The following Fedora 23 Security updates need testing:
Age URL
283
https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23
240
https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe
miniupnpc-1.9-6.fc23
213
https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324
jbig2dec-0.12-2.fc23
164
https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1
python-pymongo-3.0.3-1.fc23
163
https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8
thttpd-2.25b-37.fc23
129
https://bodhi.fedoraproject.org/updates/FEDORA-2016-637618fcd4
mingw-nsis-2.50-1.fc23
48
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b3b9407940
squid-3.5.10-4.fc23
26
https://bodhi.fedoraproject.org/updates/FEDORA-2016-89e0874533
ntp-4.2.6p5-41.fc23
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-e538b11379
python-django-horizon-2015.1.4-1.fc23
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a5e392ef01
wordpress-4.5.3-1.fc23
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-21bd6a33af
struts-1.3.10-18.fc23
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b68f69b086
setroubleshoot-plugins-3.3.5.1-1.fc23
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-73853a7a16 qemu-2.4.1-11.fc23
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-34a6b65583 php-5.6.23-1.fc23
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4f3c77ef90
php-pecl-zip-1.13.3-1.fc23
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-9df3915036
phpMyAdmin-4.6.3-1.fc23
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-0b966047e1 krb5-1.14.1-7.fc23
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-3093027736
mediawiki-1.26.3-1.fc23
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-fcccb0a547
nodejs-0.10.46-1.fc23
2
https://bodhi.fedoraproject.org/updates/FEDORA-2016-16e8d38f57
gsi-openssh-7.1p2-2.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-ef784cf9f7
python3-3.4.3-9.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d126bb1b74 gd-2.1.1-8.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-73a733f4d9
kernel-4.5.7-202.fc23
The following Fedora 23 Critical Path updates have yet to be approved:
Age URL
24
https://bodhi.fedoraproject.org/updates/FEDORA-2016-28873e4832
vim-7.4.1868-1.fc23
24
https://bodhi.fedoraproject.org/updates/FEDORA-2016-fad11727bf
PackageKit-1.1.1-2.fc23 appstream-data-23-11.fc23 fwupd-0.7.1-1.fc23
gnome-software-3.20.3-1.fc23.1 json-glib-1.2.0-1.fc23 libappstream-glib-0.5.14-1.fc23
libgusb-0.2.9-1.fc23
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-f637b89dda
samba-4.3.10-1.fc23
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4c9c2badcb
selinux-policy-3.13.1-158.20.fc23
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-e9bc854cca texinfo-6.0-3.fc23
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-001588074b
libfm-1.2.4-4.D20160618gitb22c0995e7.fc23
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-06b36c0134
lxsession-0.5.2-10.D20160417git9f8d613332.fc23
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-0b966047e1 krb5-1.14.1-7.fc23
2
https://bodhi.fedoraproject.org/updates/FEDORA-2016-abff7c6423
kde-settings-23-12.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-99671098b1 qt-4.8.7-18.fc23
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4b66e3011c
lxpanel-0.8.2-2.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-73a733f4d9
kernel-4.5.7-202.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-20e8af4a21 audit-2.6.1-1.fc23
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d126bb1b74 gd-2.1.1-8.fc23
The following builds have been pushed to Fedora 23 updates-testing
atomic-1.10.5-2.gitce09e40.fc23
audit-2.6.1-1.fc23
bzflag-2.4.6-2.fc23
cdbs-0.4.142-1.fc23
fedfind-2.4.10-1.fc23
fedpkg-1.24-2.fc23
firewalld-0.4.3.1-1.fc23
gd-2.1.1-8.fc23
gpaste-3.18.5-1.fc23
kernel-4.5.7-202.fc23
kubernetes-ansible-0.6.0-0.1.gitd65ebd5.fc23
libabigail-1.0-0.8.rc5.2.fc23
libopenraw-0.0.9-18.fc23
numatop-1.0.4-1.fc23
orthanc-1.1.0-1.fc23
pbuilder-0.225.1-1.fc23
py3status-3.0-1.fc23
pyobd-0.9.3-3.fc23
python-flower-0.8.4-1.fc23
python-maxminddb-1.2.1-1.fc23
python-stuf-0.9.16-7.fc23
rpkg-1.45-2.fc23
torrent-file-editor-0.3.0-1.fc23
yamllint-1.3.2-1.fc23
Details about builds:
================================================================================
atomic-1.10.5-2.gitce09e40.fc23 (FEDORA-2016-a28b2b05ec)
Tool for managing ProjectAtomic systems and containers
--------------------------------------------------------------------------------
Update Information:
build atomic 1.10.5
--------------------------------------------------------------------------------
================================================================================
audit-2.6.1-1.fc23 (FEDORA-2016-20e8af4a21)
User space tools for 2.6 kernel auditing
--------------------------------------------------------------------------------
Update Information:
A bug was found that is causing audisp-plugins to get malformed events. Auditd
will now correct directory permissions for logging on startup. There is also now
audit-stop.rules that can be enabled in auditd.service to cleanup when auditd is
stopped. ---- This update to the audit system adds a new enriched data format.
This will help in reporting when multiple system's audit logs are aggregated on
a central server.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1334850 - audit.rules is readable by all
https://bugzilla.redhat.com/show_bug.cgi?id=1334850
[ 2 ] Bug #1334772 - ausearch results depend on order of parameters
https://bugzilla.redhat.com/show_bug.cgi?id=1334772
[ 3 ] Bug #1344268 - autrace destroys all audit rules, despite what manpage says
https://bugzilla.redhat.com/show_bug.cgi?id=1344268
--------------------------------------------------------------------------------
================================================================================
bzflag-2.4.6-2.fc23 (FEDORA-2016-4aa57e8b8a)
3D multi-player tank battle game
--------------------------------------------------------------------------------
Update Information:
Add unit file. ---- 2.4.6
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #198929 - RFE: BZflag needs an init.d script
https://bugzilla.redhat.com/show_bug.cgi?id=198929
--------------------------------------------------------------------------------
================================================================================
cdbs-0.4.142-1.fc23 (FEDORA-2016-fdf7dbe557)
Common build system for Debian packages
--------------------------------------------------------------------------------
Update Information:
Update to version 0.4.142, see
http://metadata.ftp-
master.debian.org/changelogs//main/c/cdbs/cdbs_0.4.142_changelog for details.
--------------------------------------------------------------------------------
================================================================================
fedfind-2.4.10-1.fc23 (FEDORA-2016-4696f12c13)
Fedora Finder finds Fedora
--------------------------------------------------------------------------------
Update Information:
This update mainly updates fedfind to handle the new Pungi 4 two-week Atomic
composes (release engineering is now building these, which are nightly composes
of Cloud and Atomic images for the current stable release, with Pungi 4, whereas
before they were built with the old compose process). The new `AtomicNightly`
subclass of `fedfind.release.Release` is added to handle these, and will be
returned when appropriate by `fedfind.release.get_release`. This update also
stops fedfind using the `Pungi4Mirror` class which is intended to be used for
milestone releases that have been synced to the public mirror system; at
present, these composes are actually split in two and different outputs mirrored
to two different locations, and the productmd metadata is stripped from both
locations (as it no longer accurately reflects the contents to be found in
each), so fedfind cannot treat them as Pungi 4 composes as the metadata is
unavailable. Instead we simply use the old `MirrorRelease` subclasses, so the
contents are discovered by scraping and the metadata synthesized. Note that
fedfind does not and in fact never has supported finding the contents that are
split out and placed in the `alt/releases/` tree, as I was not aware of the fact
that composes were split in this way and never designed fedfind to take account
of it.
--------------------------------------------------------------------------------
================================================================================
fedpkg-1.24-2.fc23 (FEDORA-2016-3540ed2e2b)
Fedora utility for working with dist-git
--------------------------------------------------------------------------------
Update Information:
This new release contains several enhancement, bugfix and more compatible with
Python 3.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #829012 - fedpkg command completion
https://bugzilla.redhat.com/show_bug.cgi?id=829012
[ 2 ] Bug #1286374 - fedpkg commands fail when under non-ASCII path
https://bugzilla.redhat.com/show_bug.cgi?id=1286374
--------------------------------------------------------------------------------
================================================================================
firewalld-0.4.3.1-1.fc23 (FEDORA-2016-cb05cdfa23)
A firewall daemon with D-Bus interface providing a dynamic firewall
--------------------------------------------------------------------------------
Update Information:
Update to firewalld release 0.4.3.1 Main changes: * New transaction model for
speed ups * Enhanced handling of connections and interfaces * Usability
enhancements for firewall-config * Enhanced runtime to permanent migration *
ICMP block inversion support * Source ports in zones, services and rich rules *
Rich rules with destination only * Create backup on removal of zones, services,
ipsets and icmptypes * Add and remove several ipset entries with firewall-config
* Additional information zone handling with NetworkManager and ifcfg files *
Sequence options in all command line utilities * New firewallctl command line
utility * Updated and new services * Test suite enhancements * Fixes issue with
running programs using Python3 * Splits up source and destination address lists
for transaction There are also several other bug fixes or enhancements and code
optimizations.
--------------------------------------------------------------------------------
================================================================================
gd-2.1.1-8.fc23 (FEDORA-2016-d126bb1b74)
A graphics library for quick creation of PNG or JPEG images
--------------------------------------------------------------------------------
Update Information:
* fix for stack overflow with gdImageFillToBorder (CVE-2015-8874) * fix integer
Overflow in _gd2GetHeader() (CVE-2016-5766)
--------------------------------------------------------------------------------
================================================================================
gpaste-3.18.5-1.fc23 (FEDORA-2016-da8279bc9f)
Clipboard management system
--------------------------------------------------------------------------------
Update Information:
* fix some extensive CPU usage in some cases ---- * fix crash when a search
goes wrong * fix hanging issue due to gtk+ race (?) in gtk_clipboard_store * fix
the gnome-shell menu sometimes displaying twice * add debug logs to the core
library
--------------------------------------------------------------------------------
================================================================================
kernel-4.5.7-202.fc23 (FEDORA-2016-73a733f4d9)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
The 4.5.7-202 kernel update contains a number of important security fixes.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1344721 - CVE-2016-1583 kernel: Stack overflow via ecryptfs and
/proc/$pid/environ
https://bugzilla.redhat.com/show_bug.cgi?id=1344721
[ 2 ] Bug #1341716 - CVE-2016-4470 kernel: Uninitialized variable in request_key
handling causes kernel crash in error handling path
https://bugzilla.redhat.com/show_bug.cgi?id=1341716
[ 3 ] Bug #1349886 - CVE-2016-4998 kernel: out of bounds reads when processing
IPT_SO_SET_REPLACE setsockopt
https://bugzilla.redhat.com/show_bug.cgi?id=1349886
[ 4 ] Bug #1350509 - CVE-2016-5829 kernel: Heap buffer overflow in hiddev driver
https://bugzilla.redhat.com/show_bug.cgi?id=1350509
[ 5 ] Bug #1350811 - CVE-2016-5728 kernel: Race condition vulnerability in VOP driver
https://bugzilla.redhat.com/show_bug.cgi?id=1350811
[ 6 ] Bug #1350845 - CVE-2016-1237 kernel: Missing check for permissions when setting
ACL
https://bugzilla.redhat.com/show_bug.cgi?id=1350845
--------------------------------------------------------------------------------
================================================================================
kubernetes-ansible-0.6.0-0.1.gitd65ebd5.fc23 (FEDORA-2016-d495ee2544)
Playbook and set of roles for seting up a Kubernetes cluster onto machines
--------------------------------------------------------------------------------
Update Information:
Package kubernetes/contrib/ansible
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1341310 - Review Request: kubernetes-ansible - Playbook and set of roles for
seting up a Kubernetes cluster onto machines
https://bugzilla.redhat.com/show_bug.cgi?id=1341310
--------------------------------------------------------------------------------
================================================================================
libabigail-1.0-0.8.rc5.2.fc23 (FEDORA-2016-605c4d3cc0)
Set of ABI analysis tools
--------------------------------------------------------------------------------
Update Information:
Add README file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1331348 - README file is not packaged
https://bugzilla.redhat.com/show_bug.cgi?id=1331348
--------------------------------------------------------------------------------
================================================================================
libopenraw-0.0.9-18.fc23 (FEDORA-2016-3cb527ae3d)
Decode camera RAW files
--------------------------------------------------------------------------------
Update Information:
Fix crash in GdkPixbuf loader
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1279152 - libopenraw-pixbuf-loader causes SEGV in nautilus
https://bugzilla.redhat.com/show_bug.cgi?id=1279152
--------------------------------------------------------------------------------
================================================================================
numatop-1.0.4-1.fc23 (FEDORA-2016-151ce458bd)
Memory access locality characterization and analysis
--------------------------------------------------------------------------------
Update Information:
Minor update that adds support for BDW-EP/EX.
--------------------------------------------------------------------------------
================================================================================
orthanc-1.1.0-1.fc23 (FEDORA-2016-b2ac0ceeb8)
RESTful DICOM server for healthcare and medical research
--------------------------------------------------------------------------------
Update Information:
New upstream version
--------------------------------------------------------------------------------
================================================================================
pbuilder-0.225.1-1.fc23 (FEDORA-2016-d0ddbf7d51)
Personal package builder for Debian packages
--------------------------------------------------------------------------------
Update Information:
Update to version 0.225.1, see
http://metadata.ftp-
master.debian.org/changelogs//main/p/pbuilder/pbuilder_0.225.1_changelog for
details.
--------------------------------------------------------------------------------
================================================================================
py3status-3.0-1.fc23 (FEDORA-2016-6aebe22ae9)
An extensible i3status wrapper written in python
--------------------------------------------------------------------------------
Update Information:
update to version 3.0
--------------------------------------------------------------------------------
================================================================================
pyobd-0.9.3-3.fc23 (FEDORA-2016-c3a29222dd)
OBD-II (SAE-J1979) compliant scantool software
--------------------------------------------------------------------------------
Update Information:
This is an update adding SVG icon and fixing exception if invalid device is
specified.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1231476 - [abrt] pyobd: serialposix.py:289:open:OSError: [Errno 13]
Permission denied: '/dev/ttyS0'
https://bugzilla.redhat.com/show_bug.cgi?id=1231476
[ 2 ] Bug #1157565 - Application icon is too small to be used in the software center
https://bugzilla.redhat.com/show_bug.cgi?id=1157565
--------------------------------------------------------------------------------
================================================================================
python-flower-0.8.4-1.fc23 (FEDORA-2016-f7d3f34fbe)
A web based tool for monitoring and administrating Celery clusters
--------------------------------------------------------------------------------
Update Information:
Bump to version 0.8.4
--------------------------------------------------------------------------------
================================================================================
python-maxminddb-1.2.1-1.fc23 (FEDORA-2016-1ed8e00c19)
Reader for the MaxMind DB format
--------------------------------------------------------------------------------
Update Information:
Initial package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1350429 - Review Request: python-maxminddb - Reader for the MaxMind DB
format
https://bugzilla.redhat.com/show_bug.cgi?id=1350429
--------------------------------------------------------------------------------
================================================================================
python-stuf-0.9.16-7.fc23 (FEDORA-2016-68834a8bf9)
Fancy python dictionary types
--------------------------------------------------------------------------------
Update Information:
Re-bundle 'six' since it is highly customized.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1335144 - python-stuf: ImportError: cannot import name items
https://bugzilla.redhat.com/show_bug.cgi?id=1335144
--------------------------------------------------------------------------------
================================================================================
rpkg-1.45-2.fc23 (FEDORA-2016-caf9693898)
Utility for interacting with rpm+git packaging systems
--------------------------------------------------------------------------------
Update Information:
This new release contains several enhancement, bugfix and more compatible with
Python 3.
--------------------------------------------------------------------------------
================================================================================
torrent-file-editor-0.3.0-1.fc23 (FEDORA-2016-1e75818de2)
Qt based GUI tool designed to create and edit .torrent files
--------------------------------------------------------------------------------
Update Information:
Bump to v0.3.0
--------------------------------------------------------------------------------
================================================================================
yamllint-1.3.2-1.fc23 (FEDORA-2016-4996a577d3)
A linter for YAML files
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream version
--------------------------------------------------------------------------------