The following Fedora 21 Security updates need testing: Age URL 286 https://bodhi.fedoraproject.org/updates/FEDORA-2015-1467 openstack-glance-2014.1.3-4.fc21 166 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9141 ceph-deploy-1.5.25-1.fc21 155 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9744 squid-3.4.13-1.fc21 99 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12773 python-kdcproxy-0.3.2-1.fc21 82 https://bodhi.fedoraproject.org/updates/FEDORA-2015-1fed73bab8 conntrack-tools-1.4.2-9.fc21 78 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14179 libreswan-3.15-1.fc21 78 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14200 sblim-sfcb-1.4.8-5.fc21 70 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14852 libwmf-0.2.8.4-46.fc21 53 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16238 nagios-4.0.8-1.fc21 40 https://bodhi.fedoraproject.org/updates/FEDORA-2015-af1b712fce python-pymongo-3.0.3-1.fc21 40 https://bodhi.fedoraproject.org/updates/FEDORA-2015-d292a98f01 cyrus-imapd-2.4.18-1.fc21 40 https://bodhi.fedoraproject.org/updates/FEDORA-2015-048e95ac1d thunderbird-38.3.0-1.fc21 34 https://bodhi.fedoraproject.org/updates/FEDORA-2015-d683ebb786 postgresql-9.3.10-1.fc21 32 https://bodhi.fedoraproject.org/updates/FEDORA-2015-1f9e79df21 audiofile-0.3.6-9.fc21 26 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6542ab6d3a libreport-2.3.0-10.fc21 abrt-2.3.0-12.fc21 11 https://bodhi.fedoraproject.org/updates/FEDORA-2015-47cf97f125 git-2.1.0-6.fc21 11 https://bodhi.fedoraproject.org/updates/FEDORA-2015-780302029a dovecot-2.2.19-1.fc21 11 https://bodhi.fedoraproject.org/updates/FEDORA-2015-fed35dffd7 perl-HTML-Scrubber-0.15-1.fc21 11 https://bodhi.fedoraproject.org/updates/FEDORA-2015-69e6c3607f miniupnpc-1.9-6.fc21 9 https://bodhi.fedoraproject.org/updates/FEDORA-2015-cfea96144a wpa_supplicant-2.0-16.fc21 9 https://bodhi.fedoraproject.org/updates/FEDORA-2015-240dd21cb6 perl-IPTables-Parse-1.5-2.fc21 7 https://bodhi.fedoraproject.org/updates/FEDORA-2015-bf4adb12aa drupal7-jquery_update-2.7-1.fc21 7 https://bodhi.fedoraproject.org/updates/FEDORA-2015-bd6d51590e wildmagic5-5.13-12.fc21 7 https://bodhi.fedoraproject.org/updates/FEDORA-2015-136a34204f MUMPS-5.0.1-4.fc21 7 https://bodhi.fedoraproject.org/updates/FEDORA-2015-3471dfb5b4 snappy-player-1.0-7.20151010git166a98.fc21 7 https://bodhi.fedoraproject.org/updates/FEDORA-2015-a117082cd2 owncloud-8.0.9-1.fc21 7 https://bodhi.fedoraproject.org/updates/FEDORA-2015-0080239274 sudo-1.8.15-1.fc21 7 https://bodhi.fedoraproject.org/updates/FEDORA-2015-446074b60f m2crypto-0.22.5-2.fc21 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-200d2dfd9f krb5-1.12.2-19.fc21 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-0f405832d3 libsndfile-1.0.25-16.fc21 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-8812d60d65 tubo-5.0.15-3.fc21 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-624b7176ff librfm-5.3.16-8.fc21 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-f92fd549f1 libreoffice-4.3.7.2-13.fc21 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-e75992a62a putty-0.65-2.fc21 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-a3965fd800 pdns-3.4.7-1.fc21 1 https://bodhi.fedoraproject.org/updates/FEDORA-2015-a275fd68f2 zarafa-7.1.14-1.fc21 1 https://bodhi.fedoraproject.org/updates/FEDORA-2015-f150b2a8c8 xen-4.4.3-8.fc21 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-f2c534bc12 kernel-4.1.13-100.fc21 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-501493d853 libpng10-1.0.64-1.fc21 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-038912089d sundials-2.6.2-11.fc21 The following Fedora 21 Critical Path updates have yet to be approved: Age URL 104 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12402 gstreamer1-plugins-good-1.4.5-3.fc21 92 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13239 yum-3.4.3-154.fc21 83 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13877 libteam-1.18-1.fc21 82 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13805 tigervnc-1.5.0-2.fc21 82 https://bodhi.fedoraproject.org/updates/FEDORA-2015-90d3a9ce48 dracut-038-40.git20150819.fc21 82 https://bodhi.fedoraproject.org/updates/FEDORA-2015-37e78bb9af btrfs-progs-4.1.2-1.fc21 40 https://bodhi.fedoraproject.org/updates/FEDORA-2015-048e95ac1d thunderbird-38.3.0-1.fc21 40 https://bodhi.fedoraproject.org/updates/FEDORA-2015-ff9eaa3e01 device-mapper-multipath-0.4.9-68.fc21.6 36 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9e6a99b895 gnome-terminal-3.14.3-2.fc21 27 https://bodhi.fedoraproject.org/updates/FEDORA-2015-f01da0e4b8 spatialite-tools-4.2.0-15.fc21 sqlite-3.9.0-1.fc21 26 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6542ab6d3a libreport-2.3.0-10.fc21 abrt-2.3.0-12.fc21 17 https://bodhi.fedoraproject.org/updates/FEDORA-2015-311e897518 dnsmasq-2.75-2.fc21 17 https://bodhi.fedoraproject.org/updates/FEDORA-2015-830a68baaa createrepo_c-0.9.1-1.fc21 15 https://bodhi.fedoraproject.org/updates/FEDORA-2015-06f119f03c hwdata-0.283-1.fc21 11 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2a2f9442ac mingw-libwebp-0.4.4-1.fc21 libwebp-0.4.4-1.fc21 11 https://bodhi.fedoraproject.org/updates/FEDORA-2015-38c68e7875 linux-firmware-20151030-58.git66d3d8d7.fc21 11 https://bodhi.fedoraproject.org/updates/FEDORA-2015-607cc1b079 gdisk-1.0.1-1.fc21 9 https://bodhi.fedoraproject.org/updates/FEDORA-2015-cfea96144a wpa_supplicant-2.0-16.fc21 9 https://bodhi.fedoraproject.org/updates/FEDORA-2015-cd8384936c perl-Getopt-Long-2.48-1.fc21 8 https://bodhi.fedoraproject.org/updates/FEDORA-2015-315b5f87f0 vim-7.4.909-1.fc21 8 https://bodhi.fedoraproject.org/updates/FEDORA-2015-64068a1f08 crda-3.18_2015.10.22-1.fc21 7 https://bodhi.fedoraproject.org/updates/FEDORA-2015-0080239274 sudo-1.8.15-1.fc21 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-0f405832d3 libsndfile-1.0.25-16.fc21 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-0cef72c8c6 livecd-tools-21.7-1.fc21 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-200d2dfd9f krb5-1.12.2-19.fc21 1 https://bodhi.fedoraproject.org/updates/FEDORA-2015-bef3629320 perl-Carp-1.38-1.fc21 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-f2c534bc12 kernel-4.1.13-100.fc21 The following builds have been pushed to Fedora 21 updates-testing atari++-1.80-1.fc21 icecat-38.3.0-12.fc21 kernel-4.1.13-100.fc21 libpng10-1.0.64-1.fc21 sundials-2.6.2-11.fc21 uwsgi-2.0.11.2-1.fc21 zabbix-2.2.11-1.fc21 zanata-parent-25-1.fc21 Details about builds: ================================================================================ atari++-1.80-1.fc21 (FEDORA-2015-0cda1da5a8) Unix based emulator of the Atari eight bit computers -------------------------------------------------------------------------------- Update Information: - updated to version 1.80 - http://www.xl-project.com/news.html -------------------------------------------------------------------------------- References: [ 1 ] Bug #1279847 - atari++-1.80 is available https://bugzilla.redhat.com/show_bug.cgi?id=1279847 -------------------------------------------------------------------------------- ================================================================================ icecat-38.3.0-12.fc21 (FEDORA-2015-253113ed40) GNU version of Firefox browser -------------------------------------------------------------------------------- Update Information: icecat-38.3.0-12.fc23 - ARM neon support disabled on aarch64 icecat-38.3.0-12.fc21 - ARM neon support disabled on aarch64 icecat-38.3.0-12.fc22 - ARM neon support disabled on aarch64 -------------------------------------------------------------------------------- ================================================================================ kernel-4.1.13-100.fc21 (FEDORA-2015-f2c534bc12) The Linux kernel -------------------------------------------------------------------------------- Update Information: kernel-4.1.13-100.fc21 - Linux v4.1.13 - CVE-2015-8104 kvm: DoS infinite loop in microcode DB exception (rhbz 1278496 1279691) - CVE-2015-5307 kvm: DoS infinite loop in microcode AC exception (rhbz 1277172 1279688) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1276437 - CVE-2015-7990 kernel: Race condition when sending message on unbound socket causing NULL pointer dereference https://bugzilla.redhat.com/show_bug.cgi?id=1276437 [ 2 ] Bug #1271134 - CVE-2015-7799 kernel: net: slip: crash when using PPP character device driver https://bugzilla.redhat.com/show_bug.cgi?id=1271134 [ 3 ] Bug #1277172 - CVE-2015-5307 virt: guest to host DoS by triggering an infinite loop in microcode via #AC exception https://bugzilla.redhat.com/show_bug.cgi?id=1277172 [ 4 ] Bug #1278496 - CVE-2015-8104 virt: guest to host DoS by triggering an infinite loop in microcode via #DB exception https://bugzilla.redhat.com/show_bug.cgi?id=1278496 -------------------------------------------------------------------------------- ================================================================================ libpng10-1.0.64-1.fc21 (FEDORA-2015-501493d853) Old version of libpng, needed to run old binaries -------------------------------------------------------------------------------- Update Information: An out-of-bounds read in png_convert_to_rfc1123() in png.c could potentially be exploited by a crafted PNG file to leak information from an application's memory (CVE-2015-7981). Also includes various other small bug fixes as detailed in the package changelog. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1276416 - CVE-2015-7981 libpng: Out-of-bounds read in png_convert_to_rfc1123 https://bugzilla.redhat.com/show_bug.cgi?id=1276416 -------------------------------------------------------------------------------- ================================================================================ sundials-2.6.2-11.fc21 (FEDORA-2015-038912089d) Suite of nonlinear solvers -------------------------------------------------------------------------------- Update Information: sundials-2.6.2-11.fc23 - Fixes for EPEL7 - Set mpif77 only for OpenMPI < 1.17 (EPEL7) - Set mpifort for OpenMPI > 1.17 (Fedora) - Set LDFLAGS for EPEL7 - Hardened builds on <F23 - openmpi tests still crash/hang on i686 (Fedora 21) - Rebuilt on Fedora 21 sundials-2.6.2-11.fc21 - Fixes for EPEL7 - Set mpif77 only for OpenMPI < 1.17 (EPEL7) - Set mpifort for OpenMPI > 1.17 (Fedora) - Set LDFLAGS for EPEL7 - Hardened builds on <F23 - openmpi tests still crash/hang on i686 (Fedora 21) - Rebuilt on Fedora 21 sundials-2.6.2-11.fc22 - Fixes for EPEL7 - Set mpif77 only for OpenMPI < 1.17 (EPEL7) - Set mpifort for OpenMPI > 1.17 (Fedora) - Set LDFLAGS for EPEL7 - Hardened builds on <F23 - openmpi tests still crash/hang on i686 (Fedora 21) - Rebuilt on Fedora 21 sundials-2.6.2-11.el7 - Fixes for EPEL7 - Set mpif77 only for OpenMPI < 1.17 (EPEL7) - Set mpifort for OpenMPI > 1.17 (Fedora) - Set LDFLAGS for EPEL7 - Hardened builds on <F23 - openmpi tests still crash/hang on i686 (Fedora 21) - Rebuilt on Fedora 21 -------------------------------------------------------------------------------- ================================================================================ uwsgi-2.0.11.2-1.fc21 (FEDORA-2015-fcb5e9728b) Fast, self-healing, application container server -------------------------------------------------------------------------------- Update Information: With latest stable -------------------------------------------------------------------------------- ================================================================================ zabbix-2.2.11-1.fc21 (FEDORA-2015-23082895f8) Open-source monitoring solution for your IT infrastructure -------------------------------------------------------------------------------- Update Information: http://www.zabbix.com/rn2.2.11.php -------------------------------------------------------------------------------- ================================================================================ zanata-parent-25-1.fc21 (FEDORA-2015-1298900d8c) The Project Object Model(pom) files for the Zanata packages -------------------------------------------------------------------------------- Update Information: - Upstream update to 25. - RHEL uses resteasy-base-resteasy-pom instead. -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test