The following Fedora 23 Security updates need testing:
Age URL
123
https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23
81
https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe
miniupnpc-1.9-6.fc23
54
https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324
jbig2dec-0.12-2.fc23
45
https://bodhi.fedoraproject.org/updates/FEDORA-2015-abf9659276
php-PHPMailer-5.2.14-1.fc23
4
https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1
python-pymongo-3.0.3-1.fc23
4
https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8
thttpd-2.25b-37.fc23
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-e5a5fb196f cgit-0.12-1.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4556904561
gsi-openssh-7.1p2-1.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-1c10ab3c35
moodle-2.9.4-1.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b59fd603be
kernel-4.3.3-303.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-2c15b72b01 xen-4.5.2-7.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-f3517b9c4c
bind-9.10.3-10.P3.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-feb8d77f36
bind99-9.9.8-2.P3.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-7726a100eb
webkitgtk4-2.10.5-1.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-946b98126d
java-1.8.0-openjdk-1.8.0.71-1.b15.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-8bb1932088
ntp-4.2.6p5-36.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-6a0b0ab775
chrony-2.1.1-2.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-42778e8c82 qemu-2.4.1-6.fc23
The following Fedora 23 Critical Path updates have yet to be approved:
Age URL
2
https://bodhi.fedoraproject.org/updates/FEDORA-2016-56454a26d9
evolution-mapi-3.18.4-1.fc23 evolution-ews-3.18.4-1.fc23 evolution-3.18.4-1.fc23
evolution-data-server-3.18.4-1.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a30f29f497
dmidecode-3.0-1.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-050cb4721e
baloo-widgets-15.12.1-1.fc23 dolphin-15.12.1-1.fc23 dolphin-plugins-15.12.1-1.fc23
kate-15.12.1-1.fc23 kio-extras-15.12.1-1.fc23 konsole5-15.12.1-1.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-45e2dc81ff
kde-baseapps-15.12.1-1.fc23 kde-runtime-15.12.1-1.fc23 kdelibs-4.14.16-1.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-f3517b9c4c
bind-9.10.3-10.P3.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b59fd603be
kernel-4.3.3-303.fc23
The following builds have been pushed to Fedora 23 updates-testing
ari-backup-1.0.12-1.fc23
awscli-1.9.21-1.fc23
baloo-widgets-15.12.1-1.fc23
bind-9.10.3-10.P3.fc23
bind99-9.9.8-2.P3.fc23
chrony-2.1.1-2.fc23
cockpit-0.92-1.fc23
compat-libuv010-0.10.34-4.fc23
cptutils-1.62-1.fc23
dleyna-renderer-0.5.0-3.fc23
dmidecode-3.0-1.fc23
dolphin-15.12.1-1.fc23
dolphin-plugins-15.12.1-1.fc23
dssp-2.2.1-7.fc23
enlightenment-0.20.3-1.fc23
freedv-1.1-4.fc23
gap-pkg-grape-4.7-1.fc23
gap-pkg-orb-4.7.5-1.fc23
golang-github-hashicorp-errwrap-0-0.1.git7554cd9.fc23
golang-github-hashicorp-go-cleanhttp-0-0.1.git5df5ddc.fc23
golang-github-hashicorp-go-immutable-radix-0-0.1.gitaca1bd0.fc23
gparted-0.25.0-1.fc23
greenisland-0.7.1-1.fc23
gstreamer1-1.6.3-1.fc23
gstreamer1-plugins-bad-free-1.6.3-1.fc23
gstreamer1-plugins-base-1.6.3-1.fc23
gstreamer1-plugins-good-1.6.3-1.fc23
gutenprint-5.2.11-1.fc23
haproxy-1.5.15-2.fc23
hawaii-shell-0.6.0-2.fc23
hawaii-workspace-0.5.0-2.fc23
java-1.8.0-openjdk-1.8.0.71-1.b15.fc23
kate-15.12.1-1.fc23
kde-baseapps-15.12.1-1.fc23
kde-runtime-15.12.1-1.fc23
kdelibs-4.14.16-1.fc23
kernel-4.3.3-303.fc23
kgpg-15.12.1-1.fc23
kio-extras-15.12.1-1.fc23
konsole5-15.12.1-1.fc23
libhawaii-0.6.0-1.fc23
libnatpmp-20150609-1.fc23
libvirt-1.2.18.2-2.fc23
lifeograph-1.3.0-1.fc23
mksh-52b-1.fc23
moodle-2.9.4-1.fc23
mozilla-requestpolicy-1.0-0.13.20160102gitc27c1f.fc23
ntp-4.2.6p5-36.fc23
nvme-cli-0.2-2.20160112gitbdbb4da.fc23
openscap-daemon-0.1.1-4.fc23
os-autoinst-4.3-4.fc23
osbs-client-0.16-1.fc23
perl-Module-CoreList-5.20160120-1.fc23
perl-Test-Run-CmdLine-0.0131-1.fc23
php-SymfonyCmfRouting-1.3.0-4.fc23
php-interfasys-lognormalizer-1.0-1.fc23
php-league-flysystem-1.0.16-1.fc23
php-mcnetic-zipstreamer-0.7-1.fc23
php-mtdowling-jmespath-php-2.3.0-1.fc23
php-nette-bootstrap-2.3.4-1.fc23
php-owncloud-tarstreamer-0.1-0.1.beta3.fc23
php-scssphp-0.4.0-1.fc23
python-botocore-1.3.21-1.fc23
python-inifile-0.3-2.fc23
python-polib-1.0.7-2.fc23
qbittorrent-3.3.3-1.fc23
qemu-2.4.1-6.fc23
qtlockedfile-2.4-20.20150629git5a07df5.fc23
qtsingleapplication-2.6.1-26.fc23
s3cmd-1.6.1-1.fc23
setroubleshoot-3.3.3-1.fc23
sssd-1.13.3-3.fc23
terminology-0.9.1-3.fc23
tn5250-0.17.4-14.fc23
transmission-2.84-10.fc23
unbound-1.5.7-2.fc23
webkitgtk4-2.10.5-1.fc23
xen-4.5.2-7.fc23
z3-4.4.1-2.fc23
Details about builds:
================================================================================
ari-backup-1.0.12-1.fc23 (FEDORA-2016-99417f6028)
A helpful wrapper around rdiff-backup
--------------------------------------------------------------------------------
Update Information:
Raise to version 1.0.12, a bugfix release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1300515 - ari-backup-1.0.12 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1300515
--------------------------------------------------------------------------------
================================================================================
awscli-1.9.21-1.fc23 (FEDORA-2016-b18ef77ed0)
Universal Command Line Environment for AWS
--------------------------------------------------------------------------------
Update Information:
Small update from upstream
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1297989 - awscli-1.9.18 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1297989
[ 2 ] Bug #1298925 - python-botocore-1.3.21 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1298925
--------------------------------------------------------------------------------
================================================================================
baloo-widgets-15.12.1-1.fc23 (FEDORA-2016-050cb4721e)
Widgets for Baloo
--------------------------------------------------------------------------------
Update Information:
Core KDE Applications components as part of
http://www.kde.org/announcements
/announce-applications-15.12.1.php
--------------------------------------------------------------------------------
================================================================================
bind-9.10.3-10.P3.fc23 (FEDORA-2016-f3517b9c4c)
The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server
--------------------------------------------------------------------------------
Update Information:
Update to the latest upstream version due to security fixes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1300051 - CVE-2015-8704 CVE-2015-8705 bind: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1300051
--------------------------------------------------------------------------------
================================================================================
bind99-9.9.8-2.P3.fc23 (FEDORA-2016-feb8d77f36)
The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) libraries
--------------------------------------------------------------------------------
Update Information:
Update to the latest upstream version due to security fix
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1300052 - CVE-2015-8704 bind99: bind: specific APL data could trigger an
INSIST in apl_42.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1300052
--------------------------------------------------------------------------------
================================================================================
chrony-2.1.1-2.fc23 (FEDORA-2016-6a0b0ab775)
An NTP client/server
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2016-1567
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1297472 - CVE-2016-1567 chrony: missing key check allows impersonation
between authenticated peers (VU#357792)
https://bugzilla.redhat.com/show_bug.cgi?id=1297472
--------------------------------------------------------------------------------
================================================================================
cockpit-0.92-1.fc23 (FEDORA-2016-4b50740597)
A user interface for Linux servers
--------------------------------------------------------------------------------
Update Information:
- * OAuth login support - * Update Patternfly - * Log to stderr when no journal
- * Make sosreport work on RHEL and Atomic
--------------------------------------------------------------------------------
================================================================================
compat-libuv010-0.10.34-4.fc23 (FEDORA-2016-b17cb1000e)
Platform layer for node.js - compatibility library for nodejs 0.10.x
--------------------------------------------------------------------------------
Update Information:
Fix typo in pkg-config file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1300061 - compat-libuv010.pc contains an error in Cflags property
https://bugzilla.redhat.com/show_bug.cgi?id=1300061
--------------------------------------------------------------------------------
================================================================================
cptutils-1.62-1.fc23 (FEDORA-2016-a1ea591f35)
Utilities to manipulate and translate color gradients
--------------------------------------------------------------------------------
Update Information:
- added the cptpg program - removed border from svg previews
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1300104 - cptutils-1.62 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1300104
--------------------------------------------------------------------------------
================================================================================
dleyna-renderer-0.5.0-3.fc23 (FEDORA-2016-1bcefe5748)
Service for interacting with Digital Media Renderers
--------------------------------------------------------------------------------
Update Information:
This update adds a -devel subpackage to make it easier to build packages
depending on dleyna-renderer in jhbuild.
--------------------------------------------------------------------------------
================================================================================
dmidecode-3.0-1.fc23 (FEDORA-2016-a30f29f497)
Tool to analyse BIOS DMI data
--------------------------------------------------------------------------------
Update Information:
dmidecode v3 patched up to commit e5c73239404
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1259709 - dmidecode-3.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1259709
[ 2 ] Bug #1198637 - Invoking `dmidecode` results in: /sys/firmware/efi/systab: SMBIOS
entry point missing
https://bugzilla.redhat.com/show_bug.cgi?id=1198637
--------------------------------------------------------------------------------
================================================================================
dolphin-15.12.1-1.fc23 (FEDORA-2016-050cb4721e)
KDE File Manager
--------------------------------------------------------------------------------
Update Information:
Core KDE Applications components as part of
http://www.kde.org/announcements
/announce-applications-15.12.1.php
--------------------------------------------------------------------------------
================================================================================
dolphin-plugins-15.12.1-1.fc23 (FEDORA-2016-050cb4721e)
Dolphin plugins for revision control systems
--------------------------------------------------------------------------------
Update Information:
Core KDE Applications components as part of
http://www.kde.org/announcements
/announce-applications-15.12.1.php
--------------------------------------------------------------------------------
================================================================================
dssp-2.2.1-7.fc23 (FEDORA-2016-3eb79d5265)
Protein secondary structure assignment
--------------------------------------------------------------------------------
Update Information:
Avoid compiler ICE on ppc64le (#1280387)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1280387 - [dssp]: remove hardcoded -O3 from makefile
https://bugzilla.redhat.com/show_bug.cgi?id=1280387
--------------------------------------------------------------------------------
================================================================================
enlightenment-0.20.3-1.fc23 (FEDORA-2016-55abdf51ca)
Enlightenment window manager
--------------------------------------------------------------------------------
Update Information:
- update to 0.20.3
--------------------------------------------------------------------------------
================================================================================
freedv-1.1-4.fc23 (FEDORA-2016-3a8343a0e9)
FreeDV Digital Voice
--------------------------------------------------------------------------------
Update Information:
Initial package release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1278638 - Review Request: freedv - FreeDV Digital Voice
https://bugzilla.redhat.com/show_bug.cgi?id=1278638
--------------------------------------------------------------------------------
================================================================================
gap-pkg-grape-4.7-1.fc23 (FEDORA-2016-98a7d27459)
GRaph Algorithms using PErmutation groups
--------------------------------------------------------------------------------
Update Information:
This release includes upstream support for bliss, instead of nauty, as well as a
test suite.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1299447 - gap-pkg-grape-4.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1299447
--------------------------------------------------------------------------------
================================================================================
gap-pkg-orb-4.7.5-1.fc23 (FEDORA-2016-40a7231549)
Methods to enumerate orbits in GAP
--------------------------------------------------------------------------------
Update Information:
gap-pkg-orb-4.7.5-1.fc23: - Add a hash function for blists - Technical change:
orbit objects are not collections anymore (fixes issue #10, where sometimes \in
returned wrong results for orbits) - Improve test suite
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1300480 - gap-pkg-orb-v4.7.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1300480
--------------------------------------------------------------------------------
================================================================================
golang-github-hashicorp-errwrap-0-0.1.git7554cd9.fc23 (FEDORA-2016-571cdfffdc)
Errwrap is a Go (golang) library for wrapping and querying errors
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
================================================================================
golang-github-hashicorp-go-cleanhttp-0-0.1.git5df5ddc.fc23 (FEDORA-2016-8e197296b5)
Functions for accessing "clean" Go http.Client values
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
================================================================================
golang-github-hashicorp-go-immutable-radix-0-0.1.gitaca1bd0.fc23
(FEDORA-2016-a65fddd4de)
An immutable radix tree implementation in Golang
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
================================================================================
gparted-0.25.0-1.fc23 (FEDORA-2016-2a473b7a76)
Gnome Partition Editor
--------------------------------------------------------------------------------
Update Information:
Update to 0.25.0; Enhancements and bugfixes
--------------------------------------------------------------------------------
================================================================================
greenisland-0.7.1-1.fc23 (FEDORA-2016-5f1e4c95a4)
QtQuick-based Wayland compositor in library form
--------------------------------------------------------------------------------
Update Information:
Hawaii update
--------------------------------------------------------------------------------
================================================================================
gstreamer1-1.6.3-1.fc23 (FEDORA-2016-d7ec567463)
GStreamer streaming media framework runtime
--------------------------------------------------------------------------------
Update Information:
Update to 1.6.3
--------------------------------------------------------------------------------
================================================================================
gstreamer1-plugins-bad-free-1.6.3-1.fc23 (FEDORA-2016-dd20114fea)
GStreamer streaming media framework "bad" plugins
--------------------------------------------------------------------------------
Update Information:
Update to 1.6.3
--------------------------------------------------------------------------------
================================================================================
gstreamer1-plugins-base-1.6.3-1.fc23 (FEDORA-2016-3f08cfce2b)
GStreamer streaming media framework base plugins
--------------------------------------------------------------------------------
Update Information:
Update to 1.6.3
--------------------------------------------------------------------------------
================================================================================
gstreamer1-plugins-good-1.6.3-1.fc23 (FEDORA-2016-ecc45849f0)
GStreamer plugins with good code and licensing
--------------------------------------------------------------------------------
Update Information:
Update to 1.6.3
--------------------------------------------------------------------------------
================================================================================
gutenprint-5.2.11-1.fc23 (FEDORA-2016-2129dfb267)
Printer Drivers Package
--------------------------------------------------------------------------------
Update Information:
New upstream release.
--------------------------------------------------------------------------------
================================================================================
haproxy-1.5.15-2.fc23 (FEDORA-2016-676b13b781)
HAProxy reverse proxy for high availability environments
--------------------------------------------------------------------------------
Update Information:
Extend default max hostname length to 64 and beyond
--------------------------------------------------------------------------------
================================================================================
hawaii-shell-0.6.0-2.fc23 (FEDORA-2016-5f1e4c95a4)
Hawaii shell for desktop, netbook and tablet
--------------------------------------------------------------------------------
Update Information:
Hawaii update
--------------------------------------------------------------------------------
================================================================================
hawaii-workspace-0.5.0-2.fc23 (FEDORA-2016-7300683b52)
Hawaii workspace, applications and plugins
--------------------------------------------------------------------------------
Update Information:
New hawaii-workspace package
--------------------------------------------------------------------------------
================================================================================
java-1.8.0-openjdk-1.8.0.71-1.b15.fc23 (FEDORA-2016-946b98126d)
OpenJDK Runtime Environment
--------------------------------------------------------------------------------
Update Information:
security update to CPU 19.1.2016 to u71b15
--------------------------------------------------------------------------------
================================================================================
kate-15.12.1-1.fc23 (FEDORA-2016-050cb4721e)
Advanced Text Editor
--------------------------------------------------------------------------------
Update Information:
Core KDE Applications components as part of
http://www.kde.org/announcements
/announce-applications-15.12.1.php
--------------------------------------------------------------------------------
================================================================================
kde-baseapps-15.12.1-1.fc23 (FEDORA-2016-45e2dc81ff)
KDE Core Applications
--------------------------------------------------------------------------------
Update Information:
KDE4 Core/Runtime components as part of
http://www.kde.org/announcements
/announce-applications-15.12.1.php
--------------------------------------------------------------------------------
================================================================================
kde-runtime-15.12.1-1.fc23 (FEDORA-2016-45e2dc81ff)
KDE Runtime
--------------------------------------------------------------------------------
Update Information:
KDE4 Core/Runtime components as part of
http://www.kde.org/announcements
/announce-applications-15.12.1.php
--------------------------------------------------------------------------------
================================================================================
kdelibs-4.14.16-1.fc23 (FEDORA-2016-45e2dc81ff)
KDE Libraries
--------------------------------------------------------------------------------
Update Information:
KDE4 Core/Runtime components as part of
http://www.kde.org/announcements
/announce-applications-15.12.1.php
--------------------------------------------------------------------------------
================================================================================
kernel-4.3.3-303.fc23 (FEDORA-2016-b59fd603be)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
Backported i915, networking, and nouveau fixes tagged for stable from 4.4
upstream. Assorted fixes elsewhere. ---- A few bug fixes and backports of all
the i915 patches queued for stable from 4.4. ---- A number of fixes across the
tree
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1297475 - CVE-2016-0728 kernel: Possible use-after-free vulnerability in
keyring facility
https://bugzilla.redhat.com/show_bug.cgi?id=1297475
[ 2 ] Bug #1296466 - CVE-2015-7566 kernel: Crash on invalid USB device descriptors in
visor driver
https://bugzilla.redhat.com/show_bug.cgi?id=1296466
[ 3 ] Bug #1284847 - CVE-2015-7513 Kernel: kvm: divide by zero issue leads to DoS
https://bugzilla.redhat.com/show_bug.cgi?id=1284847
--------------------------------------------------------------------------------
================================================================================
kgpg-15.12.1-1.fc23 (FEDORA-2016-5716086d21)
Manage GPG encryption keys
--------------------------------------------------------------------------------
Update Information:
Latest stable/bugfix upstream release as part of
https://www.kde.org/announcements/announce-applications-15.12.1.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1285296 - update-desktop-database reports error about kgpg desktop file
https://bugzilla.redhat.com/show_bug.cgi?id=1285296
--------------------------------------------------------------------------------
================================================================================
kio-extras-15.12.1-1.fc23 (FEDORA-2016-050cb4721e)
Additional components to increase the functionality of KIO Framework
--------------------------------------------------------------------------------
Update Information:
Core KDE Applications components as part of
http://www.kde.org/announcements
/announce-applications-15.12.1.php
--------------------------------------------------------------------------------
================================================================================
konsole5-15.12.1-1.fc23 (FEDORA-2016-050cb4721e)
KDE Terminal emulator
--------------------------------------------------------------------------------
Update Information:
Core KDE Applications components as part of
http://www.kde.org/announcements
/announce-applications-15.12.1.php
--------------------------------------------------------------------------------
================================================================================
libhawaii-0.6.0-1.fc23 (FEDORA-2016-5f1e4c95a4)
Core share library for Hawaii desktop suite
--------------------------------------------------------------------------------
Update Information:
Hawaii update
--------------------------------------------------------------------------------
================================================================================
libnatpmp-20150609-1.fc23 (FEDORA-2016-7fb3ad6fe3)
Library of The NAT Port Mapping Protocol (NAT-PMP)
--------------------------------------------------------------------------------
Update Information:
Update libnatpmp to support unbundling it from transmission. Patch transmission
gtk interface glitch.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1288861 - Transmission interface glitch
https://bugzilla.redhat.com/show_bug.cgi?id=1288861
[ 2 ] Bug #1264292 - Unbundle libnatpmp
https://bugzilla.redhat.com/show_bug.cgi?id=1264292
[ 3 ] Bug #1229934 - libnatpmp-20150609 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1229934
--------------------------------------------------------------------------------
================================================================================
libvirt-1.2.18.2-2.fc23 (FEDORA-2016-02dc87c44e)
Library providing a simple virtualization API
--------------------------------------------------------------------------------
Update Information:
* Fix XML validation with qemu commandline passthrough (bz #1292131) * Fix crash
in libvirt_leasehelper (bz #1202350) * Generate consistent systemtap tapsets
regardless of host arch (bz #1173641) * Fix qemu:///session error 'Transport
endpoint is not connected' (bz #1271183) * Fix parallel VM start/top svirt
errors on kernel/initrd (bz #1269975)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1202350 - [abrt] libvirt-daemon-driver-network: virJSONValueToStringOne():
libvirt_leaseshelper killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1202350
[ 2 ] Bug #1173641 - file /usr/share/systemtap/tapset/libvirt_functions.stp conflicts
between attempted installs of libvirt-client-1.2.9.1-2.fc21.i686 and
libvirt-client-1.2.9.1-2.fc21.x86_64
https://bugzilla.redhat.com/show_bug.cgi?id=1173641
[ 3 ] Bug #1271183 - XML-RPC error : Cannot write data: Transport endpoint is not
connected
https://bugzilla.redhat.com/show_bug.cgi?id=1271183
[ 4 ] Bug #1269975 - svirt very occasionally prevents parallel libvirt access to
'kernel' file
https://bugzilla.redhat.com/show_bug.cgi?id=1269975
--------------------------------------------------------------------------------
================================================================================
lifeograph-1.3.0-1.fc23 (FEDORA-2016-8e530824c8)
A diary program
--------------------------------------------------------------------------------
Update Information:
Update to new release 1.3.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1298699 - update to 1.3.0
https://bugzilla.redhat.com/show_bug.cgi?id=1298699
--------------------------------------------------------------------------------
================================================================================
mksh-52b-1.fc23 (FEDORA-2016-d791539d46)
MirBSD enhanced version of the Korn Shell
--------------------------------------------------------------------------------
Update Information:
mksh R52b ========= R52b is a strongly recommended bugfix-only release: *
Recognise ksh93 compiled scripts and LZIP compressed files as binary (i.e. to
not run as mksh plaintext script) * Document that we will implement locale
tracking later * Add EEXIST to failback strerror(3) * Make set -C; :>foo race-
free * Don���t use unset in portable build script * Plug warning on
GNU/kFreeBSD, GNU/Hurd * Document read -a resets the integer base * Fix
manpage: time is not a builtin but a reserved word * Make exit (and return) eat
-1 * parse ���$( (( ��� ) ��� ) ��� )��� correctly (LP#1532621), Jan Palus * reduce
memory footprint by free(3)ing more aggressively * fix buffer overrun
(LP#1533394), bugreport by izabera * correctly handle nested ADELIM parsing
(LP#1453827), Teckids * permit ���read -A/-a arr[idx]��� as long as only one
element is read; fix corruption of array indic��s with this construct
(LP#1533396), izabera * Sanitise OS-provided signal number in even more places
* As requested by J��rg, be clear manpage advice is for mksh * Revert (as it was
a regression) POSIX bugfix from R52/2005 related to accent gravis-style command
substitution until POSIX decides either way * Handle export et al. after
command (Austin#351) * Catch EPIPE in built-in cat and return as SIGPIPE
(LP#1532621) * Fix errno in print/echo builtin; optimise that and unbksl *
Update documentation, point out POSIX violation (Austin#1015)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1300482 - mksh-52b is available
https://bugzilla.redhat.com/show_bug.cgi?id=1300482
--------------------------------------------------------------------------------
================================================================================
moodle-2.9.4-1.fc23 (FEDORA-2016-1c10ab3c35)
A Course Management System
--------------------------------------------------------------------------------
Update Information:
Security update.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1299363 - CVE-2016-0724 moodle: two enrolment-related web services don't
check course visibility [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1299363
[ 2 ] Bug #1299355 - CVE-2016-0725 moodle: XSS vulnerability in course management search
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1299355
--------------------------------------------------------------------------------
================================================================================
mozilla-requestpolicy-1.0-0.13.20160102gitc27c1f.fc23 (FEDORA-2016-76da9510c3)
Firefox and Seamonkey extension that gives you control over cross-site requests
--------------------------------------------------------------------------------
Update Information:
- Update to v1.0.beta11pre4
--------------------------------------------------------------------------------
================================================================================
ntp-4.2.6p5-36.fc23 (FEDORA-2016-8bb1932088)
The NTP daemon and utilities
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2015-7974, CVE-2015-8138, CVE-2015-7977, CVE-2015-7978,
CVE-2015-7979, CVE-2015-8158
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1297471 - CVE-2015-7974 ntp: missing key check allows impersonation between
authenticated peers (VU#357792)
https://bugzilla.redhat.com/show_bug.cgi?id=1297471
[ 2 ] Bug #1299442 - CVE-2015-8138 ntp: missing check for zero originate timestamp
https://bugzilla.redhat.com/show_bug.cgi?id=1299442
[ 3 ] Bug #1300269 - CVE-2015-7977 ntp: restriction list NULL pointer dereference
https://bugzilla.redhat.com/show_bug.cgi?id=1300269
[ 4 ] Bug #1300270 - CVE-2015-7978 ntp: stack exhaustion in recursive traversal of
restriction list
https://bugzilla.redhat.com/show_bug.cgi?id=1300270
[ 5 ] Bug #1300271 - CVE-2015-7979 ntp: off-path denial of service on authenticated
broadcast mode
https://bugzilla.redhat.com/show_bug.cgi?id=1300271
[ 6 ] Bug #1300273 - CVE-2015-8158 ntp: potential infinite loop in ntpq
https://bugzilla.redhat.com/show_bug.cgi?id=1300273
--------------------------------------------------------------------------------
================================================================================
nvme-cli-0.2-2.20160112gitbdbb4da.fc23 (FEDORA-2016-d174565d42)
NVMe management command line interface
--------------------------------------------------------------------------------
Update Information:
New package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1298019 - Review Request: nvme-cli - NVMe management command line interface
https://bugzilla.redhat.com/show_bug.cgi?id=1298019
--------------------------------------------------------------------------------
================================================================================
openscap-daemon-0.1.1-4.fc23 (FEDORA-2016-bd78dcde9f)
Manages continuous SCAP scans of your infrastructure
--------------------------------------------------------------------------------
Update Information:
Add dependency on python requests
--------------------------------------------------------------------------------
================================================================================
os-autoinst-4.3-4.fc23 (FEDORA-2016-d40570295b)
OS-level test automation
--------------------------------------------------------------------------------
Update Information:
This update adds the os-autoinst package. os-autoinst is part of the openQA
automated testing system used by Fedora QA; we are moving the packages from a
COPR to the official repositories.
--------------------------------------------------------------------------------
================================================================================
osbs-client-0.16-1.fc23 (FEDORA-2016-548a2ee909)
Python command line client for OpenShift Build Service
--------------------------------------------------------------------------------
Update Information:
New upstream release 0.16.
--------------------------------------------------------------------------------
================================================================================
perl-Module-CoreList-5.20160120-1.fc23 (FEDORA-2016-b996a8f7ee)
What modules are shipped with versions of perl
--------------------------------------------------------------------------------
Update Information:
This release brings data for perl 5.23.7.
--------------------------------------------------------------------------------
================================================================================
perl-Test-Run-CmdLine-0.0131-1.fc23 (FEDORA-2016-7eef79c754)
Run TAP tests from command line using the Test::Run module
--------------------------------------------------------------------------------
Update Information:
This release improves test portability.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1300484 - perl-Test-Run-CmdLine-0.0131 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1300484
--------------------------------------------------------------------------------
================================================================================
php-SymfonyCmfRouting-1.3.0-4.fc23 (FEDORA-2016-9f4e08bc59)
Extends the Symfony2 routing component for dynamic routes and chaining
--------------------------------------------------------------------------------
Update Information:
- `php-composer(*)` virtual provide dependencies instead of direct package names
- Dropped max version build dependencies - Increased Symfony min version from
2.2 to 2.3.31/2.7.3 for autoloaders - Added
"`php-{COMPOSER_VENDOR}-{COMPOSER_PROJECT}`"
("`php-symfony-cmf-routing`")
virtual provide - Suggest `php-composer(symfony/event-dispatcher)` instead of
require - Added autoloader
--------------------------------------------------------------------------------
================================================================================
php-interfasys-lognormalizer-1.0-1.fc23 (FEDORA-2016-70790f2076)
Parses variables and converts them to string
--------------------------------------------------------------------------------
Update Information:
Parses variables and converts them to string so that they can be logged. Based
on the Monolog formatter/normalizer. Autoloader:
/usr/share/php/InterfaSys/LogNormalizer/autoload.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1298649 - Review Request: php-interfasys-lognormalizer - Parses variables and
converts them to string
https://bugzilla.redhat.com/show_bug.cgi?id=1298649
--------------------------------------------------------------------------------
================================================================================
php-league-flysystem-1.0.16-1.fc23 (FEDORA-2016-cab0ed021e)
Filesystem abstraction: Many filesystems, one API
--------------------------------------------------------------------------------
Update Information:
Flysystem is a filesystem abstraction which allows you to easily swap out a
local filesystem for a remote one. Autoloader:
/usr/share/php/League/Flysystem/autoload.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1298475 - Review Request: php-league-flysystem - Filesystem abstraction: Many
filesystems, one API
https://bugzilla.redhat.com/show_bug.cgi?id=1298475
--------------------------------------------------------------------------------
================================================================================
php-mcnetic-zipstreamer-0.7-1.fc23 (FEDORA-2016-20a57d7c40)
Stream zip files without i/o overhead
--------------------------------------------------------------------------------
Update Information:
Simple Class to create zip files on the fly and stream directly to the HTTP
client as the content is added (without using temporary files). Autoloader:
/usr/share/php/ZipStreamer/autoload.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1296901 - Review Request: php-mcnetic-zipstreamer - Stream zip files without
i/o overhead
https://bugzilla.redhat.com/show_bug.cgi?id=1296901
--------------------------------------------------------------------------------
================================================================================
php-mtdowling-jmespath-php-2.3.0-1.fc23 (FEDORA-2016-090c236b64)
Declaratively specify how to extract elements from a JSON document
--------------------------------------------------------------------------------
Update Information:
## 2.3.0 - 2016-01-05 * Added support for
[
JEP-9](https://github.com/jmespath/jmespath.site/blob/master/docs/proposals
/improved-filters.rst), including unary filter expressions, and `&&` filter
expressions. * Fixed various parsing issues, including not removing escaped
single quotes from raw string literals. * Added support for the `map`
function. * Fixed several issues with code generation.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1295982 - php-mtdowling-jmespath-php-2.3.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1295982
--------------------------------------------------------------------------------
================================================================================
php-nette-bootstrap-2.3.4-1.fc23 (FEDORA-2016-bb902eeee4)
Nette Bootstrap
--------------------------------------------------------------------------------
Update Information:
Loads Nette Framework and all libraries. Class Configurator creates so called
DI container and handles application initialization. To use this library, you
just have to add, in your project: require_once
'/usr/share/php/Nette/Bootstrap/autoload.php';
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1277476 - Review Request: php-nette-bootstrap - Nette Bootstrap
https://bugzilla.redhat.com/show_bug.cgi?id=1277476
--------------------------------------------------------------------------------
================================================================================
php-owncloud-tarstreamer-0.1-0.1.beta3.fc23 (FEDORA-2016-f4e180b95c)
Streaming dynamic tar files
--------------------------------------------------------------------------------
Update Information:
A library for dynamically streaming dynamic tar files without the need to have
the complete file stored on the server. Autoloader:
/usr/share/php/ownCloud/TarStreamer/autoload.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1296939 - Review Request: php-owncloud-tarstreamer - Streaming dynamic tar
files
https://bugzilla.redhat.com/show_bug.cgi?id=1296939
--------------------------------------------------------------------------------
================================================================================
php-scssphp-0.4.0-1.fc23 (FEDORA-2016-73d6f60194)
A compiler for SCSS written in PHP
--------------------------------------------------------------------------------
Update Information:
### v0.4.0 #### Breaking Changes: - Parser: remove deprecated `show()` and
`to()` methods - Parser, Compiler: convert stdClass to Block, Node, and
OutputBlock abstractions - Compiler: 2nd argument passed to user registered
functions now receive kwargs instead of a Compiler instance #### Enhancements:
- New control directives: `@break`, `@continue`, and naked `@return` - New
operator: `<=>` (spaceship) operator #### Compatibility Fixes: - Compiler:
`index()` - coerce first argument to list - Compiler/Parser: fix `@media` nested
in mixin - Compiler: output literal string instead of division-by-zero exception
- Compiler: `str-slice()` - handle negative index - Compiler: pass kwargs to
built-ins and user registered functions ### v0.3.3 #### Enhancements: -
Compiler: add `getVariables()` and `addFeature()` API methods ####
Compatibility: - Compiler: can pass negative indices to `nth()` and `set-nth()`
- Compiler: can pass map as args to mixin expecting varargs - Compiler: add
coerceList(map) - Compiler: improve `@at-root` support - Nested formatter:
suppress empty blocks #### Internals: - Parser, Compiler: refactoring
sourceParser to sourceIndex to facilitate future caching of parse tree
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1274939 - php-scssphp-0.6.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1274939
--------------------------------------------------------------------------------
================================================================================
python-botocore-1.3.21-1.fc23 (FEDORA-2016-b18ef77ed0)
Low-level, data-driven core of boto 3
--------------------------------------------------------------------------------
Update Information:
Small update from upstream
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1297989 - awscli-1.9.18 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1297989
[ 2 ] Bug #1298925 - python-botocore-1.3.21 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1298925
--------------------------------------------------------------------------------
================================================================================
python-inifile-0.3-2.fc23 (FEDORA-2016-843bee847e)
A small INI library for Python
--------------------------------------------------------------------------------
Update Information:
Library required for Lektor framework
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1299558 - Review Request: python-inifile - A small INI library for Python
https://bugzilla.redhat.com/show_bug.cgi?id=1299558
--------------------------------------------------------------------------------
================================================================================
python-polib-1.0.7-2.fc23 (FEDORA-2016-4f3305b01c)
A library to parse and manage gettext catalogs
--------------------------------------------------------------------------------
Update Information:
Upstream update to python-polib
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1287273 - please update to polib 1.0.7
https://bugzilla.redhat.com/show_bug.cgi?id=1287273
--------------------------------------------------------------------------------
================================================================================
qbittorrent-3.3.3-1.fc23 (FEDORA-2016-662897927c)
A Bittorrent Client
--------------------------------------------------------------------------------
Update Information:
New version
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1300126 - qbittorrent-3.3.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1300126
--------------------------------------------------------------------------------
================================================================================
qemu-2.4.1-6.fc23 (FEDORA-2016-42778e8c82)
QEMU is a FAST! processor emulator
--------------------------------------------------------------------------------
Update Information:
* CVE-2015-8745: vmxnet3: don't assert reading registers in bar0 (bz #1295442) *
CVE-2015-8567: net: vmxnet3: host memory leakage (bz #1289818) * CVE-2016-1922:
i386: avoid null pointer dereference (bz #1292766) * CVE-2015-8613: buffer
overflow in megasas_ctrl_get_info (bz #1284008) * CVE-2015-8701: Buffer overflow
in tx_consume in rocker.c (bz #1293720) * CVE-2015-8743: ne2000: OOB memory
access in ioport r/w functions (bz #1294787) * CVE-2016-1568: Use-after-free
vulnerability in ahci (bz #1297023) * Fix modules.d/kvm.conf example syntax (bz
#1298823)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1284008 - CVE-2015-8613 Qemu: scsi: stack based buffer overflow in
megasas_ctrl_get_info
https://bugzilla.redhat.com/show_bug.cgi?id=1284008
[ 2 ] Bug #1270876 - CVE-2015-8745 Qemu: net: vmxnet3: reading IMR registers leads to a
crash via assert(2) call
https://bugzilla.redhat.com/show_bug.cgi?id=1270876
[ 3 ] Bug #1289816 - CVE-2015-8568 CVE-2015-8567 Qemu: net: vmxnet3: host memory
leakage
https://bugzilla.redhat.com/show_bug.cgi?id=1289816
[ 4 ] Bug #1283934 - CVE-2016-1922 Qemu: i386: null pointer dereference in
vapic_write()
https://bugzilla.redhat.com/show_bug.cgi?id=1283934
[ 5 ] Bug #1286971 - CVE-2015-8701 Qemu: net: rocker: stack buffer overflow(off-by-one)
in tx_consume routine
https://bugzilla.redhat.com/show_bug.cgi?id=1286971
[ 6 ] Bug #1264929 - CVE-2015-8743 Qemu: net: ne2000: OOB memory access in ioport r/w
functions
https://bugzilla.redhat.com/show_bug.cgi?id=1264929
[ 7 ] Bug #1288532 - CVE-2016-1568 Qemu: ide: ahci use-after-free vulnerability in aio
port commands
https://bugzilla.redhat.com/show_bug.cgi?id=1288532
--------------------------------------------------------------------------------
================================================================================
qtlockedfile-2.4-20.20150629git5a07df5.fc23 (FEDORA-2016-7d62b662e4)
QFile extension with advisory locking functions
--------------------------------------------------------------------------------
Update Information:
Rebuild
--------------------------------------------------------------------------------
================================================================================
qtsingleapplication-2.6.1-26.fc23 (FEDORA-2016-c51d667d48)
Qt library to start applications only once per user
--------------------------------------------------------------------------------
Update Information:
Rebuild
--------------------------------------------------------------------------------
================================================================================
s3cmd-1.6.1-1.fc23 (FEDORA-2016-efc2f7894f)
Tool for accessing Amazon Simple Storage Service
--------------------------------------------------------------------------------
Update Information:
upstream 1.6.1
--------------------------------------------------------------------------------
================================================================================
setroubleshoot-3.3.3-1.fc23 (FEDORA-2016-8f471924e8)
Helps troubleshoot SELinux problems
--------------------------------------------------------------------------------
Update Information:
Several fixes of issues related to the python 3 by default change. DBUS API was
exended to provide more functionality.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1297111 - setroubleshoot-server cannot send email because of error: Exception
during AVC analysis: No module named 'email.MIMEText'
https://bugzilla.redhat.com/show_bug.cgi?id=1297111
--------------------------------------------------------------------------------
================================================================================
sssd-1.13.3-3.fc23 (FEDORA-2016-61146827f2)
System Security Services Daemon
--------------------------------------------------------------------------------
Update Information:
Resolves: rhbz#1256849 - SUDO: Support the IPA schema
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1256849 - SUDO: Support the IPA schema
https://bugzilla.redhat.com/show_bug.cgi?id=1256849
[ 2 ] Bug #850328 - Introduce new systemd-rpm macros in sssd spec file
https://bugzilla.redhat.com/show_bug.cgi?id=850328
[ 3 ] Bug #1266940 - sssd-client.i686 on x86_64 has unowned directories
https://bugzilla.redhat.com/show_bug.cgi?id=1266940
--------------------------------------------------------------------------------
================================================================================
terminology-0.9.1-3.fc23 (FEDORA-2016-7a2e27c171)
EFL based terminal emulator
--------------------------------------------------------------------------------
Update Information:
Rebuild with efl-1.16.1
--------------------------------------------------------------------------------
================================================================================
tn5250-0.17.4-14.fc23 (FEDORA-2016-1d2f64c4ac)
5250 Telnet protocol and Terminal
--------------------------------------------------------------------------------
Update Information:
rebuilt without hardening to workaround a segfault
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1290742 - tn5250 Segmentation fault (core dumped)
https://bugzilla.redhat.com/show_bug.cgi?id=1290742
--------------------------------------------------------------------------------
================================================================================
transmission-2.84-10.fc23 (FEDORA-2016-7fb3ad6fe3)
A lightweight GTK+ BitTorrent client
--------------------------------------------------------------------------------
Update Information:
Update libnatpmp to support unbundling it from transmission. Patch transmission
gtk interface glitch.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1288861 - Transmission interface glitch
https://bugzilla.redhat.com/show_bug.cgi?id=1288861
[ 2 ] Bug #1264292 - Unbundle libnatpmp
https://bugzilla.redhat.com/show_bug.cgi?id=1264292
[ 3 ] Bug #1229934 - libnatpmp-20150609 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1229934
--------------------------------------------------------------------------------
================================================================================
unbound-1.5.7-2.fc23 (FEDORA-2016-554095acdd)
Validating, recursive, and caching DNS(SEC) resolver
--------------------------------------------------------------------------------
Update Information:
One bug fixed
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1294339 - unbound-control-setup fails due to mistakenly escaping shell chars
https://bugzilla.redhat.com/show_bug.cgi?id=1294339
--------------------------------------------------------------------------------
================================================================================
webkitgtk4-2.10.5-1.fc23 (FEDORA-2016-7726a100eb)
GTK+ Web content engine library
--------------------------------------------------------------------------------
Update Information:
This update addresses the following vulnerabilities: - CVE-2015-7096 -
CVE-2015-7098 Additional fixes: - Disable DNS prefetch when a proxy is
configured. - Reduce the maximum simultaneous network connections to match
other browsers. - Make WebKitWebView always propagate motion-notify-event
signal. - Add a way to force accelerating compositing mode at runtime using an
environment variable. - Fix input elements and scrollbars rendering with GTK+
3.19. - Fix rendering of lines when using solid colors. - Fix UI process
crashes related to not having a main resource response when the load is
committed for pages restored from the history cache. - Fix a WebProcess crash
when loading large contents with custom URI schemes API. - Fix a crash in the
UI process when the WebView is destroyed while the screensaver DBus proxy is
being created. - Fix WebProcess crashes due to BadDrawable X errors in
accelerated compositing mode. - Fix crashes on PPC64 due to mprotect() on
address not aligned to the page size. - Fix std::bad_function_call exception
raised in dispatchDecidePolicyForNavigationAction. - Fix downloads of data
URLs. - Fix runtime critical warnings when closing a page containing windowed
plugins. - Fix several crashes and rendering issues. - Translation updates:
French, German, Italian, Turkish.
--------------------------------------------------------------------------------
================================================================================
xen-4.5.2-7.fc23 (FEDORA-2016-2c15b72b01)
Xen is a virtual machine monitor
--------------------------------------------------------------------------------
Update Information:
PV superpage functionality missing sanity checks [XSA-167, CVE-2016-1570] VMX:
intercept issue with INVLPG on non-canonical address [XSA-168, CVE-2016-1571]
Qemu: pci: null pointer dereference issue CVE-2015-7549 qemu: DoS by infinite
loop in ehci_advance_state CVE-2015-8558 qemu: Heap-based buffer overrun during
VM migration CVE-2015-8666 Qemu: net: vmxnet3: incorrect l2 header validation
leads to a crash via assert(2) call CVE-2015-8744 qemu: Support reading IMR
registers on bar0 CVE-2015-8745 Qemu: net: vmxnet3: host memory leakage
CVE-2015-8567 CVE-2015-8568 Qemu: net: ne2000: OOB memory access in ioport r/w
functions CVE-2015-8743
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1270871 - CVE-2015-8744 Qemu: net: vmxnet3: incorrect l2 header validation
leads to a crash via assert(2) call
https://bugzilla.redhat.com/show_bug.cgi?id=1270871
[ 2 ] Bug #1296539 - CVE-2016-1570 xen: PV superpage functionality missing sanity
checks
https://bugzilla.redhat.com/show_bug.cgi?id=1296539
[ 3 ] Bug #1296544 - CVE-2016-1571 xen: Intercept issue with INVLPG on non-canonical
address causing host to crash
https://bugzilla.redhat.com/show_bug.cgi?id=1296544
[ 4 ] Bug #1291137 - CVE-2015-7549 Qemu: pci: null pointer dereference issue
https://bugzilla.redhat.com/show_bug.cgi?id=1291137
[ 5 ] Bug #1277983 - CVE-2015-8558 Qemu: usb: infinite loop in ehci_advance_state
results in DoS
https://bugzilla.redhat.com/show_bug.cgi?id=1277983
[ 6 ] Bug #1283722 - CVE-2015-8666 Qemu: acpi: heap based buffer overrun during VM
migration
https://bugzilla.redhat.com/show_bug.cgi?id=1283722
[ 7 ] Bug #1270876 - CVE-2015-8745 Qemu: net: vmxnet3: reading IMR registers leads to a
crash via assert(2) call
https://bugzilla.redhat.com/show_bug.cgi?id=1270876
[ 8 ] Bug #1289816 - CVE-2015-8568 CVE-2015-8567 Qemu: net: vmxnet3: host memory
leakage
https://bugzilla.redhat.com/show_bug.cgi?id=1289816
[ 9 ] Bug #1264929 - CVE-2015-8743 Qemu: net: ne2000: OOB memory access in ioport r/w
functions
https://bugzilla.redhat.com/show_bug.cgi?id=1264929
--------------------------------------------------------------------------------
================================================================================
z3-4.4.1-2.fc23 (FEDORA-2016-54d73989f6)
Satisfiability Modulo Theories (SMT) solver
--------------------------------------------------------------------------------
Update Information:
Add __init__.py to the python bindings so they can be used as a python module.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1298429 - There is no __init__.py in python binding of z3 solver
https://bugzilla.redhat.com/show_bug.cgi?id=1298429
--------------------------------------------------------------------------------