The following Fedora 23 Security updates need testing:
Age URL
423
https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23
381
https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe
miniupnpc-1.9-6.fc23
354
https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324
jbig2dec-0.12-2.fc23
304
https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1
python-pymongo-3.0.3-1.fc23
304
https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8
thttpd-2.25b-37.fc23
269
https://bodhi.fedoraproject.org/updates/FEDORA-2016-637618fcd4
mingw-nsis-2.50-1.fc23
111
https://bodhi.fedoraproject.org/updates/FEDORA-2016-8d79ade826 flex-2.6.0-2.fc23
100
https://bodhi.fedoraproject.org/updates/FEDORA-2016-c2ec9c716e redis-3.2.3-1.fc23
93
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d6288f555c
libarchive-3.2.1-3.fc23 python-libarchive-c-2.5-1.fc23
77
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b3a6435b14
dhcpcd-6.11.3-1.fc23
42
https://bodhi.fedoraproject.org/updates/FEDORA-2016-1649cc31e0
ca-certificates-2016.2.10-1.0.fc23
35
https://bodhi.fedoraproject.org/updates/FEDORA-2016-17ea599651
compat-guile18-1.8.8-14.fc23
19
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b89e991e63
nodejs-0.10.48-1.fc23
11
https://bodhi.fedoraproject.org/updates/FEDORA-2016-15d4c05a19
ghostscript-9.20-5.fc23
9
https://bodhi.fedoraproject.org/updates/FEDORA-2016-012de4c97e
chromium-54.0.2840.90-3.fc23
9
https://bodhi.fedoraproject.org/updates/FEDORA-2016-272fa6b96e dracut-043-67.fc23
7
https://bodhi.fedoraproject.org/updates/FEDORA-2016-48614c8b69
sudo-1.8.18p1-1.fc23
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-605fd98c32
bind-9.10.4-2.P4.fc23
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d2828a4793
firewalld-0.4.4.1-1.fc23
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-e77c8c1f3b
python-cryptography-vectors-1.5.3-1.fc23 python-cryptography-1.5.3-3.fc23
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-8e39076950
bind99-9.9.9-4.P4.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4f7d4df7b3
moodle-3.0.7-1.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a77985b7c7 moin-1.9.9-1.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-e39b7c826b
firefox-50.0-1.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-2edfd75312
zathura-pdf-mupdf-0.3.0-3.fc23 mujs-0-6.20161031gita0ceaf5.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-ee3a114958
kernel-4.8.8-100.fc23
The following Fedora 23 Critical Path updates have yet to be approved:
Age URL
120
https://bodhi.fedoraproject.org/updates/FEDORA-2016-98a7a1b6e0 abrt-2.8.0-6.fc23
libreport-2.6.4-3.fc23
93
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d6288f555c
libarchive-3.2.1-3.fc23 python-libarchive-c-2.5-1.fc23
54
https://bodhi.fedoraproject.org/updates/FEDORA-2016-79072fd70e
python-virtkey-0.63.0-1.fc23
47
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d26923757a
koji-1.10.1-13.fc23
42
https://bodhi.fedoraproject.org/updates/FEDORA-2016-1649cc31e0
ca-certificates-2016.2.10-1.0.fc23
27
https://bodhi.fedoraproject.org/updates/FEDORA-2016-79669f13cf
dmidecode-3.0-6.fc23
26
https://bodhi.fedoraproject.org/updates/FEDORA-2016-86a2119f42 nspr-4.13.1-1.fc23
17
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a0a575d718
libraw1394-2.1.2-1.fc23
11
https://bodhi.fedoraproject.org/updates/FEDORA-2016-0906f64ec8 rpm-4.13.0-1.fc23
11
https://bodhi.fedoraproject.org/updates/FEDORA-2016-6acb5c3dcb
ntfs-3g-2016.2.22-3.fc23
11
https://bodhi.fedoraproject.org/updates/FEDORA-2016-f3a79ea051
hwdata-0.294-1.fc23
9
https://bodhi.fedoraproject.org/updates/FEDORA-2016-272fa6b96e dracut-043-67.fc23
9
https://bodhi.fedoraproject.org/updates/FEDORA-2016-3082a2ecdc
perl-5.22.2-355.fc23
9
https://bodhi.fedoraproject.org/updates/FEDORA-2016-c33289a2c6
breeze-icon-theme-5.27.0-1.fc23 extra-cmake-modules-5.27.0-1.fc23 kf5-5.27.0-1.fc23
kf5-attica-5.27.0-1.fc23 kf5-baloo-5.27.0-1.fc23 kf5-bluez-qt-5.27.0-1.fc23
kf5-frameworkintegration-5.27.0-1.fc23 kf5-kactivities-5.27.0-1.fc23
kf5-kactivities-stats-5.27.0-1.fc23 kf5-kapidox-5.27.0-1.fc23 kf5-karchive-5.27.0-1.fc23
kf5-kauth-5.27.0-1.fc23 kf5-kbookmarks-5.27.0-1.fc23 kf5-kcmutils-5.27.0-1.fc23
kf5-kcodecs-5.27.0-1.fc23 kf5-kcompletion-5.27.0-1.fc23 kf5-kconfig-5.27.0-1.fc23
kf5-kconfigwidgets-5.27.0-1.fc23 kf5-kcoreaddons-5.27.0-1.fc23 kf5-kcrash-5.27.0-1.fc23
kf5-kdbusaddons-5.27.0-1.fc23 kf5-kdeclarative-5.27.0-1.fc23 kf5-kded-5.27.0-1.fc23
kf5-kdelibs4support-5.27.0-1.fc23 kf5-kdesignerplugin-5.27.0-1.fc23
kf5-kdesu-5.27.0-1.fc23 kf5-kdewebkit-5.27.0-1.fc23 kf5-kdnssd-5.27.0-1.fc23
kf5-kdoctools-5.27.0-1.fc23 kf5-kemoticons-5.27.0-1.fc23 kf5-kfilemetadata-5.27.0-1.fc23
kf5-kglobalaccel-5.27.0-1.fc23 kf5-kguiad
dons-5.27.0-1.fc23 kf5-khtml-5.27.0-1.fc23 kf5-ki18n-5.27.0-1.fc23
kf5-kiconthemes-5.27.0-1.fc23 kf5-kidletime-5.27.0-1.fc23 kf5-kimageformats-5.27.0-1.fc23
kf5-kinit-5.27.0-1.fc23 kf5-kio-5.27.0-1.fc23 kf5-kitemmodels-5.27.0-1.fc23
kf5-kitemviews-5.27.0-1.fc23 kf5-kjobwidgets-5.27.0-1.fc23 kf5-kjs-5.27.0-1.fc23
kf5-kjsembed-5.27.0-1.fc23 kf5-kmediaplayer-5.27.0-1.fc23 kf5-knewstuff-5.27.0-1.fc23
kf5-knotifications-5.27.0-1.fc23 kf5-knotifyconfig-5.27.0-1.fc23
kf5-kpackage-5.27.0-1.fc23 kf5-kparts-5.27.0-1.fc23 kf5-kpeople-5.27.0-1.fc23
kf5-kplotting-5.27.0-1.fc23 kf5-kpty-5.27.0-4.fc23 kf5-kross-5.27.0-1.fc23
kf5-krunner-5.27.0-1.fc23 kf5-kservice-5.27.0-1.fc23 kf5-ktexteditor-5.27.0-1.fc23
kf5-ktextwidgets-5.27.0-1.fc23 kf5-kunitconversion-5.27.0-1.fc23 kf5-kwallet-5.27.0-1.fc23
kf5-kwayland-5.27.0-1.fc23 kf5-kwidgetsaddons-5.27.0-1.fc23
kf5-kwindowsystem-5.27.0-1.fc23 kf5-kxmlgui-5.27.0-1.fc23 kf5-kxmlrpcclient-5.27.0-1.fc23
kf5-modemmanager-qt-5.27.0-1.fc23 kf5-networkmanager-qt
-5.27.0-1.fc23 kf5-plasma-5.27.0-1.fc23 kf5-solid-5.27.0-1.fc23 kf5-sonnet-5.27.0-1.fc23
kf5-threadweaver-5.27.0-1.fc23 oxygen-icon-theme-5.27.0-1.fc23
7
https://bodhi.fedoraproject.org/updates/FEDORA-2016-48614c8b69
sudo-1.8.18p1-1.fc23
7
https://bodhi.fedoraproject.org/updates/FEDORA-2016-3a43754667
lxsession-0.5.2-12.D20161106git7b9a9580da.fc23
7
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4a308d12ef
libpng-1.6.26-1.fc23
7
https://bodhi.fedoraproject.org/updates/FEDORA-2016-bead55ff97
libfm-1.2.4-9.D20161105gitc2989af015.fc23
7
https://bodhi.fedoraproject.org/updates/FEDORA-2016-be9d874c86
menu-cache-1.0.2-1.fc23
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-c72c2c5531
dnsmasq-2.76-2.fc23
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-605fd98c32
bind-9.10.4-2.P4.fc23
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4122513640
libsndfile-1.0.27-1.fc23
2
https://bodhi.fedoraproject.org/updates/FEDORA-2016-62b8930463
pciutils-3.5.2-1.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-e39b7c826b
firefox-50.0-1.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-ee3a114958
kernel-4.8.8-100.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-03d76071b6
nss-3.27.0-1.3.fc23
The following builds have been pushed to Fedora 23 updates-testing
amanda-3.4-5.fc23
cmst-2016.11.14-1.git86259f6.fc23
cryptobone-1.1.0-2.fc23
flrig-1.3.27-1.fc23
kernel-4.8.8-100.fc23
mujs-0-6.20161031gita0ceaf5.fc23
nss-3.27.0-1.3.fc23
overpass-fonts-3.0-1.fc23
pcp-3.11.6-1.fc23
skylable-sx-2.3-1.fc23
vrq-1.0.127-1.fc23
xsensors-0.80-1.fc23
zathura-pdf-mupdf-0.3.0-3.fc23
Details about builds:
================================================================================
amanda-3.4-5.fc23 (FEDORA-2016-fab8484e81)
A network-capable tape backup solution
--------------------------------------------------------------------------------
Update Information:
Add BuildRequires dependency with dump and xfsdump packages ---- Optimization
of amount of installed depended packages ---- amanda-3.4 is available
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1395445 - Can't backup or restore XFS filesystems
https://bugzilla.redhat.com/show_bug.cgi?id=1395445
[ 2 ] Bug #1386434 - amanda-3.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1386434
--------------------------------------------------------------------------------
================================================================================
cmst-2016.11.14-1.git86259f6.fc23 (FEDORA-2016-ec56ec1103)
A Qt based GUI front end for the connman connection manager with systemtray icon
--------------------------------------------------------------------------------
Update Information:
Update to 2016.11.14-1.git86259f6
--------------------------------------------------------------------------------
================================================================================
cryptobone-1.1.0-2.fc23 (FEDORA-2016-99ca7af315)
Secure Communication Under Your Control
--------------------------------------------------------------------------------
Update Information:
This is a major update adding support for an external Crypto Bone device and a
full re-design of the GUI. Now, the full Crypto Bone functionality is in a
single package.
--------------------------------------------------------------------------------
================================================================================
flrig-1.3.27-1.fc23 (FEDORA-2016-636fd2a4c8)
Transceiver control program
--------------------------------------------------------------------------------
Update Information:
Nov 15 08:08 Version 1.3.27 * Maintenance release TS480SAT extras
* Added Noise blanker on/off, set/get value New controls * Added
following controls - AGC For these transceivers - IC-7200
- TS-480SAT Xmlrpcpp source director * update based on
fldigi/src/xmlrpcpp. - needed for correct build on OS X Xcode8 FT100D
* Correct vfo tracking problem IC9100 mode/bw * Corrected Mode selection
* Disabled BW selection TS990 TS590SG * Modification to read swr/alc
* Modification to initialize ATT restore keep rig data * add missing set
clear for menu items TT 550 Pegasus mods * enabled VFO adjust *
changed method of setting TUNE command * added AT11 support * added
power peak detect IC7300 serial defaults * Change to be same as 7200
defaults sans baudrate TS990 ALC/SWR * correct meter reading methods
fix XmlRpc tm_mday comparison typo * xmlrpcpp/XmlRpcValue.cpp: In function
���bool XmlRpc::tmEq(const tm&, const tm&)���:
xmlrpcpp/XmlRpcValue.cpp:159:52: warning: self-comparison always evaluates
to true [-Wtautological-compare] t1.tm_hour == t2.tm_hour &&
t1.tm_mday == t1.tm_mday &&
~~~~~~~~~~~^~~~~~~~~~~~~ mxe update * corrected mxe build scripts
IC756 volume range * Change range to 0..100 C11 errors * changes to
correct C11 reported warnings/errors
--------------------------------------------------------------------------------
================================================================================
kernel-4.8.8-100.fc23 (FEDORA-2016-ee3a114958)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
The 4.8.8 stable kernel update contains a number of important fixes across the
tree. ---- The 4.8.7 kernel rebase contains new hardware support, additional
features, and a number of important bug fixes across the tree.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1393904 - CVE-2016-8645 kernel: a BUG() statement can be hit in
net/ipv4/tcp_input.c
https://bugzilla.redhat.com/show_bug.cgi?id=1393904
[ 2 ] Bug #1393350 - CVE-2016-8630 kernel: kvm: x86: NULL pointer dereference during
instruction decode
https://bugzilla.redhat.com/show_bug.cgi?id=1393350
[ 3 ] Bug #1389259 - CVE-2016-9084 kernel: Integer overflow when using kzalloc in vfio
driver
https://bugzilla.redhat.com/show_bug.cgi?id=1389259
[ 4 ] Bug #1389258 - CVE-2016-9083 kernel: State machine confusion bug in vfio driver
leading to memory corruption
https://bugzilla.redhat.com/show_bug.cgi?id=1389258
--------------------------------------------------------------------------------
================================================================================
mujs-0-6.20161031gita0ceaf5.fc23 (FEDORA-2016-2edfd75312)
An embeddable Javascript interpreter
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2016-7504, CVE-2016-7505, CVE-2016-7506, CVE-2016-9017,
CVE-2016-9108, CVE-2016-9109, CVE-2016-9294
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1394714 - CVE-2016-9294 mujs: DoS by using the malformed labeled
break/continue in JavaScript
https://bugzilla.redhat.com/show_bug.cgi?id=1394714
[ 2 ] Bug #1390266 - CVE-2016-7504 CVE-2016-7505 CVE-2016-7506 CVE-2016-9017
CVE-2016-9108 CVE-2016-9109 mujs: Multiple security issues
https://bugzilla.redhat.com/show_bug.cgi?id=1390266
--------------------------------------------------------------------------------
================================================================================
nss-3.27.0-1.3.fc23 (FEDORA-2016-03d76071b6)
Network Security Services
--------------------------------------------------------------------------------
Update Information:
Backport upstream patch for RSA-PSS detection
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1383809 - NSS upgrade breaks openldap
https://bugzilla.redhat.com/show_bug.cgi?id=1383809
--------------------------------------------------------------------------------
================================================================================
overpass-fonts-3.0-1.fc23 (FEDORA-2016-3479f79a39)
Typeface based on the U.S. interstate highway road signage type system
--------------------------------------------------------------------------------
Update Information:
Update to version 3.0. Add overpass-mono-fonts subpackage (for monospace family
variant).
--------------------------------------------------------------------------------
================================================================================
pcp-3.11.6-1.fc23 (FEDORA-2016-15f10c1698)
System-level performance monitoring and performance management
--------------------------------------------------------------------------------
Update Information:
Numerous bugfixes and enhancements, see CHANGELOG for details
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1275293 - Suboptimal client initialization with -L
https://bugzilla.redhat.com/show_bug.cgi?id=1275293
[ 2 ] Bug #1336208 - pminfo help text claims derived metrics are unknown or illegal
https://bugzilla.redhat.com/show_bug.cgi?id=1336208
[ 3 ] Bug #1377464 - "pmrep proc" takes too long
https://bugzilla.redhat.com/show_bug.cgi?id=1377464
[ 4 ] Bug #1379431 - PCP network.interface.speed values are inaccurate
https://bugzilla.redhat.com/show_bug.cgi?id=1379431
--------------------------------------------------------------------------------
================================================================================
skylable-sx-2.3-1.fc23 (FEDORA-2016-9a07948f93)
A reliable and scalable storage cluster
--------------------------------------------------------------------------------
Update Information:
Skylable SX 2.3 provides improved resilience and performance and fixes several
minor issues in the process. In details: * Major rework of the garbage
collector so it doesn't impair regular operations * Improved fairness of
several background jobs * Allow recovery from failed volume replica change
attempts * Allow displacing SX internal database files to different paths and
media * Enable LFU caching in SXFS
--------------------------------------------------------------------------------
================================================================================
vrq-1.0.127-1.fc23 (FEDORA-2016-236f35547e)
Verilog tool framework with plugins for manipulating source code
--------------------------------------------------------------------------------
Update Information:
- Rebuilt for new upstream version 1.0.127, fixes rhbz #1394480 ---- -
Rebuilt for new upstream version 1.0.126, fixes rhbz #1387643
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1394480 - vrq-1.0.127 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1394480
[ 2 ] Bug #1387643 - vrq-1.0.126 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1387643
--------------------------------------------------------------------------------
================================================================================
xsensors-0.80-1.fc23 (FEDORA-2016-99a76ca70c)
An X11 interface to lm_sensors
--------------------------------------------------------------------------------
Update Information:
Update to 0.80 GUI and various improvements. Minor bugfixes.
--------------------------------------------------------------------------------
================================================================================
zathura-pdf-mupdf-0.3.0-3.fc23 (FEDORA-2016-2edfd75312)
PDF support for zathura via mupdf
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2016-7504, CVE-2016-7505, CVE-2016-7506, CVE-2016-9017,
CVE-2016-9108, CVE-2016-9109, CVE-2016-9294
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1394714 - CVE-2016-9294 mujs: DoS by using the malformed labeled
break/continue in JavaScript
https://bugzilla.redhat.com/show_bug.cgi?id=1394714
[ 2 ] Bug #1390266 - CVE-2016-7504 CVE-2016-7505 CVE-2016-7506 CVE-2016-9017
CVE-2016-9108 CVE-2016-9109 mujs: Multiple security issues
https://bugzilla.redhat.com/show_bug.cgi?id=1390266
--------------------------------------------------------------------------------