The following Fedora 22 Security updates need testing: Age URL 250 https://bodhi.fedoraproject.org/updates/FEDORA-2015-5878 echoping-6.1-0.beta.r434svn.1.fc22 199 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9185 ceph-deploy-1.5.25-1.fc22 132 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12781 python-kdcproxy-0.3.2-1.fc22 116 https://bodhi.fedoraproject.org/updates/FEDORA-2015-1aee5e6f0b conntrack-tools-1.4.2-9.fc22 86 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16239 nagios-4.0.8-1.fc22 80 https://bodhi.fedoraproject.org/updates/FEDORA-2015-05490fc42d squid-3.4.13-3.fc22 80 https://bodhi.fedoraproject.org/updates/FEDORA-2015-be2c11d456 subversion-1.8.14-1.fc22 75 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2d37e7dacf openstack-swift-2.2.0-6.fc22 73 https://bodhi.fedoraproject.org/updates/FEDORA-2015-3e4043f088 python-pymongo-3.0.3-1.fc22 50 https://bodhi.fedoraproject.org/updates/FEDORA-2015-de44abca87 ntp-4.2.6p5-34.fc22 44 https://bodhi.fedoraproject.org/updates/FEDORA-2015-0552500cd7 python-pygments-2.0.2-3.fc22 44 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9039c25f1d miniupnpc-1.9-6.fc22 27 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4 libpng-1.6.16-4.fc22 27 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6 libpng-1.6.16-5.fc22 20 https://bodhi.fedoraproject.org/updates/FEDORA-2015-8413bdd343 abrt-2.6.1-7.fc22 18 https://bodhi.fedoraproject.org/updates/FEDORA-2015-89468612f5 jenkins-1.609.3-4.fc22 16 https://bodhi.fedoraproject.org/updates/FEDORA-2015-f683150aa0 thttpd-2.25b-36.fc22 12 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6d64c257cf thunderbird-38.4.0-1.fc22 11 https://bodhi.fedoraproject.org/updates/FEDORA-2015-3461e976cb libpng10-1.0.65-1.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2015-d5cc306730 p7zip-15.09-4.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2015-3a5cebb105 ImageMagick-6.9.2.7-1.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2015-39522bb8c9 php-PHPMailer-5.2.14-1.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2015-020f4b9400 xsupplicant-2.2.0-13.fc22 7 https://bodhi.fedoraproject.org/updates/FEDORA-2015-686f289aa5 qemu-2.3.1-8.fc22 7 https://bodhi.fedoraproject.org/updates/FEDORA-2015-233750b6ab libpng15-1.5.25-1.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-b406a8e4f2 qemu-2.3.1-9.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-8dd01b09a9 arts-1.5.10-30.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2f4b92ed2e kdelibs3-3.5.10-71.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-08e4af5a20 xen-4.5.2-5.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-90c27b6e91 grub2-2.02-0.18.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-463143720f shellinabox-2.19-1.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-20df66892b gwenhywfar-4.13.1-5.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7ca4368b0c activemq-5.6.0-14.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-998911cf3f cups-filters-1.4.0-1.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-8b6882339c nodejs-handlebars-4.0.5-1.fc22 The following Fedora 22 Critical Path updates have yet to be approved: Age URL 126 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13210 yum-3.4.3-508.fc22 111 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14218 xulrunner-40.0-1.fc22 44 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2123de044f libgphoto2-2.5.8-1.fc22 41 https://bodhi.fedoraproject.org/updates/FEDORA-2015-48f718ed1b vim-7.4.909-1.fc22 38 https://bodhi.fedoraproject.org/updates/FEDORA-2015-069fea7e6b livecd-tools-22.3-1.fc22 27 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6 libpng-1.6.16-5.fc22 27 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4 libpng-1.6.16-4.fc22 27 https://bodhi.fedoraproject.org/updates/FEDORA-2015-82b7665427 koji-1.10.1-1.fc22 20 https://bodhi.fedoraproject.org/updates/FEDORA-2015-efc06edc85 NetworkManager-vpnc-1.0.8-1.fc22 NetworkManager-openconnect-1.0.8-1.fc22 NetworkManager-openvpn-1.0.8-1.fc22 NetworkManager-openswan-1.0.8-1.fc22 NetworkManager-fortisslvpn-1.0.8-1.fc22 NetworkManager-1.0.8-1.fc22 12 https://bodhi.fedoraproject.org/updates/FEDORA-2015-f194dc9900 librsvg2-2.40.12-1.fc22 12 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6d64c257cf thunderbird-38.4.0-1.fc22 10 https://bodhi.fedoraproject.org/updates/FEDORA-2015-4daef06c07 nautilus-3.16.3-1.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2015-f03bcc3731 perl-libwww-perl-6.15-1.fc22 7 https://bodhi.fedoraproject.org/updates/FEDORA-2015-1b2b67ac30 gnome-online-accounts-3.16.5-1.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-3c934e07c3 kdelibs-4.14.14-4.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-8083abc683 selinux-policy-3.13.1-128.22.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-d68f8a1cba lua-5.3.2-2.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-c2041fe5a6 gtk2-2.24.29-1.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-1c93bbd1a7 sqlite-3.9.0-2.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-473007accf util-linux-2.26.2-4.fc22 The following builds have been pushed to Fedora 22 updates-testing activemq-5.6.0-14.fc22 cups-filters-1.4.0-1.fc22 emerald-0.8.9-2.fc22 gambas3-3.8.4-1.fc22 jpnevulator-2.3.1-1.fc22 libinput-1.1.3-1.fc22 lis-1.5.59-1.fc22 nodejs-base64-url-1.2.1-2.fc22 nodejs-builtin-modules-1.1.0-1.fc22 nodejs-dashdash-1.10.1-1.fc22 nodejs-escape-string-regexp-1.0.3-2.fc22 nodejs-fd-0.0.2-1.fc22 nodejs-fd-0.0.2-2.fc22 nodejs-graceful-readlink-1.0.1-1.fc22 nodejs-handlebars-4.0.5-1.fc22 nodejs-has-ansi-2.0.0-1.fc22 nodejs-inherit-2.2.2-2.fc22 nodejs-rndm-1.2.0-1.fc22 perl-App-FatPacker-0.010005-1.fc22 perl-CPAN-2.05-310.fc22 perl-File-BOM-0.15-1.fc22 php-solarium-3.5.0-1.fc22 python-parse_type-0.3.4-5.fc22 rabbitmq-server-3.5.7-1.fc22 skylable-sx-2.0-1.fc22 sysreporter-3.0.0-0.1.alpha3.fc22 tintin-2.01.1-3.fc22 uwsgi-2.0.11.2-7.fc22 vagrant-registration-1.1.0-2.fc22 wine-1.8-0.2.fc22 Details about builds: ================================================================================ activemq-5.6.0-14.fc22 (FEDORA-2015-7ca4368b0c) Open source messaging and Integration Patterns server -------------------------------------------------------------------------------- Update Information: fix for CVE-2015-5254 (rhbz#1291292,1291293) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1291292 - CVE-2015-5254 activemq: unsafe deserialization https://bugzilla.redhat.com/show_bug.cgi?id=1291292 -------------------------------------------------------------------------------- ================================================================================ cups-filters-1.4.0-1.fc22 (FEDORA-2015-998911cf3f) OpenPrinting CUPS filters and backends -------------------------------------------------------------------------------- Update Information: Fixes CVE-2015-8560 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1291227 - CVE-2015-8560 cups-filters: foomatic-rip did not consider semicolon as illegal shell escape character https://bugzilla.redhat.com/show_bug.cgi?id=1291227 -------------------------------------------------------------------------------- ================================================================================ emerald-0.8.9-2.fc22 (FEDORA-2015-a0553d3989) Themeable window decorator and compositing manager for Compiz -------------------------------------------------------------------------------- Update Information: - fix rhbz (#1291897) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1291897 - install of compiz-xfce conflicts with emerald https://bugzilla.redhat.com/show_bug.cgi?id=1291897 -------------------------------------------------------------------------------- ================================================================================ gambas3-3.8.4-1.fc22 (FEDORA-2015-9fe0467f18) IDE based on a basic interpreter with object extensions -------------------------------------------------------------------------------- Update Information: Update to 3.8.4 -------------------------------------------------------------------------------- ================================================================================ jpnevulator-2.3.1-1.fc22 (FEDORA-2015-cc110e5be4) Serial line sniffer including very simple terminal emulator -------------------------------------------------------------------------------- Update Information: This is new version of jpnevulator. For details see upstream news: https://jpnevulator.snarl.nl/ -------------------------------------------------------------------------------- References: [ 1 ] Bug #1291672 - jpnevulator-2.3.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1291672 -------------------------------------------------------------------------------- ================================================================================ libinput-1.1.3-1.fc22 (FEDORA-2015-b8f71b31d1) Input device library -------------------------------------------------------------------------------- Update Information: libinput 1.1.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1264453 - Thinkpad X220 touchpad movement is jumpy and extremely imprecise https://bugzilla.redhat.com/show_bug.cgi?id=1264453 -------------------------------------------------------------------------------- ================================================================================ lis-1.5.59-1.fc22 (FEDORA-2015-a7a4006f27) A library for solving linear equations and eigenvalue problems -------------------------------------------------------------------------------- Update Information: Update to 1.5.59 -------------------------------------------------------------------------------- ================================================================================ nodejs-base64-url-1.2.1-2.fc22 (FEDORA-2015-ac036635fe) Base64 encode, decode, escape and unescape for URL applications -------------------------------------------------------------------------------- Update Information: Use versioned test instead of hash, and remove test.js from installed files -------------------------------------------------------------------------------- References: [ 1 ] Bug #1278152 - Review Request: nodejs-base64-url - Base64 utilities for url applications https://bugzilla.redhat.com/show_bug.cgi?id=1278152 -------------------------------------------------------------------------------- ================================================================================ nodejs-builtin-modules-1.1.0-1.fc22 (FEDORA-2015-790bd52db0) List of the Node.js builtin modules -------------------------------------------------------------------------------- Update Information: Initial packaging -------------------------------------------------------------------------------- References: [ 1 ] Bug #1291353 - Review Request: nodejs-builtin-modules - List of the Node.js builtin modules https://bugzilla.redhat.com/show_bug.cgi?id=1291353 -------------------------------------------------------------------------------- ================================================================================ nodejs-dashdash-1.10.1-1.fc22 (FEDORA-2015-04da2c30bd) A light, featureful and explicit option parsing library for node.js -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1291076 - Review Request: nodejs-dashdash - A light, featureful and explicit option parsing library for node.js https://bugzilla.redhat.com/show_bug.cgi?id=1291076 -------------------------------------------------------------------------------- ================================================================================ nodejs-escape-string-regexp-1.0.3-2.fc22 (FEDORA-2015-7bf11a2625) Escape RegExp special characters -------------------------------------------------------------------------------- Update Information: Initial packaging -------------------------------------------------------------------------------- References: [ 1 ] Bug #1291364 - Review Request: nodejs-escape-string-regexp - Escape RegExp special characters https://bugzilla.redhat.com/show_bug.cgi?id=1291364 -------------------------------------------------------------------------------- ================================================================================ nodejs-fd-0.0.2-1.fc22 (FEDORA-2015-25950482e7) File descriptor manager for Node.js -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1258222 - Review Request: nodejs-fd - File descriptor manager for Node.js https://bugzilla.redhat.com/show_bug.cgi?id=1258222 -------------------------------------------------------------------------------- ================================================================================ nodejs-fd-0.0.2-2.fc22 (FEDORA-2015-6b847c09fb) File descriptor manager for Node.js -------------------------------------------------------------------------------- Update Information: Increase timeout in check for slow arm builders -------------------------------------------------------------------------------- References: [ 1 ] Bug #1258222 - Review Request: nodejs-fd - File descriptor manager for Node.js https://bugzilla.redhat.com/show_bug.cgi?id=1258222 -------------------------------------------------------------------------------- ================================================================================ nodejs-graceful-readlink-1.0.1-1.fc22 (FEDORA-2015-857ef4239e) The graceful fs.readlink functionality -------------------------------------------------------------------------------- Update Information: Initial packaging -------------------------------------------------------------------------------- References: [ 1 ] Bug #1291390 - Review Request: nodejs-graceful-readlink - The graceful fs.readlink functionality https://bugzilla.redhat.com/show_bug.cgi?id=1291390 -------------------------------------------------------------------------------- ================================================================================ nodejs-handlebars-4.0.5-1.fc22 (FEDORA-2015-8b6882339c) Mustache extension for Node.js -------------------------------------------------------------------------------- Update Information: Security fix for nodejs-handlebars: mustache: handlebars: Quoteless Attributes in Templates can lead to Content Injection ---- New upstream release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1291742 - mustache: handlebars: Quoteless Attributes in Templates can lead to Content Injection https://bugzilla.redhat.com/show_bug.cgi?id=1291742 -------------------------------------------------------------------------------- ================================================================================ nodejs-has-ansi-2.0.0-1.fc22 (FEDORA-2015-556e5184f4) Check if a string has ANSI escape codes -------------------------------------------------------------------------------- Update Information: Initial packaging -------------------------------------------------------------------------------- References: [ 1 ] Bug #1291391 - Review Request: nodejs-has-ansi - Check if a string has ANSI escape codes https://bugzilla.redhat.com/show_bug.cgi?id=1291391 -------------------------------------------------------------------------------- ================================================================================ nodejs-inherit-2.2.2-2.fc22 (FEDORA-2015-d52974f4af) Inheritance module for Node.js and browsers -------------------------------------------------------------------------------- Update Information: Initial packaging -------------------------------------------------------------------------------- References: [ 1 ] Bug #1291400 - Review Request: nodejs-inherit - Inheritance module for Node.js and browsers https://bugzilla.redhat.com/show_bug.cgi?id=1291400 -------------------------------------------------------------------------------- ================================================================================ nodejs-rndm-1.2.0-1.fc22 (FEDORA-2015-5cc7bb191b) Random string generator -------------------------------------------------------------------------------- Update Information: Initial packaging -------------------------------------------------------------------------------- References: [ 1 ] Bug #1278150 - Review Request: nodejs-rndm - Random string generator https://bugzilla.redhat.com/show_bug.cgi?id=1278150 -------------------------------------------------------------------------------- ================================================================================ perl-App-FatPacker-0.010005-1.fc22 (FEDORA-2015-80d197d4e6) Pack dependencies onto a script file -------------------------------------------------------------------------------- Update Information: This release fixes compatibility with Perl 5.6 and corrects build metadata. -------------------------------------------------------------------------------- ================================================================================ perl-CPAN-2.05-310.fc22 (FEDORA-2015-63a85875e6) Query, download and build perl modules from CPAN sites -------------------------------------------------------------------------------- Update Information: This release adds dependency on make because it's needed when building ExtUtils ::MakeMaker-driven distributions. -------------------------------------------------------------------------------- ================================================================================ perl-File-BOM-0.15-1.fc22 (FEDORA-2015-4d36da9e50) Utilities for handling Byte Order Marks -------------------------------------------------------------------------------- Update Information: A new version of File::BOM is available. This release fixes documentation spelling errors. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1291662 - perl-File-BOM-0.15 is available https://bugzilla.redhat.com/show_bug.cgi?id=1291662 -------------------------------------------------------------------------------- ================================================================================ php-solarium-3.5.0-1.fc22 (FEDORA-2015-12caf0baa0) Solarium PHP Solr client library -------------------------------------------------------------------------------- Update Information: **Version 3.5.0** - 2015-12-09 - improvement: lots of code style fixes - improvement: refactored 'base' plugin class to AbstractPlugin - improvement: removed old PHP environments for Travis, added PHP7 - improvement: set license to a valid SPDX license identifier - bugfix: PHAR generator updated to support namespacing - bugfix: Collations broken for Solr 5 data format - added: Make it possible to bypass (system-wide) proxy setting in Curl adapter - improvement: Added SensioLabs Insight (including lots of fixed in the code based on report) - added: ClientInterface - improvement: Set hard paths in .gitignore to prevent tree lookups - added: Support for facet.contains settings - improvement: updated Symfony event dispatcher dependency to a maintained version - added: docs in repository (markdown format) -------------------------------------------------------------------------------- ================================================================================ python-parse_type-0.3.4-5.fc22 (FEDORA-2015-f373c3f64c) Simplifies to build parse types based on the parse module -------------------------------------------------------------------------------- Update Information: Remove unnecessary dependency on python-enum34 for python3 (#1286457) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1286457 - python3-parse_type requires python3-enum34, but enum is built into python3 https://bugzilla.redhat.com/show_bug.cgi?id=1286457 -------------------------------------------------------------------------------- ================================================================================ rabbitmq-server-3.5.7-1.fc22 (FEDORA-2015-ed8f063e6f) The RabbitMQ server -------------------------------------------------------------------------------- Update Information: * Ver. 3.5.7 -------------------------------------------------------------------------------- ================================================================================ skylable-sx-2.0-1.fc22 (FEDORA-2015-11751c65a9) A reliable and scalable storage cluster -------------------------------------------------------------------------------- Update Information: new upstream release SX 2.0 -------------------------------------------------------------------------------- ================================================================================ sysreporter-3.0.0-0.1.alpha3.fc22 (FEDORA-2015-fdc485236d) Basic system reporter with emailing -------------------------------------------------------------------------------- Update Information: Initial build of sysreporter -------------------------------------------------------------------------------- References: [ 1 ] Bug #1291459 - Review Request: sysreporter - Basic system reporter with emailing https://bugzilla.redhat.com/show_bug.cgi?id=1291459 -------------------------------------------------------------------------------- ================================================================================ tintin-2.01.1-3.fc22 (FEDORA-2015-e1eb4ca217) TinTin++, aka tt++, is a free MUD client -------------------------------------------------------------------------------- Update Information: This update enables GnuTLS support in Fedora's tintin++. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1291508 - tintin is not compiled with gnutls. https://bugzilla.redhat.com/show_bug.cgi?id=1291508 -------------------------------------------------------------------------------- ================================================================================ uwsgi-2.0.11.2-7.fc22 (FEDORA-2015-2fdab81a7a) Fast, self-healing, application container server -------------------------------------------------------------------------------- Update Information: Adding source to -devel package ---- Latest stable -------------------------------------------------------------------------------- ================================================================================ vagrant-registration-1.1.0-2.fc22 (FEDORA-2015-c98e2f7c62) Automatic guest registration for Vagrant -------------------------------------------------------------------------------- Update Information: Update to 1.1.0 -------------------------------------------------------------------------------- ================================================================================ wine-1.8-0.2.fc22 (FEDORA-2015-6306d811b5) A compatibility layer for windows applications -------------------------------------------------------------------------------- Update Information: **Wine 1.8-rc4** Enabled compiler optimizations since GCC 5.3 claims to fix the issues introduced in GCC 5.0. Please test every app you can to verify that compiler optimizations have not broken anything. **Wine 1.8-rc3** Bug fixes. Code freeze, working towards 1.8 release. -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: http://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
