The following Fedora 22 Security updates need testing: Age URL 330 https://bodhi.fedoraproject.org/updates/FEDORA-2015-5878 echoping-6.1-0.beta.r434svn.1.fc22 279 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9185 ceph-deploy-1.5.25-1.fc22 212 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12781 python-kdcproxy-0.3.2-1.fc22 166 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16239 nagios-4.0.8-1.fc22 160 https://bodhi.fedoraproject.org/updates/FEDORA-2015-05490fc42d squid-3.4.13-3.fc22 155 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2d37e7dacf openstack-swift-2.2.0-6.fc22 124 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9039c25f1d miniupnpc-1.9-6.fc22 106 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4 libpng-1.6.16-4.fc22 106 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6 libpng-1.6.16-5.fc22 88 https://bodhi.fedoraproject.org/updates/FEDORA-2015-3a5cebb105 ImageMagick-6.9.2.7-1.fc22 73 https://bodhi.fedoraproject.org/updates/FEDORA-2015-b9e4c97ff1 sos-3.2-2.fc22 47 https://bodhi.fedoraproject.org/updates/FEDORA-2015-f683150aa0 thttpd-2.25b-37.fc22 35 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4c57c232c0 xulrunner-44.0-1.fc22 23 https://bodhi.fedoraproject.org/updates/FEDORA-2016-560802e52b xdelta-3.0.7-7.fc22 18 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0609474cf6 389-ds-base-1.3.4.8-1.fc22 18 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5cb344dd7e community-mysql-5.6.29-1.fc22 18 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e21be93421 gummi-0.6.6-1.fc22 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-24d134e494 mingw-nsis-2.50-1.fc22 10 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7942ee2cc5 libssh2-1.5.0-2.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-dc9e8da03c libssh-0.7.3-1.fc22 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-266406ab92 drupal6-6.38-1.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-45d4920315 drupal7-7.43-1.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ffffab2aa9 libmodbus-3.0.6-1.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f8121efdac xen-4.5.2-8.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b19c75d748 tomcat-7.0.68-2.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f5af8e27ce pcre-8.38-3.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-338a7e9925 graphite2-1.3.6-1.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ff39572e31 exiv2-0.24-5.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0a1a2dd98d php-htmLawed-1.1.21-1.fc22 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e6807b3394 openssl-1.0.1k-14.fc22 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8c470e191b python-django-1.8.10-1.fc22 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1fb63e3bf3 perl-5.20.3-329.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-baa32758d0 php-5.6.19-1.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0e3ca94d88 exim-4.85.2-1.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0f490eea10 jenkins-1.609.3-6.fc22 jenkins-remoting-2.53.3-1.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-11537160e9 websvn-2.3.3-12.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7f334957cc hamster-time-tracker-2.0-0.5.rc1.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-02ee5b4002 php-udan11-sql-parser-3.4.0-1.fc22 phpMyAdmin-4.5.5.1-1.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3cbe9ad765 python-pygments-2.1.3-1.fc22 The following Fedora 22 Critical Path updates have yet to be approved: Age URL 205 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13210 yum-3.4.3-508.fc22 124 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2123de044f libgphoto2-2.5.8-1.fc22 120 https://bodhi.fedoraproject.org/updates/FEDORA-2015-48f718ed1b vim-7.4.909-1.fc22 106 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6 libpng-1.6.16-5.fc22 106 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4 libpng-1.6.16-4.fc22 60 https://bodhi.fedoraproject.org/updates/FEDORA-2016-46b611abb8 httpd-2.4.18-1.fc22 35 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4c57c232c0 xulrunner-44.0-1.fc22 30 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d3fce30d64 mobile-broadband-provider-info-1.20151214-1.fc22 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ce419c9cab selinux-policy-3.13.1-128.28.fc22 10 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0ac4553914 gvfs-1.24.3-1.fc22 10 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7942ee2cc5 libssh2-1.5.0-2.fc22 10 https://bodhi.fedoraproject.org/updates/FEDORA-2016-636c7a6056 gamin-0.1.10-22.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-dc9e8da03c libssh-0.7.3-1.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a5317e8cfe thunderbird-38.6.0-3.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b37af739e7 spatialite-tools-4.2.0-20.fc22 sqlite-3.11.0-2.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ff39572e31 exiv2-0.24-5.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3b03252507 rpm-4.12.0.1-16.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f5af8e27ce pcre-8.38-3.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a4155fbf34 sendmail-8.15.2-2.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9f7a319b77 pcmanfm-1.2.4-1.fc22 libfm-1.2.4-1.fc22 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a5ac55135e nspr-4.12.0-1.fc22 nss-util-3.22.2-1.0.fc22 nss-softokn-3.22.2-1.0.fc22 nss-3.22.2-1.0.fc22 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f9789605ac NetworkManager-1.0.10-3.fc22 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1fb63e3bf3 perl-5.20.3-329.fc22 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c0444d26e4 sqlite-3.11.0-3.fc22 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e6807b3394 openssl-1.0.1k-14.fc22 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-706c28d619 koji-1.10.1-3.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-bf56b612e9 libbluray-0.9.2-1.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4d5434d82f parted-3.2-16.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a9098ffb04 glibc-2.21-13.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-71be756bbe xfsprogs-4.3.0-1.fc22 The following builds have been pushed to Fedora 22 updates-testing am-utils-6.2.0-12.fc22 bugyou_plugins-0.1.1-1.fc22 cdsclient-3.83-1.fc22 composer-1.0.0-0.21.beta1.fc22 davix-0.6.0-1.fc22 fedfind-2.1.1-1.fc22 fedmsg-0.16.4-1.fc22 hamster-time-tracker-2.0-0.5.rc1.fc22 libpwiz-3.0.9393-1.fc22 mMass-5.5.0-17.fc22 mysqltuner-1.6.0-3.git.a154701.fc22 perl-Test-File-Contents-0.22-1.fc22 php-udan11-sql-parser-3.4.0-1.fc22 phpMyAdmin-4.5.5.1-1.fc22 python-bugzilla2fedmsg-0.3.0-1.fc22 python-cached_property-1.3.0-4.fc22 python-gssapi-1.2.0-1.fc22 python-libcnml-0.9.4-1.fc22 python-pygments-2.1.3-1.fc22 python-wikitcms-2.0.0-1.fc22 relval-2.0.2-1.fc22 xfsprogs-4.3.0-1.fc22 zathura-cb-0.1.5-2.fc22 zathura-djvu-0.2.5-1.fc22 zathura-ps-0.2.3-1.fc22 Details about builds: ================================================================================ am-utils-6.2.0-12.fc22 (FEDORA-2016-1595b03675) Automount utilities including an updated version of Amd -------------------------------------------------------------------------------- Update Information: - fix Linux NFS recognition of umounts. - add systemd dependency on nfs- lock.service. - add get_nfs_xprt() and put_nfs_xprt() functions. - use new get_nfs_xprt() and put_nfs_xprt() functions. - add NFSv3 nfs_quick_reply() functionality. - add NFSv3 rpc request validation. - fix wcc attr usage in unlink3_or_rmdir3(). - use Linux libtirpc if present. -------------------------------------------------------------------------------- ================================================================================ bugyou_plugins-0.1.1-1.fc22 (FEDORA-2016-6d6d30f393) Plugins for Bugyou -------------------------------------------------------------------------------- Update Information: Update setup.py script, remove sample configuration files ---- Add missing dependency, python-libpagure ---- Initial packaging. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1309782 - Review Request: bugyou_plugins - Plugins and Services for Bugyou https://bugzilla.redhat.com/show_bug.cgi?id=1309782 -------------------------------------------------------------------------------- ================================================================================ cdsclient-3.83-1.fc22 (FEDORA-2016-a3c6016b30) Tools to query databases at CDS -------------------------------------------------------------------------------- Update Information: new version (3.83) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1314752 - cdsclient-3.83 is available https://bugzilla.redhat.com/show_bug.cgi?id=1314752 -------------------------------------------------------------------------------- ================================================================================ composer-1.0.0-0.21.beta1.fc22 (FEDORA-2016-7094c16ba4) Dependency Manager for PHP -------------------------------------------------------------------------------- Update Information: **Version 1.0.0-beta1** * Break: By default we now disable any non-secure protocols (http, git, svn). This may lead to issues if you rely on those. See secure-http config option. * Break: show / list command now only show installed packages by default. An --all option is added to show all packages. * Added VCS repo support for the GitLab API, see also gitlab-oauth and gitlab- domains config options * Added prohibits / why-not command to show what blocks an upgrade to a given package:version pair * Added --tree / -t to the show command to see all your installed packages in a tree view * Added --interactive / -i to the update command, which lets you pick packages to update interactively * Added exec command to run binaries while having bin-dir in the PATH for convenience * Added --root-reqs to the update command to update only your direct, first degree dependencies * Added cafile and capath config options to control HTTPS certificate authority * Added pubkey verification of composer.phar when running self-update * Added possibility to configure per- package preferred-install types for more flexibility between prefer-source and prefer-dist * Added unpushed-changes detection when updating dependencies and in the status command * Added COMPOSER_AUTH env var that lets you pass a json configuration like the auth.json file * Added secure-http and disable-tls config options to control HTTPS/HTTP * Added warning when Xdebug is enabled as it reduces performance quite a bit, hide it with COMPOSER_DISABLE_XDEBUG_WARN=1 if you must * Added duplicate key detection when loading composer.json * Added sort-packages config option to force sorting of the requirements when using the require command * Added support for the XDG Base Directory spec on linux * Added XzDownloader for xz file support * Fixed SSL support to fully verify peers in all PHP versions, unsecure HTTP is also disabled by default * Fixed stashing and cleaning up of untracked files when updating packages * Fixed plugins being enabled after installation even when --no-plugins * Many small bug fixes and additions -------------------------------------------------------------------------------- ================================================================================ davix-0.6.0-1.fc22 (FEDORA-2016-e84b9ee2ac) Toolkit for Http-based file management -------------------------------------------------------------------------------- Update Information: davix 0.6.0 release, see RELEASE-NOTES for changes -------------------------------------------------------------------------------- ================================================================================ fedfind-2.1.1-1.fc22 (FEDORA-2016-104f6683ea) Fedora Finder finds Fedora -------------------------------------------------------------------------------- Update Information: This update provides the latest releases of fedfind, python-wikitcms and relval. The updated python-cached_property (a dependency of fedfind and python-wikitcms) fixes the package naming and provisions to be consistent between Python 2 and Python 3 and avoid dependency issues. This new 2.x series involves major changes to all three packages to adapt to the [new Fedora compose process](https://www.happyassassin.net/2016/02/15/pungi-4-the-new-generation-of- the-fedora-compose-tools-and-what-it-means-for-qa/). fedfind, in particular, is more incompatible than not with its 1.x series. The interface for python- wikitcms has changed much less (just some additions; there should be no incompatible changes). The `nightly` and `report-auto` subcommands have been removed from relval and the `compose` subcommand can now handle nightly events (without any of the checking the `nightly` subcommand used to do; unattended creation of nightly commands is being moved to a separate fedmsg consumer daemon). `relval` now runs under Python 3 rather than Python 2. All remaining subcommands should be fully compatible with invocations that worked earlier. These major changes are disruptive, but are vital to keep the tools working with the changed compose process. Please see the project pages (and the changelogs included on them) for more details: * [fedfind](https://www.happyassassin.net/fedfind) * [python- wikitcms](https://www.happyassassin.net/wikitcms) * [relval](https://www.happyassassin.net/relval) -------------------------------------------------------------------------------- ================================================================================ fedmsg-0.16.4-1.fc22 (FEDORA-2016-d113f666b8) Tools for Fedora Infrastructure real-time messaging -------------------------------------------------------------------------------- Update Information: https://github.com/fedora-infra/fedmsg/blob/develop/CHANGELOG.rst#0164 -------------------------------------------------------------------------------- ================================================================================ hamster-time-tracker-2.0-0.5.rc1.fc22 (FEDORA-2016-7f334957cc) The Linux time tracker -------------------------------------------------------------------------------- Update Information: fix a possible ZeroDivisionError when there are bogus database entries -------------------------------------------------------------------------------- References: [ 1 ] Bug #1309613 - [abrt] hamster-time-tracker: connection.py:651:call_blocking:DBusException: org.freedesktop.DBus.Python.ZeroDivisionError: Traceback (most recent call last): https://bugzilla.redhat.com/show_bug.cgi?id=1309613 -------------------------------------------------------------------------------- ================================================================================ libpwiz-3.0.9393-1.fc22 (FEDORA-2016-58456e149f) ProteoWizard software library -------------------------------------------------------------------------------- Update Information: - Update to snapshot 9393 -------------------------------------------------------------------------------- ================================================================================ mMass-5.5.0-17.fc22 (FEDORA-2016-2165fdf9d0) Open Source Mass Spectrometry Tool -------------------------------------------------------------------------------- Update Information: - LIPID MAPS Database updated -------------------------------------------------------------------------------- ================================================================================ mysqltuner-1.6.0-3.git.a154701.fc22 (FEDORA-2016-3a2ffcfff2) MySQL configuration assistant -------------------------------------------------------------------------------- Update Information: New upstream version. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1283136 - Query cache efficiency: wrong selects count https://bugzilla.redhat.com/show_bug.cgi?id=1283136 [ 2 ] Bug #1267523 - Use of uninitialized value $mycalc{"total_aria_indexes"} https://bugzilla.redhat.com/show_bug.cgi?id=1267523 -------------------------------------------------------------------------------- ================================================================================ perl-Test-File-Contents-0.22-1.fc22 (FEDORA-2016-ea59def667) Test routines for examining the contents of files -------------------------------------------------------------------------------- Update Information: A new version of Test-File-Contents is available. See http://cpansearch.perl.org/src/DWHEELER/Test-File-Contents-0.22/Changes for the summary of changes in this release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1314803 - perl-Test-File-Contents-0.22 is available https://bugzilla.redhat.com/show_bug.cgi?id=1314803 [ 2 ] Bug #1314802 - perl-Test-File-Contents-0.21-6.fc25 FTBFS: tests fail https://bugzilla.redhat.com/show_bug.cgi?id=1314802 -------------------------------------------------------------------------------- ================================================================================ php-udan11-sql-parser-3.4.0-1.fc22 (FEDORA-2016-02ee5b4002) A validating SQL lexer and parser with a focus on MySQL dialect -------------------------------------------------------------------------------- Update Information: phpMyAdmin 4.5.5.1 (2016-02-29) =============================== This release fixes multiple XSS vulnerabilities, please see PMASA-2016-10, PMASA-2016-11, and PMASA-2016-12 for details; additionally it fixes a vulnerability allowing man- in-the-middle attack on an API call to GitHub, see PMASA-2016-13 for details. It also inclues fixes for the following bugs: - issue #11971 CREATE UNIQUE INDEX index type is not recognized by parser. - issue #11982 Row count wrong when grouping joined tables. - issue #12012 Column definition with default value and comment in CREATE TABLE exported faulty. - issue #12020 New statement but no delimiter and unexpected token with REPLACE. - issue #12029 Fixed incorrect usage of SQL parser context in SQL export - issue #12048 Fixed inclusion of gettext library from SQL parser -------------------------------------------------------------------------------- References: [ 1 ] Bug #1313698 - CVE-2016-2559 CVE-2016-2562 phpmyadmin: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1313698 [ 2 ] Bug #1313225 - CVE-2016-2560 CVE-2016-2561 phpmyadmin: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1313225 [ 3 ] Bug #1310918 - phpMyAdmin-4.5.5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1310918 -------------------------------------------------------------------------------- ================================================================================ phpMyAdmin-4.5.5.1-1.fc22 (FEDORA-2016-02ee5b4002) Handle the administration of MySQL over the World Wide Web -------------------------------------------------------------------------------- Update Information: phpMyAdmin 4.5.5.1 (2016-02-29) =============================== This release fixes multiple XSS vulnerabilities, please see PMASA-2016-10, PMASA-2016-11, and PMASA-2016-12 for details; additionally it fixes a vulnerability allowing man- in-the-middle attack on an API call to GitHub, see PMASA-2016-13 for details. It also inclues fixes for the following bugs: - issue #11971 CREATE UNIQUE INDEX index type is not recognized by parser. - issue #11982 Row count wrong when grouping joined tables. - issue #12012 Column definition with default value and comment in CREATE TABLE exported faulty. - issue #12020 New statement but no delimiter and unexpected token with REPLACE. - issue #12029 Fixed incorrect usage of SQL parser context in SQL export - issue #12048 Fixed inclusion of gettext library from SQL parser -------------------------------------------------------------------------------- References: [ 1 ] Bug #1313698 - CVE-2016-2559 CVE-2016-2562 phpmyadmin: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1313698 [ 2 ] Bug #1313225 - CVE-2016-2560 CVE-2016-2561 phpmyadmin: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1313225 [ 3 ] Bug #1310918 - phpMyAdmin-4.5.5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1310918 -------------------------------------------------------------------------------- ================================================================================ python-bugzilla2fedmsg-0.3.0-1.fc22 (FEDORA-2016-abca97b63e) Consume BZ messages over STOMP and republish to fedmsg -------------------------------------------------------------------------------- Update Information: Ignore any non-Fedora components, and adjust for our new queue. -------------------------------------------------------------------------------- ================================================================================ python-cached_property-1.3.0-4.fc22 (FEDORA-2016-104f6683ea) A cached-property for decorating methods in Python classes -------------------------------------------------------------------------------- Update Information: This update provides the latest releases of fedfind, python-wikitcms and relval. The updated python-cached_property (a dependency of fedfind and python-wikitcms) fixes the package naming and provisions to be consistent between Python 2 and Python 3 and avoid dependency issues. This new 2.x series involves major changes to all three packages to adapt to the [new Fedora compose process](https://www.happyassassin.net/2016/02/15/pungi-4-the-new-generation-of- the-fedora-compose-tools-and-what-it-means-for-qa/). fedfind, in particular, is more incompatible than not with its 1.x series. The interface for python- wikitcms has changed much less (just some additions; there should be no incompatible changes). The `nightly` and `report-auto` subcommands have been removed from relval and the `compose` subcommand can now handle nightly events (without any of the checking the `nightly` subcommand used to do; unattended creation of nightly commands is being moved to a separate fedmsg consumer daemon). `relval` now runs under Python 3 rather than Python 2. All remaining subcommands should be fully compatible with invocations that worked earlier. These major changes are disruptive, but are vital to keep the tools working with the changed compose process. Please see the project pages (and the changelogs included on them) for more details: * [fedfind](https://www.happyassassin.net/fedfind) * [python- wikitcms](https://www.happyassassin.net/wikitcms) * [relval](https://www.happyassassin.net/relval) -------------------------------------------------------------------------------- ================================================================================ python-gssapi-1.2.0-1.fc22 (FEDORA-2016-aad6d4f916) Python Bindings for GSSAPI (RFC 2743/2744 and extensions) -------------------------------------------------------------------------------- Update Information: New upstream version fixes issue with delegated credential storage. For more information, please see [our upstream release notes](https://github.com/pythongssapi/python-gssapi/releases/tag/v1.2.0) -------------------------------------------------------------------------------- ================================================================================ python-libcnml-0.9.4-1.fc22 (FEDORA-2016-8ca6818f54) libcnml is a CNML parser library for Python -------------------------------------------------------------------------------- Update Information: First commit -------------------------------------------------------------------------------- ================================================================================ python-pygments-2.1.3-1.fc22 (FEDORA-2016-3cbe9ad765) Syntax highlighting engine written in Python -------------------------------------------------------------------------------- Update Information: Update for upstream release. ---- python-pygments-2.0.2-3.fc22 - Backport patch to fix font manager shell injection for BZ#1276321 python- pygments-2.0.2-3.fc23 - Backport patch to fix font manager shell injection for BZ#1276321 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1276321 - CVE-2015-8557 python-pygments: Shell injection in FontManager._get_nix_font_path https://bugzilla.redhat.com/show_bug.cgi?id=1276321 -------------------------------------------------------------------------------- ================================================================================ python-wikitcms-2.0.0-1.fc22 (FEDORA-2016-104f6683ea) Fedora QA wiki test management Python library -------------------------------------------------------------------------------- Update Information: This update provides the latest releases of fedfind, python-wikitcms and relval. The updated python-cached_property (a dependency of fedfind and python-wikitcms) fixes the package naming and provisions to be consistent between Python 2 and Python 3 and avoid dependency issues. This new 2.x series involves major changes to all three packages to adapt to the [new Fedora compose process](https://www.happyassassin.net/2016/02/15/pungi-4-the-new-generation-of- the-fedora-compose-tools-and-what-it-means-for-qa/). fedfind, in particular, is more incompatible than not with its 1.x series. The interface for python- wikitcms has changed much less (just some additions; there should be no incompatible changes). The `nightly` and `report-auto` subcommands have been removed from relval and the `compose` subcommand can now handle nightly events (without any of the checking the `nightly` subcommand used to do; unattended creation of nightly commands is being moved to a separate fedmsg consumer daemon). `relval` now runs under Python 3 rather than Python 2. All remaining subcommands should be fully compatible with invocations that worked earlier. These major changes are disruptive, but are vital to keep the tools working with the changed compose process. Please see the project pages (and the changelogs included on them) for more details: * [fedfind](https://www.happyassassin.net/fedfind) * [python- wikitcms](https://www.happyassassin.net/wikitcms) * [relval](https://www.happyassassin.net/relval) -------------------------------------------------------------------------------- ================================================================================ relval-2.0.2-1.fc22 (FEDORA-2016-104f6683ea) Tool for interacting with Fedora QA wiki pages -------------------------------------------------------------------------------- Update Information: This update provides the latest releases of fedfind, python-wikitcms and relval. The updated python-cached_property (a dependency of fedfind and python-wikitcms) fixes the package naming and provisions to be consistent between Python 2 and Python 3 and avoid dependency issues. This new 2.x series involves major changes to all three packages to adapt to the [new Fedora compose process](https://www.happyassassin.net/2016/02/15/pungi-4-the-new-generation-of- the-fedora-compose-tools-and-what-it-means-for-qa/). fedfind, in particular, is more incompatible than not with its 1.x series. The interface for python- wikitcms has changed much less (just some additions; there should be no incompatible changes). The `nightly` and `report-auto` subcommands have been removed from relval and the `compose` subcommand can now handle nightly events (without any of the checking the `nightly` subcommand used to do; unattended creation of nightly commands is being moved to a separate fedmsg consumer daemon). `relval` now runs under Python 3 rather than Python 2. All remaining subcommands should be fully compatible with invocations that worked earlier. These major changes are disruptive, but are vital to keep the tools working with the changed compose process. Please see the project pages (and the changelogs included on them) for more details: * [fedfind](https://www.happyassassin.net/fedfind) * [python- wikitcms](https://www.happyassassin.net/wikitcms) * [relval](https://www.happyassassin.net/relval) -------------------------------------------------------------------------------- ================================================================================ xfsprogs-4.3.0-1.fc22 (FEDORA-2016-71be756bbe) Utilities for managing the XFS filesystem -------------------------------------------------------------------------------- Update Information: Kernel v4.4 and later detects an XFS log problem which is only fixed by xfsprogs v4.3 or later. If you have encountered the inability to mount an xfs filesystem such as: > XFS (dm-3): Mounting V5 Filesystem > XFS (dm-3): Corruption warning: Metadata has LSN (1:16) ahead of current LSN (1:2). > Please unmount and run xfs_repair (>= v4.3) to resolve. > XFS (dm-3): log mount/recovery failed: error -22 XFS (dm-3): log mount failed please update to this version of xfsprogs and run xfs_repair against the filesystem. See also [this email thread](http://marc.info/?l=linux- kernel&m=144785713726096&w=2). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1314795 - Kernel 4.4.3 fails to boot the system on XFS root, erroneous errors due to old xfsprogs https://bugzilla.redhat.com/show_bug.cgi?id=1314795 [ 2 ] Bug #1314605 - xfs_repair will "corrupt" your data https://bugzilla.redhat.com/show_bug.cgi?id=1314605 -------------------------------------------------------------------------------- ================================================================================ zathura-cb-0.1.5-2.fc22 (FEDORA-2016-6ec28ec59d) Comic book support for zathura -------------------------------------------------------------------------------- Update Information: A new version of zathura-cb is available. This release advertises support for URLs. -------------------------------------------------------------------------------- ================================================================================ zathura-djvu-0.2.5-1.fc22 (FEDORA-2016-0db4f9ae83) DjVu support for zathura -------------------------------------------------------------------------------- Update Information: A new version of zathura-djvu is available. This release advertises support for URLs. -------------------------------------------------------------------------------- ================================================================================ zathura-ps-0.2.3-1.fc22 (FEDORA-2016-3d94381cc5) PS support for zathura via libspectre -------------------------------------------------------------------------------- Update Information: A new version of zathura-ps is available. This release advertises support for URLs. -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: http://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
