The following Fedora 22 Security updates need testing: Age URL 0 https://admin.fedoraproject.org/updates/FEDORA-2015-2563/compat-libuv010-0.10.34-1.fc22 The following Fedora 22 Critical Path updates have yet to be approved: Age URL 0 https://admin.fedoraproject.org/updates/FEDORA-2015-2550/gdm-3.15.90.5-1.fc22 0 https://admin.fedoraproject.org/updates/FEDORA-2015-2553/gtk3-3.15.9-1.fc22 0 https://admin.fedoraproject.org/updates/FEDORA-2015-2569/xdg-utils-1.1.0-0.39.rc3.fc22 0 https://admin.fedoraproject.org/updates/FEDORA-2015-2577/policycoreutils-2.3-16.fc22 The following builds have been pushed to Fedora 22 updates-testing atomic-0-0.5.gita7ff4cb.fc22 compat-libuv010-0.10.34-1.fc22 cutter-1.2.4-4.fc22 datovka-4.1.2-1.fc22 dkms-2.2.0.3-30.git.7c3e7c5.fc22 figlet-2.2.5-7.fc22 fwknop-2.6.3-2.fc22 gdm-3.15.90.5-1.fc22 groonga-5.0.0-1.fc22 gtk3-3.15.9-1.fc22 guacamole-server-0.9.5-2.fc22 ibus-1.5.10-1.fc22 kde-workspace-4.11.16-2.fc22 m17n-db-1.7.0-2.fc22 mod_suphp-0.7.2-1.fc22 nodejs-0.10.36-3.fc22 perl-Parallel-ForkManager-1.12-1.fc22 perl-Params-Validate-1.18-1.fc22 perl-Sys-Mmap-0.17-1.fc22 perl-UNIVERSAL-require-0.18-1.fc22 policycoreutils-2.3-16.fc22 python-matplotlib-1.4.3-3.fc22 rnetclient-2014.2-1.fc22 smbldap-tools-0.9.10-6.fc22 sssd-1.12.4-2.fc22 vino-3.15.90-2.fc22 xdg-utils-1.1.0-0.39.rc3.fc22 xorg-x11-drv-libinput-0.7.0-3.fc22 xu4-1.1-0.23.20150221svn3087.fc22 Details about builds: ================================================================================ atomic-0-0.5.gita7ff4cb.fc22 (FEDORA-2015-2561) Tool for managing ProjectAtomic systems and containers -------------------------------------------------------------------------------- Update Information: build commit#a7ff4cb -------------------------------------------------------------------------------- ================================================================================ compat-libuv010-0.10.34-1.fc22 (FEDORA-2015-2563) Platform layer for node.js - compatibility library for nodejs 0.10.x -------------------------------------------------------------------------------- Update Information: It was found that libuv does not call setgoups before calling setuid/setgid. This may potentially allow an attacker to gain elevated privileges. -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 24 2015 T.C. Hollingsworth <tchollingsworth@xxxxxxxxx> - 1:0.10.34-1 - new upstream release 0.10.34 https://github.com/joyent/libuv/blob/v0.10.34/ChangeLog - resolves incorrect revocation while reliquishing privileges security vulnerability (CVE-2015-0278, RHBZ#1194651) * Sat Feb 21 2015 T.C. Hollingsworth <tchollingsworth@xxxxxxxxx> - 1:0.10.33-4 - add compat symlinks in seperate directory -------------------------------------------------------------------------------- References: [ 1 ] Bug #1194651 - CVE-2015-0278 libuv: incorrect revocation order while relinquishing privileges https://bugzilla.redhat.com/show_bug.cgi?id=1194651 -------------------------------------------------------------------------------- ================================================================================ cutter-1.2.4-4.fc22 (FEDORA-2015-2555) Unit Testing Framework for C/C++ -------------------------------------------------------------------------------- Update Information: Fix FTBFS on F-21 and F-22 (#1182957). -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 13 2015 HAYASHI Kentaro <hayashi@xxxxxxxxxxxxxx> - 1.2.4-4 - Fix FTBFS on F-21 and above (#1182957). Reported by Mamoru Tasaka. Add support-gdk-pixbuf-2.31.0-or-later.patch to fix it. - Fix to support newer version of GLib error message Add support-g-key-file-error-quark-2.43-or-later-message.patch - Add patches to fix crash test_limit_block bug. test-ensure-dropping-source-ID-when-callback-is-removed.patch gcut-egg-fix-a-bug-that-source-is-removed-twice.patch gcut-egg-fix-a-bug-that-timeout-source-is-removed-twice.patch * Sat Aug 16 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.2.4-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1182957 - FTBFS: cutter-1.2.4-2.fc21 on F-21 and above https://bugzilla.redhat.com/show_bug.cgi?id=1182957 -------------------------------------------------------------------------------- ================================================================================ datovka-4.1.2-1.fc22 (FEDORA-2015-2575) A free graphical interface for Czech Databox (Datové schránky) -------------------------------------------------------------------------------- Update Information: new upstream release -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 25 2015 Jan Vcelak <jvcelak@xxxxxxxxxxxxxxxxx> 4.1.2-1 - New upstream release -------------------------------------------------------------------------------- ================================================================================ dkms-2.2.0.3-30.git.7c3e7c5.fc22 (FEDORA-2015-2567) Dynamic Kernel Module Support Framework -------------------------------------------------------------------------------- Update Information: Add which and file requirements, enable license macro where appropriate -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 25 2015 Simone Caronni <negativo17@xxxxxxxxx> - 2.2.0.3-30.git.7c3e7c5 - Add which and file requirements for real. * Tue Feb 24 2015 Simone Caronni <negativo17@xxxxxxxxx> - 2.2.0.3-29.git.7c3e7c5 - Add which and file requirements (#1194652). - Add license macro. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1194652 - Missing which and file requirements in dkms package spec file https://bugzilla.redhat.com/show_bug.cgi?id=1194652 -------------------------------------------------------------------------------- ================================================================================ figlet-2.2.5-7.fc22 (FEDORA-2015-2556) A program for making large letters out of ordinary text -------------------------------------------------------------------------------- Update Information: Add license macro. -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 25 2015 Simone Caronni <negativo17@xxxxxxxxx> - 2.2.5-7 - Add license macro. - Add upstream patches. -------------------------------------------------------------------------------- ================================================================================ fwknop-2.6.3-2.fc22 (FEDORA-2015-2566) A Single Packet Authorization (SPA) implementation -------------------------------------------------------------------------------- Update Information: Update systemd integration to current standards, fix startup after boot -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 25 2015 Jakub Jelen <jjelen@xxxxxxxxxx> 2.6.3-2 - Make service start after network (#1195303) - Update install scriptlet for systemd (#850124) * Thu Aug 21 2014 Warren Togami <warren@xxxxxxxxxxxx> - 2.6.3-1 - upgrade to fwknop-2.6.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1195303 - System attempts to start `fwknopd` before network interfaces online https://bugzilla.redhat.com/show_bug.cgi?id=1195303 [ 2 ] Bug #850124 - Introduce new systemd-rpm macros in fwknop spec file https://bugzilla.redhat.com/show_bug.cgi?id=850124 -------------------------------------------------------------------------------- ================================================================================ gdm-3.15.90.5-1.fc22 (FEDORA-2015-2550) The GNOME Display Manager -------------------------------------------------------------------------------- Update Information: Update to 3.15.90.5. Fixes gnome-initial-setup -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 24 2015 Ray Strode <rstrode@xxxxxxxxxx> - 1:3.15.90.5-1 - Update to 3.15.90.5 - gnome-initial-setup should work again Resolves: #1194948 - X will work better when configured to not need root (still not perfect though) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1194948 - gnome-initial-setup fails to start after Fedora 22 Workstation 2015-02-18 install https://bugzilla.redhat.com/show_bug.cgi?id=1194948 -------------------------------------------------------------------------------- ================================================================================ groonga-5.0.0-1.fc22 (FEDORA-2015-2576) An Embeddable Fulltext Search Engine -------------------------------------------------------------------------------- Update Information: See http://groonga.org/en/blog/2015/02/09/release.html -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 25 2015 HAYASHI Kentaro <hayashi@xxxxxxxxxxxxxx> - 5.0.0-1 - new upstream release. - enable mruby by default. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1187887 - groonga-5.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1187887 -------------------------------------------------------------------------------- ================================================================================ gtk3-3.15.9-1.fc22 (FEDORA-2015-2553) The GIMP ToolKit (GTK+), a library for creating GUIs for X -------------------------------------------------------------------------------- Update Information: This update fixes a crash of anaconda on 32bit boot media. -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 24 2015 Matthias Clasen <mclasen@xxxxxxxxxx> - 3.15.9-1 - Update to 3.15.9 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1185585 - anaconda crashes after continuing from language selection screen https://bugzilla.redhat.com/show_bug.cgi?id=1185585 -------------------------------------------------------------------------------- ================================================================================ guacamole-server-0.9.5-2.fc22 (FEDORA-2015-2559) Server-side native components that form the Guacamole proxy -------------------------------------------------------------------------------- Update Information: Add license macro. -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 25 2015 Simone Caronni <negativo17@xxxxxxxxx> - 0.9.5-2 - Add license macro. * Tue Feb 24 2015 Simone Caronni <negativo17@xxxxxxxxx> - 0.9.5-1 - Update to 0.9.5. - Remove upstreamed patch. -------------------------------------------------------------------------------- ================================================================================ ibus-1.5.10-1.fc22 (FEDORA-2015-2558) Intelligent Input Bus for Linux OS -------------------------------------------------------------------------------- Update Information: This update enables AppIndicator in KDE5. -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 25 2015 Takao Fujiwara <tfujiwar@xxxxxxxxxx> - 1.5.10-1 - Bumped to 1.5.10 * Sat Feb 21 2015 Till Maas <opensource@xxxxxxxxx> - 1.5.9-11 - Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code -------------------------------------------------------------------------------- ================================================================================ kde-workspace-4.11.16-2.fc22 (FEDORA-2015-2565) KDE Workspace -------------------------------------------------------------------------------- Update Information: Strip down kde-workspace package, provide only dependencies needed by remaining KDE 4 applications. The rest is now provided by Plasma 5. -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 25 2015 Daniel Vrátil <dvratil@xxxxxxxxxx> 4.11.16-2 - strip down kde-workspace - disable and remove everything provided by Plasma 5 - create kde-workspace-common which obsoletes all removed subpackages -------------------------------------------------------------------------------- ================================================================================ m17n-db-1.7.0-2.fc22 (FEDORA-2015-2549) Multilingualization datafiles for m17n-lib -------------------------------------------------------------------------------- Update Information: Added Minglish input method (rh#1191543) -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 25 2015 Parag Nemade <pnemade AT redhat DOT com> - 1.7.0-2 - Added Minglish input method (rh#1191543) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1191543 - Minglish - New input method for Marathi Language https://bugzilla.redhat.com/show_bug.cgi?id=1191543 -------------------------------------------------------------------------------- ================================================================================ mod_suphp-0.7.2-1.fc22 (FEDORA-2015-2572) An apache2 module for executing PHP scripts with the permissions of their owners -------------------------------------------------------------------------------- Update Information: Upgraded to new upstream release. -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 23 2015 Andreas Thienemann <andreas@xxxxxxxxx> - 0.7.2-1 - Upgraded to new upstream release. - Got rid of Fedora 5 and older compatibility. - Fixed module loading on EL. - Removed userdir handler patch. Seems not necessarily anymore. - Reworked specfile. -------------------------------------------------------------------------------- ================================================================================ nodejs-0.10.36-3.fc22 (FEDORA-2015-2573) JavaScript runtime -------------------------------------------------------------------------------- Update Information: Resolves an incorrect dependency on the v8 package that may render the nodejs engine unusable. -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 24 2015 T.C. Hollingsworth <tchollingsworth@xxxxxxxxx> - 0.10.36-3 - bump v8 requires (RHBZ#1195457) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1195457 - nodejs-0.10.36 causes undefined symbols https://bugzilla.redhat.com/show_bug.cgi?id=1195457 -------------------------------------------------------------------------------- ================================================================================ perl-Parallel-ForkManager-1.12-1.fc22 (FEDORA-2015-2574) Simple parallel processing fork manager -------------------------------------------------------------------------------- Update Information: Update to latest upstream version. -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 24 2015 Jason L Tibbitts III <tibbs@xxxxxxxxxxx> - 1.12-1 - Update to latest upstream version. - Use most direct download location. -------------------------------------------------------------------------------- ================================================================================ perl-Params-Validate-1.18-1.fc22 (FEDORA-2015-2570) Params-Validate Perl module -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 24 2015 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 1.18-1 - Upstream update. - BR: perl(Test::Version). -------------------------------------------------------------------------------- ================================================================================ perl-Sys-Mmap-0.17-1.fc22 (FEDORA-2015-2554) Use mmap to map in a file as a Perl variable -------------------------------------------------------------------------------- Update Information: Update to 0.17. -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 24 2015 Jason L Tibbitts III <tibbs@xxxxxxxxxxx> - 0.17-1 - Update to 0.17. -------------------------------------------------------------------------------- ================================================================================ perl-UNIVERSAL-require-0.18-1.fc22 (FEDORA-2015-2564) Require() modules from a variable -------------------------------------------------------------------------------- Update Information: Current upstream maintenance release. -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 25 2015 Paul Howarth <paul@xxxxxxxxxxxx> - 0.18-1 - Update to 0.18 - Skip the taint test if Perl was compiled without taint support - Changed use of "use vars" to "our" - Added strict and warnings to PREREQ_PM - Classify buildreqs by usage -------------------------------------------------------------------------------- ================================================================================ policycoreutils-2.3-16.fc22 (FEDORA-2015-2577) SELinux policy core utilities -------------------------------------------------------------------------------- Update Information: Requires:audit-libs-python from policycoreutils-python3 subpackage was removed until there'll be python3 ready audit modules. sepolicy-manpage web functionality was slightly changed in order not to use hard coded system strings, but release version from /etc/system-release -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 24 2015 Petr Lautrbach <plautrba@xxxxxxxxxx> 2.3-16 - Temporary removed Requires:audit-libs-python from policycoreutils-python3 subpackage (#1195139) - Simplication of sepolicy-manpage web functionality (#1193552) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1195139 - policycoreutils-python3 shouldn't require audit-libs-python https://bugzilla.redhat.com/show_bug.cgi?id=1195139 [ 2 ] Bug #1193552 - Missing selinux-policy manpages https://bugzilla.redhat.com/show_bug.cgi?id=1193552 -------------------------------------------------------------------------------- ================================================================================ python-matplotlib-1.4.3-3.fc22 (FEDORA-2015-2560) Python 2D plotting library -------------------------------------------------------------------------------- Update Information: New upstream release. -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 24 2015 Zbigniew Jędrzejewski-Szmek <zbyszek@xxxxxxxxx> - 1.4.3-3 - Use %license, add skimage to build requirements * Tue Feb 17 2015 Elliott Sales de Andrade <quantum.analyst@xxxxxxxxx> - 1.4.3-2 - Disable Qt5 backend on Fedora <21 and RHEL * Tue Feb 17 2015 Elliott Sales de Andrade <quantum.analyst@xxxxxxxxx> - 1.4.3-1 - New upstream release (#1134007) - Add Qt5 backend * Tue Jan 13 2015 Elliott Sales de Andrade <quantum.analyst@xxxxxxxxx> - 1.4.2-1 - Bump to new upstream release - Add qhull-devel to BR - Add six to Requires -------------------------------------------------------------------------------- References: [ 1 ] Bug #1134007 - python-matplotlib-1.4.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1134007 -------------------------------------------------------------------------------- ================================================================================ rnetclient-2014.2-1.fc22 (FEDORA-2015-2571) Submit the Brazilian Income Tax Report to the Brazilian Tax Authority -------------------------------------------------------------------------------- Update Information: First version of the Fedora package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1155376 - Review Request: rnetclient - Program to submit the Brazilian Tax Report https://bugzilla.redhat.com/show_bug.cgi?id=1155376 -------------------------------------------------------------------------------- ================================================================================ smbldap-tools-0.9.10-6.fc22 (FEDORA-2015-2562) User and group administration tools for Samba/OpenLDAP -------------------------------------------------------------------------------- Update Information: This update fixes an issue in smbldap-usermod in which it cannot modify a user's uid. -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 24 2015 Paul Howarth <paul@xxxxxxxxxxxx> - 0.9.10-6 - Add missing export of account_base_rid, needed by smbldap_usermod (#1138608) (https://gna.org/support/?3213) - Use %license where possible -------------------------------------------------------------------------------- References: [ 1 ] Bug #1138608 - smblap-mod uid - Undefined subroutine https://bugzilla.redhat.com/show_bug.cgi?id=1138608 -------------------------------------------------------------------------------- ================================================================================ sssd-1.12.4-2.fc22 (FEDORA-2015-2552) System Security Services Daemon -------------------------------------------------------------------------------- Update Information: Add support for python3 bindings -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 25 2015 Lukas Slebodnik <lslebodn@xxxxxxxxxx> - 1.12.4-2 - Add support for python3 bindings - Add requirement to python3 or python3 bindings - Resolves: rhbz#1014594 - sssd: Support Python 3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1014594 - sssd: Support Python 3 https://bugzilla.redhat.com/show_bug.cgi?id=1014594 -------------------------------------------------------------------------------- ================================================================================ vino-3.15.90-2.fc22 (FEDORA-2015-2557) A remote desktop system for GNOME -------------------------------------------------------------------------------- Update Information: Avoid a critical warning from EggSMClient on startup (#1194174) -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 24 2015 David King <amigadave@xxxxxxxxxxxxx> - 3.15.90-2 - Avoid a critical warning from EggSMClient on startup (#1194174) - Preserve timestamps during install -------------------------------------------------------------------------------- References: [ 1 ] Bug #1194174 - [abrt] vino: _g_log_abort(): vino-server killed by SIGTRAP https://bugzilla.redhat.com/show_bug.cgi?id=1194174 -------------------------------------------------------------------------------- ================================================================================ xdg-utils-1.1.0-0.39.rc3.fc22 (FEDORA-2015-2569) Basic desktop integration functions -------------------------------------------------------------------------------- Update Information: 'xdg-mime query default' return multiple .desktop entries (fdo#60329,#1195718) -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 24 2015 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.1.0-0.39.rc3 - 'xdg-mime query default' return multiple .desktop entries (fdo#60329,#1195718) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1195718 - xdg-mime: generic method can return multiple matches https://bugzilla.redhat.com/show_bug.cgi?id=1195718 -------------------------------------------------------------------------------- ================================================================================ xorg-x11-drv-libinput-0.7.0-3.fc22 (FEDORA-2015-2551) Xorg X11 libinput input driver -------------------------------------------------------------------------------- Update Information: Fix a stack overflow and a crash when setting properties on a disabled device -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 25 2015 Peter Hutterer <peter.hutterer@xxxxxxxxxx> 0.7.0-3 - Fix a crash when setting properties on a disabled device * Wed Feb 25 2015 Peter Hutterer <peter.hutterer@xxxxxxxxxx> 0.7.0-2 - Fix stack smash on pointer init (#1195905) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1195905 - X crashes on Fedora 22 32-bit live images with "stack smashing detected" and a libinput-related backtrace https://bugzilla.redhat.com/show_bug.cgi?id=1195905 -------------------------------------------------------------------------------- ================================================================================ xu4-1.1-0.23.20150221svn3087.fc22 (FEDORA-2015-2568) Ultima IV recreated -------------------------------------------------------------------------------- Update Information: Oops, I screwed up and made the version go backwards. -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 24 2015 Jason L Tibbitts III <tibbs@xxxxxxxxxxx> - 1.1-0.23.20150221svn3087 - Oops, I screwed up and made the version go backwards. -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
