The following Fedora 22 Security updates need testing: Age URL 276 https://bodhi.fedoraproject.org/updates/FEDORA-2015-5878 echoping-6.1-0.beta.r434svn.1.fc22 225 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9185 ceph-deploy-1.5.25-1.fc22 157 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12781 python-kdcproxy-0.3.2-1.fc22 112 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16239 nagios-4.0.8-1.fc22 105 https://bodhi.fedoraproject.org/updates/FEDORA-2015-05490fc42d squid-3.4.13-3.fc22 100 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2d37e7dacf openstack-swift-2.2.0-6.fc22 98 https://bodhi.fedoraproject.org/updates/FEDORA-2015-3e4043f088 python-pymongo-3.0.3-1.fc22 76 https://bodhi.fedoraproject.org/updates/FEDORA-2015-de44abca87 ntp-4.2.6p5-34.fc22 69 https://bodhi.fedoraproject.org/updates/FEDORA-2015-0552500cd7 python-pygments-2.0.2-3.fc22 69 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9039c25f1d miniupnpc-1.9-6.fc22 52 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4 libpng-1.6.16-4.fc22 52 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6 libpng-1.6.16-5.fc22 45 https://bodhi.fedoraproject.org/updates/FEDORA-2015-8413bdd343 abrt-2.6.1-7.fc22 41 https://bodhi.fedoraproject.org/updates/FEDORA-2015-f683150aa0 thttpd-2.25b-36.fc22 33 https://bodhi.fedoraproject.org/updates/FEDORA-2015-3a5cebb105 ImageMagick-6.9.2.7-1.fc22 33 https://bodhi.fedoraproject.org/updates/FEDORA-2015-39522bb8c9 php-PHPMailer-5.2.14-1.fc22 24 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6efa349a85 subversion-1.8.15-1.fc22 23 https://bodhi.fedoraproject.org/updates/FEDORA-2015-0be7a2e1b8 libsndfile-1.0.25-18.fc22 19 https://bodhi.fedoraproject.org/updates/FEDORA-2015-b9e4c97ff1 sos-3.2-2.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f59b94c349 lighttpd-1.4.39-1.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8e13ac5754 nghttp2-1.6.0-1.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-51195e6b92 openvpn-2.3.10-1.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cbb76d0e3a pitivi-0.94-5.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-838200213e gajim-0.16.5-1.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8f950932c1 libxmp-4.3.10-1.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a6f02951a2 nodejs-ws-1.0.1-1.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-191ff70357 shotwell-0.23.0-0.1.20160105gitf2fb1f7.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5207e0c1a1 php-5.6.17-1.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4c8956da04 wordpress-4.4.1-1.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2ac04ea72f wireshark-1.12.9-1.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4a21ce89d3 rsync-3.1.1-7.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e289f41b76 prosody-0.9.9-1.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cf9e2429b5 radicale-1.1.1-1.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-890e612f52 qemu-2.3.1-10.fc22 The following Fedora 22 Critical Path updates have yet to be approved: Age URL 151 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13210 yum-3.4.3-508.fc22 137 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14218 xulrunner-40.0-1.fc22 69 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2123de044f libgphoto2-2.5.8-1.fc22 66 https://bodhi.fedoraproject.org/updates/FEDORA-2015-48f718ed1b vim-7.4.909-1.fc22 63 https://bodhi.fedoraproject.org/updates/FEDORA-2015-069fea7e6b livecd-tools-22.3-1.fc22 52 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6 libpng-1.6.16-5.fc22 52 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4 libpng-1.6.16-4.fc22 31 https://bodhi.fedoraproject.org/updates/FEDORA-2015-8083abc683 selinux-policy-3.13.1-128.22.fc22 23 https://bodhi.fedoraproject.org/updates/FEDORA-2015-0be7a2e1b8 libsndfile-1.0.25-18.fc22 14 https://bodhi.fedoraproject.org/updates/FEDORA-2015-95d1b16c34 libassuan-2.4.2-1.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5249975cd3 tigervnc-1.6.0-1.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-46b611abb8 httpd-2.4.18-1.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ff7a46f05f thunderbird-38.5.0-1.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-efc06edc85 NetworkManager-1.0.10-2.fc22 NetworkManager-fortisslvpn-1.0.8-1.fc22 NetworkManager-openconnect-1.0.8-1.fc22 NetworkManager-openswan-1.0.8-1.fc22 NetworkManager-openvpn-1.0.8-1.fc22 NetworkManager-vpnc-1.0.8-1.fc22 network-manager-applet-1.0.10-1.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d41031d2d0 grep-2.21-8.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8cde92e12a file-5.22-5.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-91d16b7dc4 krb5-1.13.2-11.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-46c1b30b79 librsvg2-2.40.13-1.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7365dd5df4 systemd-219-27.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d77e88459e breeze-icon-theme-5.18.0-1.fc22 extra-cmake-modules-5.18.0-1.fc22 kf5-5.18.0-1.fc22 kf5-attica-5.18.0-1.fc22 kf5-baloo-5.18.0-1.fc22 kf5-bluez-qt-5.18.0-1.fc22 kf5-frameworkintegration-5.18.0-1.fc22 kf5-kactivities-5.18.0-1.fc22 kf5-kapidox-5.18.0-1.fc22 kf5-karchive-5.18.0-1.fc22 kf5-kauth-5.18.0-1.fc22 kf5-kbookmarks-5.18.0-1.fc22 kf5-kcmutils-5.18.0-1.fc22 kf5-kcodecs-5.18.0-1.fc22 kf5-kcompletion-5.18.0-1.fc22 kf5-kconfig-5.18.0-1.fc22 kf5-kconfigwidgets-5.18.0-1.fc22 kf5-kcoreaddons-5.18.0-1.fc22 kf5-kcrash-5.18.0-1.fc22 kf5-kdbusaddons-5.18.0-1.fc22 kf5-kdeclarative-5.18.0-1.fc22 kf5-kded-5.18.0-1.fc22 kf5-kdelibs4support-5.18.0-1.fc22 kf5-kdesignerplugin-5.18.0-1.fc22 kf5-kdesu-5.18.0-1.fc22 kf5-kdewebkit-5.18.0-1.fc22 kf5-kdnssd-5.18.0-1.fc22 kf5-kdoctools-5.18.0-1.fc22 kf5-kemoticons-5.18.0-1.fc22 kf5-kfilemetadata-5.18.0-1.fc22 kf5-kglobalaccel-5.18.0-1.fc22 kf5-kguiaddons-5.18.0-1.fc22 kf5-khtml -5.18.0- 1.fc22 kf5-ki18n-5.18.0-1.fc22 kf5-kiconthemes-5.18.0-1.fc22 kf5-kidletime-5.18.0-1.fc22 kf5-kimageformats-5.18.0-1.fc22 kf5-kinit-5.18.0-1.fc22 kf5-kio-5.18.0-1.fc22 kf5-kitemmodels-5.18.0-1.fc22 kf5-kitemviews-5.18.0-1.fc22 kf5-kjobwidgets-5.18.0-1.fc22 kf5-kjs-5.18.0-1.fc22 kf5-kjsembed-5.18.0-1.fc22 kf5-kmediaplayer-5.18.0-1.fc22 kf5-knewstuff-5.18.0-1.fc22 kf5-knotifications-5.18.0-1.fc22 kf5-knotifyconfig-5.18.0-1.fc22 kf5-kpackage-5.18.0-1.fc22 kf5-kparts-5.18.0-1.fc22 kf5-kpeople-5.18.0-1.fc22 kf5-kplotting-5.18.0-1.fc22 kf5-kpty-5.18.0-1.fc22 kf5-kross-5.18.0-1.fc22 kf5-krunner-5.18.0-1.fc22 kf5-kservice-5.18.0-1.fc22 kf5-ktexteditor-5.18.0-1.fc22 kf5-ktextwidgets-5.18.0-1.fc22 kf5-kunitconversion-5.18.0-1.fc22 kf5-kwallet-5.18.0-2.fc22 kf5-kwidgetsaddons-5.18.0-1.fc22 kf5-kwindowsystem-5.18.0-1.fc22 kf5-kxmlgui-5.18.0-1.fc22 kf5-kxmlrpcclient-5.18.0-1.fc22 kf5-modemmanager-qt-5.18.0-1.fc22 kf5-networkmanager-qt-5.18.0-2.fc22 kf5-plasma-5.18.0-1.fc22 kf5-solid-5.18. 0-1.fc22 kf5-sonnet-5.18.0-1.fc22 kf5-threadweaver-5.18.0-1.fc22 oxygen-icon-theme-5.18.0-1.fc22 The following builds have been pushed to Fedora 22 updates-testing awscli-1.9.16-1.fc22 enki-15.11.0-2.fc22 kanatest-0.4.8-16.fc22 kde-connect-0.9-4.fc22 marsshooter-0.7.6-1.fc22 mbedtls-1.3.16-1.fc22 perl-WWW-Shorten-3.08-1.fc22 php-JsonSchema-1.6.0-1.fc22 php-pear-HTTP-OAuth-0.3.2-1.fc22 qemu-2.3.1-10.fc22 radicale-1.1.1-1.fc22 xflr5-6.12-1.fc22 yash-2.40-1.fc22 Details about builds: ================================================================================ awscli-1.9.16-1.fc22 (FEDORA-2016-4acc3fd114) Universal Command Line Environment for AWS -------------------------------------------------------------------------------- Update Information: First version -------------------------------------------------------------------------------- ================================================================================ enki-15.11.0-2.fc22 (FEDORA-2016-f154dc4371) Text editor for programmers -------------------------------------------------------------------------------- Update Information: obsoletes plugins subpackage, fixes functionality of menu -------------------------------------------------------------------------------- References: [ 1 ] Bug #1292724 - Enki not usable without plugins https://bugzilla.redhat.com/show_bug.cgi?id=1292724 [ 2 ] Bug #1281876 - Review Request: enki - Extensible text editor for programmers https://bugzilla.redhat.com/show_bug.cgi?id=1281876 -------------------------------------------------------------------------------- ================================================================================ kanatest-0.4.8-16.fc22 (FEDORA-2016-387e0a9b41) Hiragana and Katakana drill tool -------------------------------------------------------------------------------- Update Information: Build kanatest on F-22, also backport some fixes from F-23 -------------------------------------------------------------------------------- ================================================================================ kde-connect-0.9-4.fc22 (FEDORA-2016-543ab1ad88) KDE Connect client for communication with smartphones -------------------------------------------------------------------------------- Update Information: New kdeconnect-0.9g release -------------------------------------------------------------------------------- ================================================================================ marsshooter-0.7.6-1.fc22 (FEDORA-2016-14e3287fc2) M.A.R.S. - A Ridiculous Shooter -------------------------------------------------------------------------------- Update Information: - Switch to new upstream: https://github.com/jwrdegoede/M.A.R.S. - Update to 0.7.6 release: - Replace a few non-free fonts and sound files which accidentally slipped in with free alternatives - Add appdata -------------------------------------------------------------------------------- ================================================================================ mbedtls-1.3.16-1.fc22 (FEDORA-2016-11cca392ff) Light-weight cryptographic and SSL/TLS library -------------------------------------------------------------------------------- Update Information: - Update to 1.3.16 Release notes: https://tls.mbed.org/tech- updates/releases/mbedtls-2.2.1-2.1.4-1.3.16-and-polarssl.1.2.19-released -------------------------------------------------------------------------------- ================================================================================ perl-WWW-Shorten-3.08-1.fc22 (FEDORA-2016-89f95689d6) Interface to URL shortening sites -------------------------------------------------------------------------------- Update Information: Upgrade to 3.08 (bz#1296197) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1296197 - Upgrade perl-WWW-Shorten to 3.08 https://bugzilla.redhat.com/show_bug.cgi?id=1296197 -------------------------------------------------------------------------------- ================================================================================ php-JsonSchema-1.6.0-1.fc22 (FEDORA-2016-d1f51e40fc) PHP implementation of JSON schema -------------------------------------------------------------------------------- Update Information: **Version1.6.0** * 142 Optional extra arguments for custom error messages * 143 Add constraint factory * 192 Create .gitattributes * 194 bugfix: patternProperties raised errors when the pattern has slashes * 202 Fix CollectionConstraint to allow uniqueItems to be false * 204 Fix path output for required properties * 206 An email is a string, not much else. * 207 Fix non-6 digit microsecond date time formats * 209 RefResolver::$depth restoration after JsonDecodingException **Version1.5.0** * 182 Fix #93 ($ref to local definition not working) -------------------------------------------------------------------------------- ================================================================================ php-pear-HTTP-OAuth-0.3.2-1.fc22 (FEDORA-2016-65fd7a172e) Implementation of the OAuth spec -------------------------------------------------------------------------------- Update Information: **Version 0.3.2** * Fixed PEAR#20426. Authorization header values parsed incorrectly * Added composer support. -------------------------------------------------------------------------------- ================================================================================ qemu-2.3.1-10.fc22 (FEDORA-2016-890e612f52) QEMU is a FAST! processor emulator -------------------------------------------------------------------------------- Update Information: * CVE-2015-7549: pci: null pointer dereference issue (bz #1291138) * CVE-2015-8558: DoS by infinite loop in ehci_advance_state (bz #1291309) * CVE-2015-8666: Heap-based buffer overrun during VM migration (bz #1294027) * CVE-2015-8744: vmxnet3: fix crash with short packets (bz #1295440) * CVE-2015-8745: vmxnet3: don't assert reading registers in bar0 (bz #1295442) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1291137 - CVE-2015-7549 Qemu: pci: null pointer dereference issue https://bugzilla.redhat.com/show_bug.cgi?id=1291137 [ 2 ] Bug #1277983 - CVE-2015-8558 Qemu: usb: infinite loop in ehci_advance_state results in DoS https://bugzilla.redhat.com/show_bug.cgi?id=1277983 [ 3 ] Bug #1283722 - CVE-2015-8666 Qemu: acpi: heap based buffer overrun during VM migration https://bugzilla.redhat.com/show_bug.cgi?id=1283722 [ 4 ] Bug #1270871 - CVE-2015-8744 Qemu: net: vmxnet3: incorrect l2 header validation leads to a crash via assert(2) call https://bugzilla.redhat.com/show_bug.cgi?id=1270871 [ 5 ] Bug #1270876 - CVE-2015-8745 Qemu: net: vmxnet3: reading IMR registers leads to a crash via assert(2) call https://bugzilla.redhat.com/show_bug.cgi?id=1270876 -------------------------------------------------------------------------------- ================================================================================ radicale-1.1.1-1.fc22 (FEDORA-2016-cf9e2429b5) A simple CalDAV (calendar) and CardDAV (contact) server -------------------------------------------------------------------------------- Update Information: Version 1.1.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1295836 - CVE-2015-8747 CVE-2015-8748 radicale: Multiple security issues fixed in 1.1 https://bugzilla.redhat.com/show_bug.cgi?id=1295836 -------------------------------------------------------------------------------- ================================================================================ xflr5-6.12-1.fc22 (FEDORA-2016-720dec2f42) Analysis tool for airfoils, wings and planes -------------------------------------------------------------------------------- Update Information: Update to version 6.12, see http://sourceforge.net/projects/xflr5/files/6.12/ReleaseNotes.txt for details. -------------------------------------------------------------------------------- ================================================================================ yash-2.40-1.fc22 (FEDORA-2016-dafb6f6776) Yet Another SHell -------------------------------------------------------------------------------- Update Information: New version 2.40 is released. -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: http://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
