The following Fedora 23 Security updates need testing:
Age URL
218
https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23
176
https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe
miniupnpc-1.9-6.fc23
149
https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324
jbig2dec-0.12-2.fc23
99
https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1
python-pymongo-3.0.3-1.fc23
99
https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8
thttpd-2.25b-37.fc23
88
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a69ee02554
xulrunner-44.0-1.fc23
64
https://bodhi.fedoraproject.org/updates/FEDORA-2016-637618fcd4
mingw-nsis-2.50-1.fc23
26
https://bodhi.fedoraproject.org/updates/FEDORA-2016-de909cc333
xstream-1.4.9-1.fc23
19
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b8f91621c7
optipng-0.7.6-1.fc23
19
https://bodhi.fedoraproject.org/updates/FEDORA-2016-dffdc981ff
squid-3.5.10-2.fc23
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-fcfe4c73b0
i7z-0.27.2-16.20150629gitec09c4f.fc23
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-35d7b09908 xen-4.5.3-2.fc23
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-cd3cf8e7d0
ansible-2.0.2.0-1.fc23
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-8a1f49149e
kernel-4.4.8-300.fc23
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-69eb7f9fb2
roundcubemail-1.1.5-1.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-7c48036d73
community-mysql-5.6.30-1.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a8e2be0fe6
cacti-0.8.8g-1.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-c3d9a9c0c4
rpm-4.13.0-0.rc1.13.fc23
The following Fedora 23 Critical Path updates have yet to be approved:
Age URL
88
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a69ee02554
xulrunner-44.0-1.fc23
12
https://bodhi.fedoraproject.org/updates/FEDORA-2016-edd725cafb
pungi-4.0.14-3.fc23
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-88778482ea lorax-23.21-1.fc23
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-8dbbc0a5d2
lldpad-1.0.1-4.git036e314.fc23
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-8a1f49149e
kernel-4.4.8-300.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-5587c0678e
phonon-backend-gstreamer-4.9.0-1.fc23 phonon-4.9.0-1.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-c3d9a9c0c4
rpm-4.13.0-0.rc1.13.fc23
The following builds have been pushed to Fedora 23 updates-testing
Lmod-6.3.1-1.fc23
cacti-0.8.8g-1.fc23
cryptobone-1.0.2-3.fc23
engauge-digitizer-7.2-1.fc23
epson-inkjet-printer-escpr-1.5.2-3.1lsb3.2.fc23
epson-inkjet-printer-escpr-1.6.5-1.1lsb3.2.fc23
gnome-pkg-tools-0.19.7-1.fc23
goaccess-0.9.8-1.fc23
golang-github-go-ini-ini-1.9.0-0.1.git193d1ec.fc23
hplip-3.16.3-1.fc23
infinipath-psm-3.3-22_g4abbc60_open.2.fc23
koji-containerbuild-0.6.1-1.1.fc23
less-481-5.fc23
liquibase-3.5.0-1.fc23
osbs-client-0.22-1.fc23
pag-0.5-1.fc23
perl-File-Remove-1.57-1.fc23
perl-Inline-C-0.76-3.fc23
perl-Test-TCP-2.16-1.fc23
perl-Text-Haml-0.990117-1.fc23
perl-Tree-Simple-1.27-2.fc23
python-pyrtlsdr-0.2.2-3.fc23.1
python-sphinxcontrib-pecanwsme-0.8.0-2.fc23
python-spur-0.3.16-1.fc23
qtpass-1.1.1-2.fc23
rpm-4.13.0-0.rc1.13.fc23
usbip-4.5-1.fc23
Details about builds:
================================================================================
Lmod-6.3.1-1.fc23 (FEDORA-2016-8ce6149e81)
Environmental Modules System in Lua
--------------------------------------------------------------------------------
Update Information:
Update to 6.3.1 - protects it from user changes to LUA_PATH and LUA_CPATH by
using these values at configuration time. - Fixed bug with Capital Letters in a
version string. - Do not overwrite MODULEPATH (bug #1326075)
--------------------------------------------------------------------------------
================================================================================
cacti-0.8.8g-1.fc23 (FEDORA-2016-a8e2be0fe6)
An rrd based graphing tool
--------------------------------------------------------------------------------
Update Information:
- Update to 0.8.8g Release notes:
http://www.cacti.net/release_notes_0_8_8g.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1310634 - cacti-0.8.8g is available
https://bugzilla.redhat.com/show_bug.cgi?id=1310634
[ 2 ] Bug #1230296 - CVE-2015-4342 cacti: SQL Injection and Location header injection
from cdef id [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1230296
[ 3 ] Bug #1233832 - CVE-2015-4454 CVE-2015-2665 cacti: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1233832
--------------------------------------------------------------------------------
================================================================================
cryptobone-1.0.2-3.fc23 (FEDORA-2016-00a6ca7053)
Secure Communication Under Your Control
--------------------------------------------------------------------------------
Update Information:
####This is the first build for f23 for the recently approved package
"cryptobone". The Crypto Bone is a secure messaging system that makes sure a
user's email is always encrypted without burdening the user with the message key
management. Based on a GUI and a separate daemon, both ease-of-use and security
are assured by a novel approach to encryption key management. This update also
fixes bug #1329695 and provides a source code change that affects the message
numbering.
--------------------------------------------------------------------------------
================================================================================
engauge-digitizer-7.2-1.fc23 (FEDORA-2016-06ac00c30e)
Convert graphs or map files into numbers
--------------------------------------------------------------------------------
Update Information:
- Update to 7.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1279184 - engauge on el6: not built for missing BR package, log4cpp.
https://bugzilla.redhat.com/show_bug.cgi?id=1279184
--------------------------------------------------------------------------------
================================================================================
epson-inkjet-printer-escpr-1.5.2-3.1lsb3.2.fc23 (FEDORA-2016-a38cf3d609)
Drivers for Epson inkjet printers
--------------------------------------------------------------------------------
Update Information:
Roll back to earlier version due to segfaults in the 1.6.x series.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1327002 - Printer prints only half of the page, epson-escpr crashes
https://bugzilla.redhat.com/show_bug.cgi?id=1327002
[ 2 ] Bug #1326572 - [abrt] epson-inkjet-printer-escpr: XFIFOClose(): epson-escpr killed
by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1326572
[ 3 ] Bug #1252376 - [abrt] epson-inkjet-printer-escpr: set_pips_parameter():
epson-escpr killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1252376
--------------------------------------------------------------------------------
================================================================================
epson-inkjet-printer-escpr-1.6.5-1.1lsb3.2.fc23 (FEDORA-2016-0df37a8961)
Drivers for Epson inkjet printers
--------------------------------------------------------------------------------
Update Information:
Update to 1.6.5.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1327002 - Printer prints only half of the page, epson-escpr crashes
https://bugzilla.redhat.com/show_bug.cgi?id=1327002
[ 2 ] Bug #1326572 - [abrt] epson-inkjet-printer-escpr: XFIFOClose(): epson-escpr killed
by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1326572
[ 3 ] Bug #1252376 - [abrt] epson-inkjet-printer-escpr: set_pips_parameter():
epson-escpr killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1252376
--------------------------------------------------------------------------------
================================================================================
gnome-pkg-tools-0.19.7-1.fc23 (FEDORA-2016-8668bb72e3)
Tools for the Debian GNOME Packaging Team
--------------------------------------------------------------------------------
Update Information:
Update to version 0.19.7, see
http://metadata.ftp-
master.debian.org/changelogs//main/g/gnome-pkg-tools/gnome-pkg-
tools_0.19.7_changelog for details.
--------------------------------------------------------------------------------
================================================================================
goaccess-0.9.8-1.fc23 (FEDORA-2016-5aa15d5fed)
Real-time web log analyzer and interactive viewer
--------------------------------------------------------------------------------
Update Information:
== Changes to GoAccess 0.9.8 - Monday, February 29, 2016 == - Added a more
complete list of static extensions to the config file. - Added Android 6.0
Marshmallow to the list of OSs. - Added the ability to scroll through panels
on TAB with option to disable it --no-tab-scroll. - Added the first and
last log dates to the overall statistics panel. - Ensure GoAccess links
correctly against libtinfo. - Ensure static content is case-insensitive
verified. - Fixed bandwidth overflow issue (numbers > 2GB on non-x86_64 arch).
- Fixed broken HTML layout when html-method/protocol is missing in config file.
- Refactored parsing and display of available modules/panels. == Changes to
GoAccess 0.9.7 - Monday, December 21, 2015 == - Added Squid native log format
to the config file. - Fixed int overflow when getting total bandwidth using
the on-disk storage. - Fixed issue where a timestamp was stored as date under
the visitors panel. - Fixed issue where config dialog fields were not cleared
out on select. - Fixed issue where "Virtual Hosts" menu item wasn't shown
in
the HTML sidebar.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1293320 - goaccess-0.9.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1293320
--------------------------------------------------------------------------------
================================================================================
golang-github-go-ini-ini-1.9.0-0.1.git193d1ec.fc23 (FEDORA-2016-38f800bb15)
Package ini provides INI file read and write functionality in Go
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1327497 - Review Request: golang-github-go-ini-ini - Package ini provides INI
file read and write functionality in Go
https://bugzilla.redhat.com/show_bug.cgi?id=1327497
--------------------------------------------------------------------------------
================================================================================
hplip-3.16.3-1.fc23 (FEDORA-2016-c94112fcfe)
HP Linux Imaging and Printing Project
--------------------------------------------------------------------------------
Update Information:
Upstream bug-fix release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1330148 - Please upgrade hplip to next bugfix release
https://bugzilla.redhat.com/show_bug.cgi?id=1330148
--------------------------------------------------------------------------------
================================================================================
infinipath-psm-3.3-22_g4abbc60_open.2.fc23 (FEDORA-2016-4837354e9a)
Intel Performance Scaled Messaging (PSM) Libraries
--------------------------------------------------------------------------------
Update Information:
The PSM Messaging API, or PSM API, is Intel's low-level user-level
communications interface for the True Scale family of products. PSM users are
enabled with mechanisms necessary to implement higher level communications
interfaces in parallel environments.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1328390 - Review Request: infinipath-psm - Intel Performance Scaled Messaging
(PSM) Libraries
https://bugzilla.redhat.com/show_bug.cgi?id=1328390
--------------------------------------------------------------------------------
================================================================================
koji-containerbuild-0.6.1-1.1.fc23 (FEDORA-2016-a59acc09f6)
Koji support for building layered container images
--------------------------------------------------------------------------------
Update Information:
Add patch to workaround [pycurl/nss
issue](https://bugzilla.redhat.com/show_bug.cgi?id=1243736).
--------------------------------------------------------------------------------
================================================================================
less-481-5.fc23 (FEDORA-2016-ff70f6b6a3)
A text file browser similar to more, but better
--------------------------------------------------------------------------------
Update Information:
Fixes for lesspipe.sh script, runtime package deps and $LESSOPEN variable.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1254837 - typo in /etc/profile.d/less.sh
https://bugzilla.redhat.com/show_bug.cgi?id=1254837
[ 2 ] Bug #1321591 - less.sh: Avoid unnecessary stat call
https://bugzilla.redhat.com/show_bug.cgi?id=1321591
[ 3 ] Bug #1278857 - less Requires: man-db - WHY?
https://bugzilla.redhat.com/show_bug.cgi?id=1278857
--------------------------------------------------------------------------------
================================================================================
liquibase-3.5.0-1.fc23 (FEDORA-2016-62603f8531)
Database Refactoring Tool
--------------------------------------------------------------------------------
Update Information:
The newest release of Liquibase features * Multi-schema snapshot and diff
improvements * OSGi support in liquibase-core * Formatted SQL changelog
improvements * New runOrder=���first|last��� attribute on changeSet to override
where in the changelog it is ran * Improved SQL Parsing
--------------------------------------------------------------------------------
================================================================================
osbs-client-0.22-1.fc23 (FEDORA-2016-3d19cde3af)
Python command line client for OpenShift Build Service
--------------------------------------------------------------------------------
Update Information:
New upstream release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1329027 - osbs-client-0.21 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1329027
--------------------------------------------------------------------------------
================================================================================
pag-0.5-1.fc23 (FEDORA-2016-be521eb4df)
Commandline interaction with pagure.io
--------------------------------------------------------------------------------
Update Information:
New 'pull-request' sub command.
--------------------------------------------------------------------------------
================================================================================
perl-File-Remove-1.57-1.fc23 (FEDORA-2016-531661efc2)
Convenience module for removing files and directories
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
================================================================================
perl-Inline-C-0.76-3.fc23 (FEDORA-2016-5405dd3f81)
Write Perl subroutines in C
--------------------------------------------------------------------------------
Update Information:
This release corrects release number to allow smooth upgrade from Fedora 22.
---- This release adds missing dependencies required for the Inline::C to work.
--------------------------------------------------------------------------------
================================================================================
perl-Test-TCP-2.16-1.fc23 (FEDORA-2016-3b71b38215)
Testing TCP program
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
================================================================================
perl-Text-Haml-0.990117-1.fc23 (FEDORA-2016-0cb7ae8db9)
Haml Perl implementation
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
================================================================================
perl-Tree-Simple-1.27-2.fc23 (FEDORA-2016-d50c4acf37)
Tree::Simple Perl module
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
================================================================================
python-pyrtlsdr-0.2.2-3.fc23.1 (FEDORA-2016-6563b469ce)
Python binding for librtlsdr
--------------------------------------------------------------------------------
Update Information:
This is new package - python-pyrtlsdr.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1327078 - Review Request: python-pyrtlsdr - Python binding for librtlsdr
https://bugzilla.redhat.com/show_bug.cgi?id=1327078
--------------------------------------------------------------------------------
================================================================================
python-sphinxcontrib-pecanwsme-0.8.0-2.fc23 (FEDORA-2016-8e0134b677)
Extension to Sphinx for documenting APIs built with Pecan and WSME
--------------------------------------------------------------------------------
Update Information:
New package python-sphinxcontrib-pecanwsme
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1283327 - Review Request: python-sphinxcontrib-pecanwsme - Extension to
Sphinx for documenting APIs built with Pecan and WSME
https://bugzilla.redhat.com/show_bug.cgi?id=1283327
--------------------------------------------------------------------------------
================================================================================
python-spur-0.3.16-1.fc23 (FEDORA-2016-217aeb2249)
Run commands locally or over SSH using the same interface
--------------------------------------------------------------------------------
Update Information:
Run commands and manipulate files locally or over SSH using the same interface.
--------------------------------------------------------------------------------
================================================================================
qtpass-1.1.1-2.fc23 (FEDORA-2016-98dadcd224)
Cross-platform GUI for pass
--------------------------------------------------------------------------------
Update Information:
Initial package release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1323334 - Review Request: qtpass - Multi-platform GUI for pass
https://bugzilla.redhat.com/show_bug.cgi?id=1323334
--------------------------------------------------------------------------------
================================================================================
rpm-4.13.0-0.rc1.13.fc23 (FEDORA-2016-c3d9a9c0c4)
The RPM package management system
--------------------------------------------------------------------------------
Update Information:
* Fix sigsegv in stringFormat() (rhbz:1316903) * Fix reading rpmtd behind its
size in formatValue() (rhbz:1316896)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1316903 - rpm: Null pointer dereference in rstrdup
https://bugzilla.redhat.com/show_bug.cgi?id=1316903
[ 2 ] Bug #1316896 - rpm: Out-of-bounds heap read triggered by crafted RPM file
https://bugzilla.redhat.com/show_bug.cgi?id=1316896
--------------------------------------------------------------------------------
================================================================================
usbip-4.5-1.fc23 (FEDORA-2016-676eea2a61)
USB/IP user-space
--------------------------------------------------------------------------------
Update Information:
Install required kernel modules automatically
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1329313 - Usbip kernel modules
https://bugzilla.redhat.com/show_bug.cgi?id=1329313
--------------------------------------------------------------------------------