The following Fedora 22 Security updates need testing: Age URL 116 https://admin.fedoraproject.org/updates/FEDORA-2015-5878/echoping-6.1-0.beta.r434svn.1.fc22 65 https://admin.fedoraproject.org/updates/FEDORA-2015-9110/fossil-1.33-1.fc22 65 https://admin.fedoraproject.org/updates/FEDORA-2015-9185/ceph-deploy-1.5.25-1.fc22 54 https://admin.fedoraproject.org/updates/FEDORA-2015-5279/strongswan-5.3.2-1.fc22 44 https://admin.fedoraproject.org/updates/FEDORA-2015-10235/opensaml-java-2.5.3-9.fc22,opensaml-java-openws-1.5.5-2.fc22 34 https://admin.fedoraproject.org/updates/FEDORA-2015-10944/openhpi-3.4.0-2.fc22 21 https://admin.fedoraproject.org/updates/FEDORA-2015-11473/squid-3.4.13-2.fc22 6 https://admin.fedoraproject.org/updates/FEDORA-2015-12001/bzr-2.6.0-8.fc22 6 https://admin.fedoraproject.org/updates/FEDORA-2015-12031/elasticsearch-1.6.1-0.fc22 6 https://admin.fedoraproject.org/updates/FEDORA-2015-12037/drupal6-cck-2.10-1.fc22 6 https://admin.fedoraproject.org/updates/FEDORA-2015-12011/mantis-1.2.19-3.fc22 6 https://admin.fedoraproject.org/updates/FEDORA-2015-12020/uwsgi-2.0.11.1-1.fc22 5 https://admin.fedoraproject.org/updates/FEDORA-2015-12235/wordpress-4.2.3-1.fc22 5 https://admin.fedoraproject.org/updates/FEDORA-2015-12252/lighttpd-1.4.36-1.fc22 5 https://admin.fedoraproject.org/updates/FEDORA-2015-12245/openstack-swift-2.2.0-5.fc22 3 https://admin.fedoraproject.org/updates/FEDORA-2015-12574/rubygems-2.4.8-100.fc22 3 https://admin.fedoraproject.org/updates/FEDORA-2015-12544/community-mysql-5.6.26-1.fc22 3 https://admin.fedoraproject.org/updates/FEDORA-2015-12435/xfsprogs-3.2.2-2.fc22 1 https://admin.fedoraproject.org/updates/FEDORA-2015-12657/xen-4.5.1-5.fc22 1 https://admin.fedoraproject.org/updates/FEDORA-2015-12647/lxc-1.1.2-2.fc22 0 https://admin.fedoraproject.org/updates/FEDORA-2015-12719/nbd-3.11-1.fc22 0 https://admin.fedoraproject.org/updates/FEDORA-2015-12699/devscripts-2.15.8-1.fc22 The following Fedora 22 Critical Path updates have yet to be approved: Age URL 13 https://admin.fedoraproject.org/updates/FEDORA-2015-11874/perl-HTTP-Message-6.10-1.fc22 5 https://admin.fedoraproject.org/updates/FEDORA-2015-12153/libfm-1.2.3-12.D20150713gitf47c9ae7ae.fc22 0 https://admin.fedoraproject.org/updates/FEDORA-2015-12696/libidn-1.32-1.fc22 0 https://admin.fedoraproject.org/updates/FEDORA-2015-12713/bash-4.3.39-6.fc22 The following builds have been pushed to Fedora 22 updates-testing antimicro-2.17-1.fc22 armadillo-5.300.4-1.fc22 bash-4.3.39-6.fc22 devscripts-2.15.8-1.fc22 globus-gass-cache-9.7-1.fc22 globus-gram-job-manager-14.27-1.fc22 globus-proxy-utils-6.13-1.fc22 globus-simple-ca-4.22-1.fc22 gnome-software-3.16.5-1.fc22 libidn-1.32-1.fc22 libpinyin-1.2.0-1.fc22 mintmenu-5.6.4-1.fc22 mod_lookup_identity-0.9.3-1.fc22 nbd-3.11-1.fc22 perl-DateTime-Format-Natural-1.03-1.fc22 perl-Syntax-Highlight-Engine-Kate-0.10-1.fc22 perl-threads-lite-0.034-2.fc22 php-phpunit-PHP-CodeCoverage-2.2.1-1.fc22 php-phpunit-environment-1.3.2-1.fc22 publicsuffix-list-20150731-1.fc22 rebase-helper-0.6.0-1.fc22 Details about builds: ================================================================================ antimicro-2.17-1.fc22 (FEDORA-2015-12692) Graphical program used to map keyboard buttons and mouse controls to a gamepad -------------------------------------------------------------------------------- Update Information: new upstream release v2.17 (#1249393) new upstream release v2.16 (#1246074) -------------------------------------------------------------------------------- ChangeLog: * Sun Aug 2 2015 Jeff Backus <jeff.backus@xxxxxxxxx> - 2.17-1 - new upstream release v2.17 (#1249393) * Fri Jul 24 2015 Jeff Backus <jeff.backus@xxxxxxxxx> - 2.16-1 - new upstream release v2.16 (#1246074) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1249393 - antimicro-2.17 is available https://bugzilla.redhat.com/show_bug.cgi?id=1249393 [ 2 ] Bug #1246074 - antimicro-2.16 is available https://bugzilla.redhat.com/show_bug.cgi?id=1246074 -------------------------------------------------------------------------------- ================================================================================ armadillo-5.300.4-1.fc22 (FEDORA-2015-12691) Fast C++ matrix library with interfaces to LAPACK and ATLAS -------------------------------------------------------------------------------- Update Information: Version 5.300.4 (Plutocracy Incorporated) * added generalised Schur decomposition: qz() * added .has_inf() and .has_nan() * expanded interp1() to handle out-of-domain locations * expanded sparse matrix class with .set_imag() and .set_real() * expanded imag(), real() and conj() to handle sparse matrices * expanded diagmat(), reshape() and resize() to handle sparse matrices * faster sparse sum() * faster row-wise sum(), mean(), min(), max() * updated physical constants to NIST 2014 CODATA values * fixes for handling sparse submatrix views -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 3 2015 José Matos <jamatos@xxxxxxxxxxxxxxxxx> - 5.300.4-1 - update to 5.300.4 - add %license tag -------------------------------------------------------------------------------- References: [ 1 ] Bug #1249612 - armadillo-5.300.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1249612 -------------------------------------------------------------------------------- ================================================================================ bash-4.3.39-6.fc22 (FEDORA-2015-12713) The GNU Bourne Again shell -------------------------------------------------------------------------------- Update Information: Ancient memory leak came up again, fix taken from upstream's devel branch. -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 3 2015 Ondrej Oprala - 4.3.39-6 - #1245233 - fixed memleak -------------------------------------------------------------------------------- References: [ 1 ] Bug #1245233 - bash script shows memory leak https://bugzilla.redhat.com/show_bug.cgi?id=1245233 -------------------------------------------------------------------------------- ================================================================================ devscripts-2.15.8-1.fc22 (FEDORA-2015-12699) Scripts for Debian Package maintainers -------------------------------------------------------------------------------- Update Information: Update to version 2.15.8, see http://metadata.ftp-master.debian.org/changelogs//main/d/devscripts/devscripts_2.15.8_changelog for details. Fixes CVE-2015-5705. Update to version 2.15.7, see http://metadata.ftp-master.debian.org/changelogs//main/d/devscripts/devscripts_2.15.7_changelog for details. This update fixes licensecheck refusing to parse some text files such as C++ source files. Update to version 2.15.6, see http://metadata.ftp-master.debian.org/changelogs//main/d/devscripts/devscripts_2.15.6_changelog for details. Update to version 2.15.6, see http://metadata.ftp-master.debian.org/changelogs//main/d/devscripts/devscripts_2.15.6_changelog for details. This update fixes licensecheck refusing to parse some text files such as C++ source files. Update to version 2.15.6, see http://metadata.ftp-master.debian.org/changelogs//main/d/devscripts/devscripts_2.15.6_changelog for details. Update to version 2.15.6, see http://metadata.ftp-master.debian.org/changelogs//main/d/devscripts/devscripts_2.15.6_changelog for details. Update to version 2.15.7, see http://metadata.ftp-master.debian.org/changelogs//main/d/devscripts/devscripts_2.15.7_changelog for details. This update fixes licensecheck refusing to parse some text files such as C++ source files. Update to version 2.15.6, see http://metadata.ftp-master.debian.org/changelogs//main/d/devscripts/devscripts_2.15.6_changelog for details. Update to version 2.15.6, see http://metadata.ftp-master.debian.org/changelogs//main/d/devscripts/devscripts_2.15.6_changelog for details. This update fixes licensecheck refusing to parse some text files such as C++ source files. Update to version 2.15.6, see http://metadata.ftp-master.debian.org/changelogs//main/d/devscripts/devscripts_2.15.6_changelog for details. Update to version 2.15.6, see http://metadata.ftp-master.debian.org/changelogs//main/d/devscripts/devscripts_2.15.6_changelog for details. -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 3 2015 Sandro Mani <manisandro@xxxxxxxxx> - 2.15.8-1 - Update to 2.15.8 * Sat Aug 1 2015 Sandro Mani <manisandro@xxxxxxxxx> - 2.15.7-1 - Update to 2.15.7 * Sat Aug 1 2015 Sandro Mani <manisandro@xxxxxxxxx> - 2.15.6-2 - Fix licensecheck incorrectly detecting mime strings such as text/x-c++ as a binary file (#1249227) * Wed Jul 29 2015 Sandro Mani <manisandro@xxxxxxxxx> - 2.15.6-1 - Update to 2.15.6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1249635 - CVE-2015-5704 devscripts: arbitrary shell command injection https://bugzilla.redhat.com/show_bug.cgi?id=1249635 [ 2 ] Bug #1249645 - CVE-2015-5705 devscripts: argument injection vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=1249645 -------------------------------------------------------------------------------- ================================================================================ globus-gass-cache-9.7-1.fc22 (FEDORA-2015-12707) Globus Toolkit - Globus Gass Cache -------------------------------------------------------------------------------- Update Information: Globus Toolkit updates: * globus-gass-cache 9.7 * globus-gram-job-manager 14.27 * globus-proxy-utils 6.13 * globus-simple-ca 4.22 Fixed issues: * https://globus.atlassian.net/browse/GT-617: Use 4096-bit RSA key for globus-simple-ca * https://globus.atlassian.net/browse/GT-618: GASS Cache error mishandling causes crash * https://globus.atlassian.net/browse/GT-619: Uninitialized data in job manager cause crash -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 3 2015 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 9.7-1 - GT6 update: GT-618: GASS Cache error mishandling causes crash * Wed Jun 17 2015 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 9.5-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ globus-gram-job-manager-14.27-1.fc22 (FEDORA-2015-12707) Globus Toolkit - GRAM Jobmanager -------------------------------------------------------------------------------- Update Information: Globus Toolkit updates: * globus-gass-cache 9.7 * globus-gram-job-manager 14.27 * globus-proxy-utils 6.13 * globus-simple-ca 4.22 Fixed issues: * https://globus.atlassian.net/browse/GT-617: Use 4096-bit RSA key for globus-simple-ca * https://globus.atlassian.net/browse/GT-618: GASS Cache error mishandling causes crash * https://globus.atlassian.net/browse/GT-619: Uninitialized data in job manager cause crash -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 3 2015 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 14.27-1 - GT6 update: GT-619: Uninitialized data in job manager cause crash -------------------------------------------------------------------------------- ================================================================================ globus-proxy-utils-6.13-1.fc22 (FEDORA-2015-12707) Globus Toolkit - Globus GSI Proxy Utility Programs -------------------------------------------------------------------------------- Update Information: Globus Toolkit updates: * globus-gass-cache 9.7 * globus-gram-job-manager 14.27 * globus-proxy-utils 6.13 * globus-simple-ca 4.22 Fixed issues: * https://globus.atlassian.net/browse/GT-617: Use 4096-bit RSA key for globus-simple-ca * https://globus.atlassian.net/browse/GT-618: GASS Cache error mishandling causes crash * https://globus.atlassian.net/browse/GT-619: Uninitialized data in job manager cause crash -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 3 2015 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 6.13-1 - GT6 update: Add explicit name comparison mode selection option -------------------------------------------------------------------------------- ================================================================================ globus-simple-ca-4.22-1.fc22 (FEDORA-2015-12707) Globus Toolkit - Simple CA Utility -------------------------------------------------------------------------------- Update Information: Globus Toolkit updates: * globus-gass-cache 9.7 * globus-gram-job-manager 14.27 * globus-proxy-utils 6.13 * globus-simple-ca 4.22 Fixed issues: * https://globus.atlassian.net/browse/GT-617: Use 4096-bit RSA key for globus-simple-ca * https://globus.atlassian.net/browse/GT-618: GASS Cache error mishandling causes crash * https://globus.atlassian.net/browse/GT-619: Uninitialized data in job manager cause crash -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 3 2015 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 4.22-1 - GT6 update: Use 4096-bit RSA key for globus-simple-ca * Wed Jun 17 2015 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 4.20-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ gnome-software-3.16.5-1.fc22 (FEDORA-2015-12712) A software center for GNOME -------------------------------------------------------------------------------- Update Information: gnome-software 3.16.5 release. * Show installation progress when installing apps * Several improvements to featured app banners * Fix a possible crash when launching an installed app * Update the styling of the history dialog to make sure unclickable rows don't appear clickable * Make sure apps that aren't installable are properly hidden in the category view * Fix an issue that caused "Source: Unknown" to be shown in the app details view -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 3 2015 Kalev Lember <klember@xxxxxxxxxx> - 3.16.5-1 - Update to 3.16.5 -------------------------------------------------------------------------------- ================================================================================ libidn-1.32-1.fc22 (FEDORA-2015-12696) Internationalized Domain Name support library -------------------------------------------------------------------------------- Update Information: This update fixes a crash with malformed UTF-8. -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 3 2015 Miroslav Lichvar <mlichvar@xxxxxxxxxx> - 1.32-1.fc22 - update to 1.32 -------------------------------------------------------------------------------- ================================================================================ libpinyin-1.2.0-1.fc22 (FEDORA-2015-12702) Library to deal with pinyin -------------------------------------------------------------------------------- Update Information: new upstream release. -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 3 2015 Peng Wu <pwu@xxxxxxxxxx> - 1.2.0-1 - Update to 1.2.0 -------------------------------------------------------------------------------- ================================================================================ mintmenu-5.6.4-1.fc22 (FEDORA-2015-12700) Advanced Menu for the MATE Desktop -------------------------------------------------------------------------------- Update Information: - update to 5.6.4 release -------------------------------------------------------------------------------- ChangeLog: * Sun Aug 2 2015 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 5.6.4-1 - update to 5.6.4 release - adjust mintmenu_datadir.patch - adjust mintmenu_run-as-superuser.patch - install %{_datadir}/linuxmint/mintMenu/search_engines - adjust icon cache scriptlets - adjust panel icon * Wed Jun 17 2015 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 5.6.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ mod_lookup_identity-0.9.3-1.fc22 (FEDORA-2015-12697) Apache module to retrieve additional information about the authenticated user -------------------------------------------------------------------------------- Update Information: Rebase mod_lookup_identity to 0.9.3 to get the LookupUserByCertificate functionality. -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 3 2015 Jan Pazdziora <jpazdziora@xxxxxxxxxx> - 0.9.3-1 - Added LookupUserByCertificate. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1249517 - Rebase mod_lookup_identity to 0.9.3 to get the LookupUserByCertificate functionality https://bugzilla.redhat.com/show_bug.cgi?id=1249517 -------------------------------------------------------------------------------- ================================================================================ nbd-3.11-1.fc22 (FEDORA-2015-12719) Network Block Device user-space tools (TCP version) -------------------------------------------------------------------------------- Update Information: * Fix unsafe signal handlers to avoid DoS attack [CVE-2015-0847]. -------------------------------------------------------------------------------- ChangeLog: * Sat Jul 11 2015 Christopher Meng <rpm@xxxxxxxx> - 3.11-1 - Update to 3.11 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1222027 - CVE-2015-0847 nbd: nbd-server denial of service due to unsafe signal handlers https://bugzilla.redhat.com/show_bug.cgi?id=1222027 -------------------------------------------------------------------------------- ================================================================================ perl-DateTime-Format-Natural-1.03-1.fc22 (FEDORA-2015-12701) Create machine readable date/time with natural parsing logic -------------------------------------------------------------------------------- Update Information: A new version of DateTime::Format::Natural is available. See http://cpansearch.perl.org/src/SCHUBIGER/DateTime-Format-Natural-1.03/Changes for the summary of changes in this release. -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 3 2015 Petr Šabata <contyk@xxxxxxxxxx> - 1.03-1 - 1.03 bump * Thu Jun 18 2015 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.02-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Sat Jun 6 2015 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 1.02-2 - Perl 5.22 rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1249431 - perl-DateTime-Format-Natural-1.03 is available https://bugzilla.redhat.com/show_bug.cgi?id=1249431 -------------------------------------------------------------------------------- ================================================================================ perl-Syntax-Highlight-Engine-Kate-0.10-1.fc22 (FEDORA-2015-12709) Port to Perl of the syntax highlight engine of the Kate text editor -------------------------------------------------------------------------------- Update Information: This release improves documentation. -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 3 2015 Petr Pisar <ppisar@xxxxxxxxxx> - 0.10-1 - 0.10 bump -------------------------------------------------------------------------------- References: [ 1 ] Bug #1249360 - perl-Syntax-Highlight-Engine-Kate-0.10 is available https://bugzilla.redhat.com/show_bug.cgi?id=1249360 -------------------------------------------------------------------------------- ================================================================================ perl-threads-lite-0.034-2.fc22 (FEDORA-2015-12693) Actor model threading for Perl -------------------------------------------------------------------------------- Update Information: Disable tests on AArch64 platform as a workaround for relesed Fedoras. -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 3 2015 Petr Pisar <ppisar@xxxxxxxxxx> - 0.034-2 - Disable checks on aarch64 (bug #719874) -------------------------------------------------------------------------------- References: [ 1 ] Bug #719874 - perl-threads-lite keeps hanging during self checks https://bugzilla.redhat.com/show_bug.cgi?id=719874 -------------------------------------------------------------------------------- ================================================================================ php-phpunit-PHP-CodeCoverage-2.2.1-1.fc22 (FEDORA-2015-12102) PHP code coverage information -------------------------------------------------------------------------------- Update Information: **php-code-coverage 2.2.1** - 2015-08-02 * Bumped required version of sebastian/environment to 1.3.1 for #365 **php-code-coverage 2.2.0** - 2015-08-01 * Added a driver for PHPDBG (requires PHP 7) * Added PHP_CodeCoverage::setDisableIgnoredLines() to disable the ignoring of lines using annotations such as @codeCoverageIgnore -------------------------------------------------------------------------------- ChangeLog: * Sun Aug 2 2015 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.2.1-1 - update to 2.2.1 (no change) - raise dependency on sebastian/environment ~1.3.1 -------------------------------------------------------------------------------- ================================================================================ php-phpunit-environment-1.3.2-1.fc22 (FEDORA-2015-12102) Handle HHVM/PHP environments -------------------------------------------------------------------------------- Update Information: **php-code-coverage 2.2.1** - 2015-08-02 * Bumped required version of sebastian/environment to 1.3.1 for #365 **php-code-coverage 2.2.0** - 2015-08-01 * Added a driver for PHPDBG (requires PHP 7) * Added PHP_CodeCoverage::setDisableIgnoredLines() to disable the ignoring of lines using annotations such as @codeCoverageIgnore -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 3 2015 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.3.2-1 - update to 1.3.2 * Sun Jul 26 2015 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.3.0-1 - update to 1.3.0 -------------------------------------------------------------------------------- ================================================================================ publicsuffix-list-20150731-1.fc22 (FEDORA-2015-12694) Cross-vendor public domain suffix database -------------------------------------------------------------------------------- Update Information: The latest revision - 20150731 -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 3 2015 Yanko Kaneti <yaneti@xxxxxxxxxxx> - 20150731-1 - The latest revision - 20150731 - Move to the new upstream filename. Install a compat symlink for now * Thu Jun 18 2015 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 20150506-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ rebase-helper-0.6.0-1.fc22 (FEDORA-2015-12690) The tool which helps you with rebase package -------------------------------------------------------------------------------- Update Information: New upstream version 0.6.0 (#1249518) -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 31 2015 Petr Hracek <phracek@xxxxxxxxxx> - 0.6.0-1 - New upstream version 0.6.0 (#1249518) * Thu Jun 18 2015 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.5.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1249518 - rebase-helper-0.6.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1249518 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
