The following Fedora 22 Security updates need testing: Age URL 120 https://admin.fedoraproject.org/updates/FEDORA-2015-5878/echoping-6.1-0.beta.r434svn.1.fc22 69 https://admin.fedoraproject.org/updates/FEDORA-2015-9110/fossil-1.33-1.fc22 69 https://admin.fedoraproject.org/updates/FEDORA-2015-9185/ceph-deploy-1.5.25-1.fc22 58 https://admin.fedoraproject.org/updates/FEDORA-2015-5279/strongswan-5.3.2-1.fc22 38 https://admin.fedoraproject.org/updates/FEDORA-2015-10944/openhpi-3.4.0-2.fc22 25 https://admin.fedoraproject.org/updates/FEDORA-2015-11473/squid-3.4.13-2.fc22 9 https://admin.fedoraproject.org/updates/FEDORA-2015-12001/bzr-2.6.0-8.fc22 9 https://admin.fedoraproject.org/updates/FEDORA-2015-12031/elasticsearch-1.6.1-0.fc22 9 https://admin.fedoraproject.org/updates/FEDORA-2015-12020/uwsgi-2.0.11.1-1.fc22 7 https://admin.fedoraproject.org/updates/FEDORA-2015-12435/xfsprogs-3.2.2-2.fc22 6 https://admin.fedoraproject.org/updates/FEDORA-2015-12574/rubygems-2.4.8-100.fc22 6 https://admin.fedoraproject.org/updates/FEDORA-2015-12544/community-mysql-5.6.26-1.fc22 4 https://admin.fedoraproject.org/updates/FEDORA-2015-12657/xen-4.5.1-5.fc22 4 https://admin.fedoraproject.org/updates/FEDORA-2015-12647/lxc-1.1.2-2.fc22 3 https://admin.fedoraproject.org/updates/FEDORA-2015-12719/nbd-3.11-1.fc22 3 https://admin.fedoraproject.org/updates/FEDORA-2015-12699/devscripts-2.15.8-1.fc22 2 https://admin.fedoraproject.org/updates/FEDORA-2015-12781/python-kdcproxy-0.3.2-1.fc22 2 https://admin.fedoraproject.org/updates/FEDORA-2015-12235/wordpress-4.2.4-1.fc22 0 https://admin.fedoraproject.org/updates/FEDORA-2015-13001/webkitgtk4-2.8.5-1.fc22 0 https://admin.fedoraproject.org/updates/FEDORA-2015-12921/pcre-8.37-3.fc22 0 https://admin.fedoraproject.org/updates/FEDORA-2015-13002/golang-1.4.2-3.fc22 0 https://admin.fedoraproject.org/updates/FEDORA-2015-12923/erlang-17.4-4.fc22 0 https://admin.fedoraproject.org/updates/FEDORA-2015-12908/kernel-4.1.4-200.fc22 0 https://admin.fedoraproject.org/updates/FEDORA-2015-12961/pure-ftpd-1.0.36-7.fc22 0 https://admin.fedoraproject.org/updates/FEDORA-2015-12978/rubygem-rack-1.6.1-2.fc22 0 https://admin.fedoraproject.org/updates/FEDORA-2015-12987/nagios-plugins-2.0.3-1.fc22 The following Fedora 22 Critical Path updates have yet to be approved: Age URL 9 https://admin.fedoraproject.org/updates/FEDORA-2015-12153/libfm-1.2.3-12.D20150713gitf47c9ae7ae.fc22 3 https://admin.fedoraproject.org/updates/FEDORA-2015-12696/libidn-1.32-1.fc22 0 https://admin.fedoraproject.org/updates/FEDORA-2015-13008/pyOpenSSL-0.15.1-1.fc22 0 https://admin.fedoraproject.org/updates/FEDORA-2015-12921/pcre-8.37-3.fc22 0 https://admin.fedoraproject.org/updates/FEDORA-2015-12906/exo-0.10.6-4.fc22 The following builds have been pushed to Fedora 22 updates-testing adobe-source-han-sans-cn-fonts-1.004-1.fc22 adobe-source-han-sans-twhk-fonts-1.004-1.fc22 golang-github-jtolds-gls-0-0.2.git9a4a02d.fc22 golang-github-kimor79-gollectd-0-0.3.git1d0fc88.fc22 lttng-ust-2.6.2-2.fc22 php-5.6.12-1.fc22 php-phpunit-DbUnit-1.4.1-1.fc22 puppet-4.1.0-4.fc22 pyOpenSSL-0.15.1-1.fc22 python-jsonpointer-1.9-2.fc22 python-pysaml2-3.0.0-1.fc22 smemstat-0.01.14-1.fc22 Details about builds: ================================================================================ adobe-source-han-sans-cn-fonts-1.004-1.fc22 (FEDORA-2015-13016) Adobe OpenType Pan-CJK font family for Simplified Chinese -------------------------------------------------------------------------------- Update Information: new upstream release. -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 7 2015 Peng Wu <pwu@xxxxxxxxxx> - 1.004-1 - Update to 1.004 * Tue Jun 16 2015 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.002-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ adobe-source-han-sans-twhk-fonts-1.004-1.fc22 (FEDORA-2015-13016) Adobe OpenType Pan-CJK font family for Traditional Chinese -------------------------------------------------------------------------------- Update Information: new upstream release. -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 7 2015 Peng Wu <pwu@xxxxxxxxxx> - 1.004-1 - Update to 1.004 -------------------------------------------------------------------------------- ================================================================================ golang-github-jtolds-gls-0-0.2.git9a4a02d.fc22 (FEDORA-2015-13012) Goroutine local storage -------------------------------------------------------------------------------- Update Information: Update spec file to spec-2.0 -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 6 2015 Fridolin Pokorny <fpokorny@xxxxxxxxxx> - 0-0.2.git9a4a02d - Update spec file to spec-2.0 resolves: #1250490 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1250490 - Tracker for golang-github-jtolds-gls https://bugzilla.redhat.com/show_bug.cgi?id=1250490 -------------------------------------------------------------------------------- ================================================================================ golang-github-kimor79-gollectd-0-0.3.git1d0fc88.fc22 (FEDORA-2015-13015) A go parser for the collectd binary protocol -------------------------------------------------------------------------------- Update Information: Update spec file to spec-2.0 -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 7 2015 Fridolin Pokorny <fpokorny@xxxxxxxxxx> - 0-0.2.git1d0fc88 - Update spec file to spec-2.0 resolves: #1250491 * Wed Jun 17 2015 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0-0.2.git1d0fc88 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1250491 - Tracker for golang-github-kimor79-gollectd https://bugzilla.redhat.com/show_bug.cgi?id=1250491 -------------------------------------------------------------------------------- ================================================================================ lttng-ust-2.6.2-2.fc22 (FEDORA-2015-13014) LTTng Userspace Tracer library -------------------------------------------------------------------------------- Update Information: Remove remaining BR for SystemTap SDT and add python as a BR New upstream release -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 6 2015 Suchakra Sharma <suchakra@xxxxxxxxxxxxxxxxx> - 2.6.2-2 - Remove remaining BR for SystemTap SDT and add python as a BR * Thu Jul 23 2015 Michael Jeanson <mjeanson@xxxxxxxxx> - 2.6.2-1 - New upstream release - Drop SystemTap SDT support - Remove patches applied upstream * Wed Jun 17 2015 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.5.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1251167 - extraneous "BR: systemtap-sdt-devel" https://bugzilla.redhat.com/show_bug.cgi?id=1251167 [ 2 ] Bug #1251164 - lttng-ust FTBFS in Rawhide due to missing BR: python https://bugzilla.redhat.com/show_bug.cgi?id=1251164 -------------------------------------------------------------------------------- ================================================================================ php-5.6.12-1.fc22 (FEDORA-2015-13006) PHP scripting language for creating dynamic web sites -------------------------------------------------------------------------------- Update Information: 06 Aug 2015, **PHP 5.6.12** **Core:** * Fixed bug #70012 (Exception lost with nested finally block). (Laruence) * Fixed bug #70002 (TS issues with temporary dir handling). (Anatol) * Fixed bug #69793 (Remotely triggerable stack exhaustion via recursive method calls). (Stas) * Fixed bug #69892 (Different arrays compare indentical due to integer key truncation). (Nikita) * Fixed bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref). (Stas) **CLI server:** * Fixed bug #69655 (php -S changes MKCALENDAR request method to MKCOL). (cmb) * Fixed bug #64878 (304 responses return Content-Type header). (cmb) **GD:** * Fixed bug #53156 (imagerectangle problem with point ordering). (cmb) * Fixed bug #66387 (Stack overflow with imagefilltoborder). (cmb) * Fixed bug #70102 (imagecreatefromwebm() shifts colors). (cmb) * Fixed bug #66590 (imagewebp() doesn't pad to even length). (cmb) * Fixed bug #66882 (imagerotate by -90 degrees truncates image by 1px). (cmb) * Fixed bug #70064 (imagescale(..., IMG_BICUBIC) leaks memory). (cmb) * Fixed bug #69024 (imagescale segfault with palette based image). (cmb) * Fixed bug #53154 (Zero-height rectangle has whiskers). (cmb) * Fixed bug #67447 (imagecrop() add a black line when cropping). (cmb) * Fixed bug #68714 (copy 'n paste error). (cmb) * Fixed bug #66339 (PHP segfaults in imagexbm). (cmb) * Fixed bug #70047 (gd_info() doesn't report WebP support). (cmb) **ODBC:** * Fixed bug #69975 (PHP segfaults when accessing nvarchar(max) defined columns). (cmb) **OpenSSL:** * Fixed bug #69882 (OpenSSL error “key values mismatch” after openssl_pkcs12_read with extra cert) (Tomasz Sawicki) * Fixed bug #70014 (openssl_random_pseudo_bytes() is not cryptographically secure). (Stas) **Phar:** * Improved fix for bug #69441. (Anatol Belski) * Fixed bug #70019 (Files extracted from archive may be placed outside of destination directory). (Anatol Belski) **SOAP:** * Fixed bug #70081 (SoapClient info leak / null pointer dereference via multiple type confusions). (Stas) **SPL:** * Fixed bug #70068 (Dangling pointer in the unserialization of ArrayObject items). (sean.heelan) * Fixed bug #70166 (Use After Free Vulnerability in unserialize() with SPLArrayObject). (taoguangchen at icloud dot com) * Fixed bug #70168 (Use After Free Vulnerability in unserialize() with SplObjectStorage). (taoguangchen at icloud dot com) * Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList). (taoguangchen at icloud dot com) **Standard:** * Fixed bug #70096 (Repeated iptcembed() adds superfluous FF bytes). (cmb) -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 6 2015 Remi Collet <remi@xxxxxxxxxxxxxxxxx> 5.6.12-1 - Update to 5.6.12 http://www.php.net/releases/5_6_12.php -------------------------------------------------------------------------------- ================================================================================ php-phpunit-DbUnit-1.4.1-1.fc22 (FEDORA-2015-13017) DbUnit port for PHP/PHPUnit -------------------------------------------------------------------------------- Update Information: New upstream version (only cleanups) -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 7 2015 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.4.1-1 - update to 1.4.1 - drop pear provides * Thu Jun 18 2015 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.4.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ puppet-4.1.0-4.fc22 (FEDORA-2015-13018) A network tool for managing many disparate systems -------------------------------------------------------------------------------- Update Information: 1251060 - (PUP-4497) Ignore obsoleted packages on update check 1246238 - Puppet agent systemd unit forking mode corrected Puppet agent is started via exec rather than sub-process -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 6 2015 Gaël Chamoulaud <gchamoul@xxxxxxxxxx> 4.1.0-4 - 1251060 - (PUP-4497) Ignore obsoleted packages on update check * Thu Jul 30 2015 Lukas Zapletal <lzap+rpm@xxxxxxxxxx> 4.1.0-3 - 1246238 - Puppet agent systemd unit forking mode corrected * Tue Jul 21 2015 Lukas Zapletal <lzap+rpm@xxxxxxxxxx> 4.1.0-2 - 1246238 - Puppet agent is started via exec rather than sub-process -------------------------------------------------------------------------------- References: [ 1 ] Bug #1246238 - Puppet agent doesn't start cleanly in F22 https://bugzilla.redhat.com/show_bug.cgi?id=1246238 [ 2 ] Bug #1251060 - Provider fails to check for updates if obsoletes are present https://bugzilla.redhat.com/show_bug.cgi?id=1251060 -------------------------------------------------------------------------------- ================================================================================ pyOpenSSL-0.15.1-1.fc22 (FEDORA-2015-13008) Python wrapper module around the OpenSSL library -------------------------------------------------------------------------------- Update Information: New upstream version fixing Python 3 conversion regressions. -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 7 2015 Tomáš Mráz <tmraz@xxxxxxxxxx> - 0.15.1-1 - Upgrade to 0.15.1 * Thu Jun 18 2015 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.14-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Thu May 14 2015 Tomáš Mráz <tmraz@xxxxxxxxxx> - 0.14-4 - allow changing the digest used when exporting CRL and use SHA1 by default -------------------------------------------------------------------------------- References: [ 1 ] Bug #1247733 - Fix regressions in support for bytes / unicode in certain APIs https://bugzilla.redhat.com/show_bug.cgi?id=1247733 -------------------------------------------------------------------------------- ================================================================================ python-jsonpointer-1.9-2.fc22 (FEDORA-2015-13003) Resolve JSON Pointers in Python -------------------------------------------------------------------------------- Update Information: Update to 1.9 -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 7 2015 Alan Pevec <apevec@xxxxxxxxx> - 1.9-2 - Update to 1.9 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1136281 - python-jsonpointer-1.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1136281 -------------------------------------------------------------------------------- ================================================================================ python-pysaml2-3.0.0-1.fc22 (FEDORA-2015-10134) Python implementation of SAML Version 2 -------------------------------------------------------------------------------- Update Information: New package python-pysaml2 - Python implementation of SAML Version 2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1232186 - Review Request: python-pysaml2 - Python implementation of SAML Version 2 https://bugzilla.redhat.com/show_bug.cgi?id=1232186 -------------------------------------------------------------------------------- ================================================================================ smemstat-0.01.14-1.fc22 (FEDORA-2015-13009) Shared memory usage monitoring tool -------------------------------------------------------------------------------- Update Information: New upstream release with minor changes. * Makefile: bump version * Fix null ptr dereference when UID can't be read (LP: #1473245) -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 6 2015 Eduardo Mayorga Téllez <mayorga@xxxxxxxxxxxxxxxxx> - 0.01.14-1 - Update to 0.01.14 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1241729 - smemstat-0.01.14 is available https://bugzilla.redhat.com/show_bug.cgi?id=1241729 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
