The following Fedora 23 Security updates need testing: Age URL 53 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12739 python-kdcproxy-0.3.2-1.fc23 37 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13824 python-django-1.8.4-1.fc23 35 https://bodhi.fedoraproject.org/updates/FEDORA-2015-5eb2131441 conntrack-tools-1.4.2-9.fc23 32 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14197 sblim-sfcb-1.4.9-4.fc23 18 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13919 ipsilon-1.0.0-5.fc23 18 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15291 ipsilon-1.1.0-1.fc23 14 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15590 jakarta-commons-httpclient-3.1-23.fc23 12 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15769 bugzilla-4.4.10-1.fc23 12 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15830 seamonkey-2.35-1.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16197 python-tornado-4.2.1-1.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16327 icedtea-web-1.6.1-2.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-1781d1322a squid-3.5.9-6.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-5622085024 activemq-5.6.0-12.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-28cfce6702 xen-4.5.1-9.fc23
The following Fedora 23 Critical Path updates have yet to be approved: Age URL 14 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15675 lorax-23.18-1.fc23 14 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15644 perl-Glib-1.313-1.fc23 11 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15972 exo-0.10.7-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2015-fe57978cc8 anaconda-23.19.5-1.fc23 python-blivet-1.12.5-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16628 iproute-4.1.1-2.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16600 xorg-x11-server-1.18.0-0.4.20150907.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16593 pulseaudio-7.0-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16570 spatialite-tools-4.3.0-3.fc23 sqlite-3.8.11.1-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-10e4744c85 libsigc++20-2.6.1-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-50e979fc90 gdk-pixbuf2-2.32.1-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-d1abc33a15 device-mapper-multipath-0.4.9-80.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-02a4de7500 koji-1.10.0-2.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-1e06faabb7 systemd-222-6.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-8774808146 openssh-7.1p1-3.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-471e2c7417 nginx-1.8.0-13.fc23 mailcap-2.1.45-1.fc23 The following builds have been pushed to Fedora 23 updates-testing apx-0.1-3.fc23 libfreenect-0.5.2-5.fc23 libsigc++20-2.6.1-1.fc23 mingw-gstreamer1-1.6.0-1.fc23 mingw-gstreamer1-plugins-bad-free-1.6.0-1.fc23 mingw-gstreamer1-plugins-base-1.6.0-1.fc23 mingw-gstreamer1-plugins-good-1.6.0-1.fc23 mingw-libsigc++20-2.6.1-1.fc23 mingw-orc-0.4.24-1.fc23 poedit-1.8.5-1.fc23 pygame-1.9.1-19.fc23.20150926 python-markups-0.6.3-4.fc23 rabbitmq-java-client-3.5.5-1.fc23 seahorse-3.17.4-1.fc23 xen-4.5.1-9.fc23 Details about builds: ================================================================================ apx-0.1-3.fc23 (FEDORA-2015-cbc8d8559f) QIX clone, cut into and claim the square area -------------------------------------------------------------------------------- Update Information: avoid duplicated but misplaced license file from doc folder -------------------------------------------------------------------------------- References: [ 1 ] Bug #1266711 - apx: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1266711 -------------------------------------------------------------------------------- ================================================================================ libfreenect-0.5.2-5.fc23 (FEDORA-2015-c0b6719dbf) Device driver for the Kinect -------------------------------------------------------------------------------- Update Information: Add dependency on numpy (rhbz#1265472) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1265472 - Libfreenect depends on numpy but not in SPEC https://bugzilla.redhat.com/show_bug.cgi?id=1265472 -------------------------------------------------------------------------------- ================================================================================ libsigc++20-2.6.1-1.fc23 (FEDORA-2015-10e4744c85) Typesafe signal framework for C++ -------------------------------------------------------------------------------- Update Information: libsigc++ 2.6.1 release, fixing an inadvertent ABI break. -------------------------------------------------------------------------------- ================================================================================ mingw-gstreamer1-1.6.0-1.fc23 (FEDORA-2015-9bedf249d1) MinGW Windows Streaming-Media Framework Runtime -------------------------------------------------------------------------------- Update Information: MinGW cross compiled GStreamer 1.6.0 release. -------------------------------------------------------------------------------- ================================================================================ mingw-gstreamer1-plugins-bad-free-1.6.0-1.fc23 (FEDORA-2015-9bedf249d1) Cross compiled GStreamer1 plug-ins "bad" -------------------------------------------------------------------------------- Update Information: MinGW cross compiled GStreamer 1.6.0 release. -------------------------------------------------------------------------------- ================================================================================ mingw-gstreamer1-plugins-base-1.6.0-1.fc23 (FEDORA-2015-9bedf249d1) Cross compiled GStreamer1 media framework base plug-ins -------------------------------------------------------------------------------- Update Information: MinGW cross compiled GStreamer 1.6.0 release. -------------------------------------------------------------------------------- ================================================================================ mingw-gstreamer1-plugins-good-1.6.0-1.fc23 (FEDORA-2015-9bedf249d1) Cross compiled GStreamer1 plug-ins good -------------------------------------------------------------------------------- Update Information: MinGW cross compiled GStreamer 1.6.0 release. -------------------------------------------------------------------------------- ================================================================================ mingw-libsigc++20-2.6.1-1.fc23 (FEDORA-2015-15bc0e82a7) MinGW Windows port of the typesafe signal framework for C++ -------------------------------------------------------------------------------- Update Information: MinGW cross compiled libsigc++ 2.6.1 release, fixing an inadvertent ABI break. -------------------------------------------------------------------------------- ================================================================================ mingw-orc-0.4.24-1.fc23 (FEDORA-2015-9bedf249d1) Cross compiled Oil Run-time Compiler -------------------------------------------------------------------------------- Update Information: MinGW cross compiled GStreamer 1.6.0 release. -------------------------------------------------------------------------------- ================================================================================ poedit-1.8.5-1.fc23 (FEDORA-2015-aa82406b4b) GUI editor for GNU gettext .po files -------------------------------------------------------------------------------- Update Information: New upstream version -------------------------------------------------------------------------------- ================================================================================ pygame-1.9.1-19.fc23.20150926 (FEDORA-2015-4656005294) Python modules for writing games -------------------------------------------------------------------------------- Update Information: pygame-1.9.1-19.fc23.20150926 - Add python3 support. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1119366 - Add python3-pygame subpackage https://bugzilla.redhat.com/show_bug.cgi?id=1119366 -------------------------------------------------------------------------------- ================================================================================ python-markups-0.6.3-4.fc23 (FEDORA-2015-2f439b8219) A wrapper around various text markups -------------------------------------------------------------------------------- Update Information: python-markups-0.6.3-4.fc23 - Yet some more runtime requirements ---- Fix runtime requirements ---- Add python-docutils as runtime requirement ---- New upstream version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1266583 - python-markups should depend on python-markdown https://bugzilla.redhat.com/show_bug.cgi?id=1266583 [ 2 ] Bug #1265001 - python-markups should depend on python-docutils https://bugzilla.redhat.com/show_bug.cgi?id=1265001 [ 3 ] Bug #1266584 - python-markups should depend on python-textile https://bugzilla.redhat.com/show_bug.cgi?id=1266584 -------------------------------------------------------------------------------- ================================================================================ rabbitmq-java-client-3.5.5-1.fc23 (FEDORA-2015-09db51930c) Java Advanced Message Queue Protocol client library -------------------------------------------------------------------------------- Update Information: v3.5.5 (rhbz#1266284) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1266284 - rabbitmq-java-client-3.5.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1266284 -------------------------------------------------------------------------------- ================================================================================ seahorse-3.17.4-1.fc23 (FEDORA-2015-2e275731a9) A GNOME application for managing encryption keys -------------------------------------------------------------------------------- Update Information: Seahorse 3.17.4 release. * Avoid binding seahorse to the build-time version of GnuPG [#750468] * Fix seahorse shell search provider [#704619] * Use GResource to load UI resources [#752516] * Build fixes [#744503] [#752990] * Updated translations -------------------------------------------------------------------------------- ================================================================================ xen-4.5.1-9.fc23 (FEDORA-2015-28cfce6702) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information: ui/vnc: limit client_cut_text msg payload size [CVE-2015-5239] (#1259504), e1000: Avoid infinite loop in processing transmit descriptor [CVE-2015-6815] (#1260224), net: add checks to validate ring buffer pointers [CVE-2015-5279] (#1263278), net: avoid infinite loop when receiving packets [CVE-2015-5278] (#1263281), qemu buffer overflow in virtio-serial [CVE-2015-5745] (#1251354) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1257735 - CVE-2015-5239 qemu-kvm: Integer overflow in vnc_client_read() and protocol_client_msg() https://bugzilla.redhat.com/show_bug.cgi?id=1257735 [ 2 ] Bug #1260076 - CVE-2015-6815 qemu: net: e1000: infinite loop issue https://bugzilla.redhat.com/show_bug.cgi?id=1260076 [ 3 ] Bug #1256672 - CVE-2015-5279 qemu: Heap overflow vulnerability in ne2000_receive() function https://bugzilla.redhat.com/show_bug.cgi?id=1256672 [ 4 ] Bug #1256661 - CVE-2015-5278 qemu: Infinite loop in ne2000_receive() function https://bugzilla.redhat.com/show_bug.cgi?id=1256661 [ 5 ] Bug #1251157 - CVE-2015-5745 kernel: qemu buffer overflow in virtio-serial https://bugzilla.redhat.com/show_bug.cgi?id=1251157 -------------------------------------------------------------------------------- -- test mailing list test@lists.fedoraproject.org To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
