The following Fedora 23 Security updates need testing:
Age URL
155
https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23
113
https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe
miniupnpc-1.9-6.fc23
86
https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324
jbig2dec-0.12-2.fc23
37
https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1
python-pymongo-3.0.3-1.fc23
36
https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8
thttpd-2.25b-37.fc23
25
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a69ee02554
xulrunner-44.0-1.fc23
22
https://bodhi.fedoraproject.org/updates/FEDORA-2016-97002ad37b
rubygem-actionview-4.2.3-3.fc23
22
https://bodhi.fedoraproject.org/updates/FEDORA-2016-f486068393
rubygem-actionpack-4.2.3-4.fc23
21
https://bodhi.fedoraproject.org/updates/FEDORA-2016-eb4d6e8aab
rubygem-activemodel-4.2.3-2.fc23
21
https://bodhi.fedoraproject.org/updates/FEDORA-2016-3ede04cd79
rubygem-activesupport-4.2.3-3.fc23
21
https://bodhi.fedoraproject.org/updates/FEDORA-2016-cc465a34df
rubygem-activerecord-4.2.3-2.fc23
12
https://bodhi.fedoraproject.org/updates/FEDORA-2016-59ce8b61dd
rubygem-rails-html-sanitizer-1.0.3-1.fc23
8
https://bodhi.fedoraproject.org/updates/FEDORA-2016-40401300ed
389-ds-base-1.3.4.8-1.fc23
8
https://bodhi.fedoraproject.org/updates/FEDORA-2016-65a1f22818
community-mysql-5.6.29-1.fc23
8
https://bodhi.fedoraproject.org/updates/FEDORA-2016-94b0b50351 gummi-0.6.6-1.fc23
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-ba6fd98830
jabberd-2.3.3-7.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-65b7608d8b okhttp-2.7.4-1.fc23
okio-1.6.0-1.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-e48f4bd14f xen-4.5.2-8.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-637618fcd4
mingw-nsis-2.50-1.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-ec8b4ce774
kernel-4.4.2-300.fc23
The following Fedora 23 Critical Path updates have yet to be approved:
Age URL
25
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a69ee02554
xulrunner-44.0-1.fc23
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-054e18a33d
htdig-3.2.0-0.23.b6.fc23
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-9ce8624a6c
selinux-policy-3.13.1-158.7.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-8dde5e377c
lxsession-0.5.2-8.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-ec8b4ce774
kernel-4.4.2-300.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-2400dcd3d1
virtuoso-opensource-6.1.6-10.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-e7e8a7d33a
gnupg2-2.1.11-1.fc23
The following builds have been pushed to Fedora 23 updates-testing
0install-2.11-1.fc23
bwm-ng-0.6.1-2.fc23
cross-binutils-2.26-6.fc23
docker-1.10.2-1.git86e59a5.fc23
dtv-scan-tables-1-1.20160106git9d6094a7c41e.fc23
easytag-2.4.2-1.fc23
gambit-c-4.8.4-1.fc23
gnupg2-2.1.11-1.fc23
mkvtoolnix-8.9.0-1.fc23
nmh-1.6-6.fc23
perl-DBD-SQLite-1.48-4.fc23
perl-Module-CoreList-5.20160121-1.fc23
perl-MooseX-App-1.34-1.fc23
pgadmin3-1.22.1-1.fc23
php-mock-1.0.1-2.fc23
php-nette-2.3.9-1.fc23
php-nette-caching-2.3.5-1.fc23
php-tracy-2.3.9-1.fc23
postfix-3.0.4-1.fc23
rebase-helper-0.7.1-1.fc23
roxterm-3.3.2-1.fc23
salt-2015.5.9-4.fc23
shogun-4.1.0-1.fc23
shogun-data-0.10-1.fc23
yad-0.34.0-1.fc23
Details about builds:
================================================================================
0install-2.11-1.fc23 (FEDORA-2016-7d842c8284)
A decentralized cross-distribution software installation system
--------------------------------------------------------------------------------
Update Information:
- Upstream update to 2.11. - Exclude ppc64le and ppc
--------------------------------------------------------------------------------
================================================================================
bwm-ng-0.6.1-2.fc23 (FEDORA-2016-9f76cf19e6)
Bandwidth Monitor NG
--------------------------------------------------------------------------------
Update Information:
New upstream release removing the dependency on libstatgrab.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1308798 - Please update to v0.6.1
https://bugzilla.redhat.com/show_bug.cgi?id=1308798
--------------------------------------------------------------------------------
================================================================================
cross-binutils-2.26-6.fc23 (FEDORA-2016-48f4d42d63)
A GNU collection of cross-compilation binary utilities
--------------------------------------------------------------------------------
Update Information:
Update to binutils-2.26-12. This brings with it plugin support which permits
this binutils to be used with LTO support from current cross-gcc. ---- Update
to latest binutils package and fix the bits that cause compilation failures with
gcc-6. Further, drop sh-elf support from the SH binutils to solve the problem
with binutils being unable to determine whether to use the elf32-sh-linux or the
elf32-shl format to decode a binary (#1296814).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1296814 - sh binutils: Matching formats: elf32-sh-linux elf32-shl
https://bugzilla.redhat.com/show_bug.cgi?id=1296814
--------------------------------------------------------------------------------
================================================================================
docker-1.10.2-1.git86e59a5.fc23 (FEDORA-2016-f9d972be2c)
Automates deployment of containerized applications
--------------------------------------------------------------------------------
Update Information:
built docker @projectatomic/fedora-1.10.2 commit#86e59a5 ---- rebuilt with
seccomp enabled ---- built docker @projectatomic/fedora-1.10.1 commit#6c71d8f
---- built docker @projectatomic/fedora-1.10.1 commit#6c71d8f ---- rebuilt,
no change
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1289851 - Docker.service does not require docker.socket which can lead to
Docker crash when docker.sock is host mounted
https://bugzilla.redhat.com/show_bug.cgi?id=1289851
[ 2 ] Bug #1254694 - "man docker-login" incorrectly claims that you can
"docker login" to Docker Hub as non-root user
https://bugzilla.redhat.com/show_bug.cgi?id=1254694
--------------------------------------------------------------------------------
================================================================================
dtv-scan-tables-1-1.20160106git9d6094a7c41e.fc23 (FEDORA-2016-fc3d90e4ba)
Digital TV scan tables
--------------------------------------------------------------------------------
Update Information:
Update DTV channel tables to sync with upstream additions
--------------------------------------------------------------------------------
ChangeLog:
* Sun Feb 21 2016 Mauro Carvalho Chehab <m.chehab(a)samsung.com> -
1-1.20160106git9d6094a7c41e
- Update to the latest release
* Wed Jan 6 2016 Ville Skytt�� <ville.skytta(a)iki.fi> - 1-3.20151108gitfe6079b60c6b
- Update to 2015-11-08-fe6079b60c6b, ship COPYING* as %license
--------------------------------------------------------------------------------
================================================================================
easytag-2.4.2-1.fc23 (FEDORA-2016-2a764dcf9f)
Tag editor for MP3, Ogg, FLAC and other music files
--------------------------------------------------------------------------------
Update Information:
Update to 2.4.2
--------------------------------------------------------------------------------
================================================================================
gambit-c-4.8.4-1.fc23 (FEDORA-2016-e959d30112)
Scheme programming system
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release. Temporarily not available on ARMv7HL due to a
bug in displaying scientific notation numbers (#1310438)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1307519 - gambit-c: FTBFS in rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1307519
[ 2 ] Bug #1267410 - gambit-c-v4.8.4-bootstrap is available
https://bugzilla.redhat.com/show_bug.cgi?id=1267410
--------------------------------------------------------------------------------
================================================================================
gnupg2-2.1.11-1.fc23 (FEDORA-2016-e7e8a7d33a)
Utility for secure communication and data storage
--------------------------------------------------------------------------------
Update Information:
New upstream release fixing minor bugs and adding enhancements.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1193725 - gnupg2-2.1.x keyring conversions sometimes fail
https://bugzilla.redhat.com/show_bug.cgi?id=1193725
--------------------------------------------------------------------------------
================================================================================
mkvtoolnix-8.9.0-1.fc23 (FEDORA-2016-4c87a9e11f)
Matroska container manipulation utilities
--------------------------------------------------------------------------------
Update Information:
* MKVToolNix GUI: the default font size adjustment has been deactivated for the
time being as it causes problems on high DPI displays. See #1602. * MKVToolNix
GUI: bug fix: ampersands (&) in file names were shown as keyboard shortcuts in
tab titles in various tools (merge tool, chapter and header editors, job output
tool). Fixes #1603. * MKVToolNix GUI: header editor enhancement: when the user
drags & drops files on an open header editor tab the GUI will ask the user what
to do with them: either open the files as new header editor tabs or add the
files as new attachments to the current tab. The action can also be set as the
default. Implements #1585. * MKVToolNix GUI: chapter & header editor
enhancement: Matroska files are initially opened in read-only mode and only
later re-opened in read/write mode in order to enable reading from write-
protected files. Part of the implementation of #1594. * MKVToolNix GUI: chapter
& header enhancement: the error messages shown when a Matroska file could not be
parsed have been improved to include the most likely reasons. Part of the
implementation of #1594. * MKVToolNix GUI: chapter editor enhancement: added a
menu entry for removing chapters from an existing Matroska file. Inspired by
#1593. * MKVToolNix GUI: chapter editor enhancement: it is now possible to save
chapters to Matroska files after having removed all entries (editions and
chapter atoms). This effectively removes the chapters from the file. Implements
#1593. * MKVToolNix GUI: job queue enhancement: added keyboard shortcuts for
removing all completed jobs and for removing successfully completed jobs.
Implements #1599. * MKVToolNix GUI: merge tool enhancement: added icons to the
context menu actions in the "attachments" sub-tab. Implements #1596. *
MKVToolNix GUI: merge tool enhancement: made the context menu entries in the
"attachments" sub-tab clearer. Implements #1597. * mkvmerge: bug fix: fixed the
handling of AVIs with a negative video height (which signals that the rows are
arranged top-to-bottom). * MKVToolNix GUI: job queue bug fix: fixed an invalid
memory access in the "edit in corresponding tool and remove from queue"
functionality. * MKVToolNix GUI: re-write, merge tool bug fix: the file
identification is now based on mkvmerge's JSON output instead of its verbose
output. This also fixes the merge tool not showing names of attachments inside
Matroska files properly if those names contain spaces (#1583). * MKVToolNix GUI:
merge tool bug fix: the "mux this" combo box was disabled if a single
attachment
was selected. * mkvmerge: bug fix: removed spurious output generated during file
identification in the HEVC detection code (e.g. "Error No Error"). * mkvmerge:
bug fix: fixed the output of the "playlist_file" and "other_file"
properties of
the "container" entity in the JSON identification format from a single string
to
an array of strings. The format version has been bumped to 3 due to this change.
* docs: added a Polish translation of the man pages by Daniel Kluz (see
AUTHORS). * MKVToolNix GUI: "run program after XYZ" enhancement: configurations
can now be deactivated without having to change them. Implements #1581. *
mkvmerge: bug fix: fixed parsing of AAC in MP4 with a program config element
with an empty comment field at the end of the GA specific config. Fixes #1578. *
mkvmerge: enhancement: when reading Matroska files created by HandBrake that
contain chapters the existing edition UIDs and chapter UIDs are removed and
random ones created. This is necessary as HandBrake assigns sequential numbers
starting at 1 for each file. Therefore there are two chapter entries with the
UID 1, two with the UID 2 etc. and those should, strictly speaking, be treated
as if they were a single chapter whereas the user expects those entries to stay
separate entries. Implements an improvement for issues such as #1561. *
MKVToolNix GUI: merge tool bug fix: the GUI no longer requires at least one
source file to be present before muxing can start in order to allow creation of
track-less files. Fixes #1576. * MKVToolNix GUI: enhancement: the "escape for
Windows' cmd.exe" mechanism will only escape arguments that actually need
escaping in order to produce easier to read command lines. * mkvmerge:
QuickTime/MP4 reader: fix a division by zero in the index generation for certain
old audio codecs that have certain header fields (bytes_per_frame,
samples_per_packet) set to 0. * mkvinfo: bug fix: global elements (EBML void and
CRC-32 elements) are now handled correctly if they're located inside the segment
info or the chapter translate parents.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1310480 - mkvtoolnix-8.9.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1310480
--------------------------------------------------------------------------------
================================================================================
nmh-1.6-6.fc23 (FEDORA-2016-364d084d97)
A capable mail handling system with a command line interface
--------------------------------------------------------------------------------
Update Information:
Added build dependency on w3m, and changed Requires to be on that package.
--------------------------------------------------------------------------------
================================================================================
perl-DBD-SQLite-1.48-4.fc23 (FEDORA-2016-0e67ba6792)
SQLite DBI Driver
--------------------------------------------------------------------------------
Update Information:
This release adapts to disabled FTS3 tokenizer in sqlite-3.11.0.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1309675 - perl-DBD-SQLite-1.50-1.fc24 FTBFS: t/43_fts3.t test fails
https://bugzilla.redhat.com/show_bug.cgi?id=1309675
--------------------------------------------------------------------------------
================================================================================
perl-Module-CoreList-5.20160121-1.fc23 (FEDORA-2016-4753d509c1)
What modules are shipped with versions of perl
--------------------------------------------------------------------------------
Update Information:
This release provides data for perl 5.23.8.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1310412 - perl-Module-CoreList-5.20160121 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1310412
--------------------------------------------------------------------------------
================================================================================
perl-MooseX-App-1.34-1.fc23 (FEDORA-2016-ff70e06a4c)
Write user-friendly command line apps with even less suffering
--------------------------------------------------------------------------------
Update Information:
A new version of MooseX-App is available. See
http://cpansearch.perl.org/src/MAROS/MooseX-App-1.34/Changes for the summary of
changes in this release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1310479 - perl-MooseX-App-1.34 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1310479
--------------------------------------------------------------------------------
================================================================================
pgadmin3-1.22.1-1.fc23 (FEDORA-2016-390ea81769)
Graphical client for PostgreSQL
--------------------------------------------------------------------------------
Update Information:
Update to 1.22.1
--------------------------------------------------------------------------------
================================================================================
php-mock-1.0.1-2.fc23 (FEDORA-2016-e1c6e043cf)
PHP-Mock can mock built-in PHP functions
--------------------------------------------------------------------------------
Update Information:
PHP-Mock can mock built-in PHP functions (e.g. time()). PHP-Mock relies on PHP's
namespace fallback policy. No further extension is needed. Autoloader:
/usr/share/php/phpmock/autoload.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1306968 - Review Request: php-mock - PHP-Mock can mock built-in PHP
functions
https://bugzilla.redhat.com/show_bug.cgi?id=1306968
--------------------------------------------------------------------------------
================================================================================
php-nette-2.3.9-1.fc23 (FEDORA-2016-ab6c547355)
Nette Framework
--------------------------------------------------------------------------------
Update Information:
Nette Framework is a popular tool for PHP web development It is designed to be
as usable and as friendly as possible. It focuses on security and performance
and is definitely one of the safest PHP frameworks. Nette Framework speaks your
language and helps you to easily build better websites. Cache accelerates your
application by storing data, once hardly retrieved, for future use. To use this
library, you just have to add, in your project: require_once
'/usr/share/php/Nette/autoload.php';
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1277484 - Review Request: php-nette - Nette Framework
https://bugzilla.redhat.com/show_bug.cgi?id=1277484
--------------------------------------------------------------------------------
================================================================================
php-nette-caching-2.3.5-1.fc23 (FEDORA-2016-63a186bf54)
Nette Caching Component
--------------------------------------------------------------------------------
Update Information:
**Released version 2.3.5** * added NewMemcachedStorage using memcached
extension #38 * CacheMacro: better error message
--------------------------------------------------------------------------------
================================================================================
php-tracy-2.3.9-1.fc23 (FEDORA-2016-e976b3feff)
Tracy: useful PHP debugger
--------------------------------------------------------------------------------
Update Information:
**Released version 2.3.9** * bar.js: MouseEvent.buttons is not supported by
Safari #134 * Dumper: support for general object exporter which is called for
every object * Dumper: object exporters are called in order from most
specific to general * Debugger: removes output buffer for Bar, Bluescreen and
production error. It decides whether clean or flush output buffers. * Dumper:
variable term=xterm-256color enables colors ---- **Released version 2.3.8**
* added Debugger::$showBar, can disable debug bar #132 #83 #82 *
Bluescreen: link to google opens in new window * Bar: add xdebug version to
info panel * Dumper::encodeString() is independent on iconv #126 * Dumper:
fixed dumping INF in PHP 7.0.2
--------------------------------------------------------------------------------
================================================================================
postfix-3.0.4-1.fc23 (FEDORA-2016-ee114777ec)
Postfix Mail Transport Agent
--------------------------------------------------------------------------------
Update Information:
This is new version of postfix, minor bugfix release, for details see upstream
announcement:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1310481 - postfix-3.0.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1310481
--------------------------------------------------------------------------------
================================================================================
rebase-helper-0.7.1-1.fc23 (FEDORA-2016-6de00f0e68)
The tool which helps you with rebase package
--------------------------------------------------------------------------------
Update Information:
New upstream version 0.7.1 (#1310640) ---- new upstream release 0.7.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1310640 - rebase-helper-0.7.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1310640
[ 2 ] Bug #1298403 - rebase-helper-0.7.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1298403
--------------------------------------------------------------------------------
================================================================================
roxterm-3.3.2-1.fc23 (FEDORA-2016-40c7315bf3)
A fast terminal emulator
--------------------------------------------------------------------------------
Update Information:
== Version 3.3.2 == * Document shortcuts quirk re Debian bug #809719 * Fade
text and bg colour labels along with buttons * Update New Window/Tab With
Profile submenus (bug #121) * Fixed ssh port number in config ui (bug #120) *
Fixed configure --disable-nls == Version 3.3.1 == * Only warn about closing
shells with child procs * Fixed colour palette radio grouping * Don't
recalculate size in "window-resize" handler * Use new vte API for checking URL
matches == Version 3.2.1 == * Use vte 0.40's new word chars API
--------------------------------------------------------------------------------
================================================================================
salt-2015.5.9-4.fc23 (FEDORA-2016-04fd54c536)
A parallel remote execution system
--------------------------------------------------------------------------------
Update Information:
Updated dnf patch ---- Corrected Requires for salt-syndic package
--------------------------------------------------------------------------------
================================================================================
shogun-4.1.0-1.fc23 (FEDORA-2016-e2fbe00070)
Large Scale Machine Learning Toolbox
--------------------------------------------------------------------------------
Update Information:
* new upstream release (#1306079) * fix build/testsuite with gcc 6.0.0
(#1308270)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1308270 - shogun: FTBFS in rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1308270
[ 2 ] Bug #1306079 - shogun-4.1.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1306079
--------------------------------------------------------------------------------
================================================================================
shogun-data-0.10-1.fc23 (FEDORA-2016-e2fbe00070)
Data-files for the SHOGUN machine learning toolbox
--------------------------------------------------------------------------------
Update Information:
* new upstream release (#1306079) * fix build/testsuite with gcc 6.0.0
(#1308270)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1308270 - shogun: FTBFS in rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1308270
[ 2 ] Bug #1306079 - shogun-4.1.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1306079
--------------------------------------------------------------------------------
================================================================================
yad-0.34.0-1.fc23 (FEDORA-2016-4f6cd157d0)
Display graphical dialogs from shell scripts or command line
--------------------------------------------------------------------------------
Update Information:
update to 0.34.0 ---- Update to yad-0.33.1 ---- update to 0.33.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1310485 - yad-0.34.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1310485
[ 2 ] Bug #1297601 - yad-0.33.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1297601
[ 3 ] Bug #1296780 - yad-0.33.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1296780
--------------------------------------------------------------------------------