?id=1339583
[ 5 ] Bug #1339123 - CVE-2014-3672 xen: Unrestricted qemu logging
https://bugzilla.redhat.com/show_bug.cgi?id=1339123
--------------------------------------------------------------------------------