The following Fedora 22 Security updates need testing: Age URL 341 https://bodhi.fedoraproject.org/updates/FEDORA-2015-5878 echoping-6.1-0.beta.r434svn.1.fc22 290 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9185 ceph-deploy-1.5.25-1.fc22 223 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12781 python-kdcproxy-0.3.2-1.fc22 177 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16239 nagios-4.0.8-1.fc22 166 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2d37e7dacf openstack-swift-2.2.0-6.fc22 135 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9039c25f1d miniupnpc-1.9-6.fc22 118 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4 libpng-1.6.16-4.fc22 118 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6 libpng-1.6.16-5.fc22 99 https://bodhi.fedoraproject.org/updates/FEDORA-2015-3a5cebb105 ImageMagick-6.9.2.7-1.fc22 85 https://bodhi.fedoraproject.org/updates/FEDORA-2015-b9e4c97ff1 sos-3.2-2.fc22 58 https://bodhi.fedoraproject.org/updates/FEDORA-2015-f683150aa0 thttpd-2.25b-37.fc22 47 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4c57c232c0 xulrunner-44.0-1.fc22 35 https://bodhi.fedoraproject.org/updates/FEDORA-2016-560802e52b xdelta-3.0.7-7.fc22 23 https://bodhi.fedoraproject.org/updates/FEDORA-2016-24d134e494 mingw-nsis-2.50-1.fc22 15 https://bodhi.fedoraproject.org/updates/FEDORA-2016-338a7e9925 graphite2-1.3.6-1.fc22 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-11537160e9 websvn-2.3.3-12.fc22 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3cbe9ad765 python-pygments-2.1.3-1.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b004d6d8f7 python-django-1.8.11-1.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3954061e32 rubygem-actionpack-4.2.0-4.fc22 rubygem-actionview-4.2.0-5.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7b40eb9e29 libecap-1.0.0-1.fc22 squid-3.5.10-1.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c71532c5e2 putty-0.67-1.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-bb7bdd7063 php-pecl-http-2.5.6-1.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5f44e89fe0 python-tgcaptcha2-0.3.1-1.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fde759f627 libotr-4.1.1-1.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9f4012116e drupal6-emfield-2.7-1.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-38b20aa50f xen-4.5.2-9.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d339d610c1 openssh-6.9p1-11.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-dc3740c56e apache-commons-collections-3.2.2-1.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e6651efbaf tomcat-7.0.68-3.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-161b73fc2c bind99-9.9.8-4.P4.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f95d8ea3ad proftpd-1.3.5b-1.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-364c0a9df4 bind-9.10.3-9.P4.fc22 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-40a657cee1 dropbear-2016.72-1.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0429f34acd torbrowser-launcher-0.2.4-1.fc22 The following Fedora 22 Critical Path updates have yet to be approved: Age URL 217 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13210 yum-3.4.3-508.fc22 135 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2123de044f libgphoto2-2.5.8-1.fc22 132 https://bodhi.fedoraproject.org/updates/FEDORA-2015-48f718ed1b vim-7.4.909-1.fc22 118 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6 libpng-1.6.16-5.fc22 118 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4 libpng-1.6.16-4.fc22 71 https://bodhi.fedoraproject.org/updates/FEDORA-2016-46b611abb8 httpd-2.4.18-1.fc22 47 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4c57c232c0 xulrunner-44.0-1.fc22 41 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d3fce30d64 mobile-broadband-provider-info-1.20151214-1.fc22 23 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ce419c9cab selinux-policy-3.13.1-128.28.fc22 20 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b37af739e7 spatialite-tools-4.2.0-20.fc22 sqlite-3.11.0-2.fc22 15 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3b03252507 rpm-4.12.0.1-16.fc22 14 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9f7a319b77 pcmanfm-1.2.4-1.fc22 libfm-1.2.4-1.fc22 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f9789605ac NetworkManager-1.0.10-3.fc22 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-706c28d619 koji-1.10.1-3.fc22 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-bf56b612e9 libbluray-0.9.2-1.fc22 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4d5434d82f parted-3.2-16.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-364c0a9df4 bind-9.10.3-9.P4.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-11b32d067d gtk2-2.24.30-1.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-76aa957f67 gnutls-3.3.22-1.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a55a84a795 kernel-4.4.5-200.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d339d610c1 openssh-6.9p1-11.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4072c51267 dracut-041-15.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d4e6e32c1c upower-0.99.3-2.fc22 The following builds have been pushed to Fedora 22 updates-testing ansible1.9-1.9.4-2.fc22 armadillo-6.600.4-1.fc22 bugwarrior-1.4.0-1.fc22 distribution-gpg-keys-1.4-1.fc22 efl-1.17.0-4.fc22 fuse-zip-0.4.2-1.fc22 globus-common-16.2-1.fc22 globus-proxy-utils-6.15-1.fc22 gnome-abrt-1.2.0-5.fc22 hgsvn-0.3.15-1.fc22 libbson-1.3.4-1.fc22 libtranslate-0.99-100.fc22 lilypond-2.19.38-1.fc22 lilypond-doc-2.19.38-1.fc22 menulibre-2.1.2-4.fc22 myproxy-6.1.17-1.fc22 perl-Canary-Stability-2011-1.fc22 php-di-5.2.2-2.fc22 php-guzzlehttp-promises-1.1.0-1.fc22 php-paragonie-random-compat-1.2.2-1.fc22 php-phpunit-PHPUnit-4.8.24-1.fc22 python-babelfish-0.5.5-2.fc22 python-productmd-1.0-13.fc22 rubygem-domain_name-0.5.20160309-1.fc22 scummvm-1.8.0-1.fc22 scummvm-tools-1.8.0-1.fc22 sddm-0.13.0-6.fc22 svxlink-15.11-1.fc22 tilda-1.3.2-1.fc22 torbrowser-launcher-0.2.4-1.fc22 upower-0.99.3-2.fc22 xpad-4.7.0-1.fc22 Details about builds: ================================================================================ ansible1.9-1.9.4-2.fc22 (FEDORA-2016-e1ba0aa07d) SSH-based configuration management, deployment, and task execution system -------------------------------------------------------------------------------- Update Information: New compat package to provide ansible 1.x for people transitioning from older ansible to the ansible-2.0 package. -------------------------------------------------------------------------------- ================================================================================ armadillo-6.600.4-1.fc22 (FEDORA-2016-38162cfd1c) Fast C++ matrix library with interfaces to LAPACK and ATLAS -------------------------------------------------------------------------------- Update Information: New stable armadillo release with the following changes: * fix for gmm_diag when using Mahalanobis distance * expanded sum(), mean(), min(), max() to handle cubes * expanded Cube class to handle arbitrarily sized empty cubes (eg. 0x5x2) * added shift() for circular shifts of elements * added sqrtmat() for finding the square root of a matrix. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1317870 - armadillo-6.600.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1317870 -------------------------------------------------------------------------------- ================================================================================ bugwarrior-1.4.0-1.fc22 (FEDORA-2016-bb4adac898) Sync github, bitbucket, and trac issues with taskwarrior -------------------------------------------------------------------------------- Update Information: Latest upstream. https://github.com/ralphbean/bugwarrior/blob/develop/CHANGELOG.rst#140 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1317164 - bugwarrior-1.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1317164 -------------------------------------------------------------------------------- ================================================================================ distribution-gpg-keys-1.4-1.fc22 (FEDORA-2016-d6964b173c) Keys of various Linux distributions -------------------------------------------------------------------------------- Update Information: * updated Copr keys * added mageia keys -------------------------------------------------------------------------------- ================================================================================ efl-1.17.0-4.fc22 (FEDORA-2016-5e75c961ce) Collection of Enlightenment libraries -------------------------------------------------------------------------------- Update Information: - Disable wayland for Fedora 22 and EPEL, as they do not have dependencies -------------------------------------------------------------------------------- ================================================================================ fuse-zip-0.4.2-1.fc22 (FEDORA-2016-be7996eccc) Filesystem to navigate, extract, create and modify ZIP archives -------------------------------------------------------------------------------- Update Information: Update to 0.4.2. -------------------------------------------------------------------------------- ================================================================================ globus-common-16.2-1.fc22 (FEDORA-2016-e3321db2fd) Globus Toolkit - Common Library -------------------------------------------------------------------------------- Update Information: globus-proxy-utils - Better support for checking cert names. globus-common - Minor documentation fix. myproxy - Handle error returns from OCSP_parse_url. -------------------------------------------------------------------------------- ================================================================================ globus-proxy-utils-6.15-1.fc22 (FEDORA-2016-e3321db2fd) Globus Toolkit - Globus GSI Proxy Utility Programs -------------------------------------------------------------------------------- Update Information: globus-proxy-utils - Better support for checking cert names. globus-common - Minor documentation fix. myproxy - Handle error returns from OCSP_parse_url. -------------------------------------------------------------------------------- ================================================================================ gnome-abrt-1.2.0-5.fc22 (FEDORA-2016-fd679e0d84) A utility for viewing problems that have occurred with the system -------------------------------------------------------------------------------- Update Information: - Show HiDPI icons on HiDPI screens - Fix a DeprecationWarning in Python 3.4 (a runtime error in Python 3.5) - Fix a crash when displaying a problem without 'cmdline' item - More minor bugs fixed - Add kudos to the AppData file - Details pane: new design - More minor UI improvements - Translation added: Khmer - Other translation updates -------------------------------------------------------------------------------- ================================================================================ hgsvn-0.3.15-1.fc22 (FEDORA-2016-56f96fb959) A set of scripts to work locally on subversion checkouts using mercurial -------------------------------------------------------------------------------- Update Information: Update to latest upstream release 0.3.15. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1314982 - hgsvn-0.3.15 is available https://bugzilla.redhat.com/show_bug.cgi?id=1314982 -------------------------------------------------------------------------------- ================================================================================ libbson-1.3.4-1.fc22 (FEDORA-2016-1379c03ff0) Building, parsing, and iterating BSON documents -------------------------------------------------------------------------------- Update Information: This release improves build script. We deliver it only to provide latest version string. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1317713 - libbson-1.3.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1317713 -------------------------------------------------------------------------------- ================================================================================ libtranslate-0.99-100.fc22 (FEDORA-2016-21ad411bd8) Natural language translation library -------------------------------------------------------------------------------- Update Information: Update services.xml file -------------------------------------------------------------------------------- ================================================================================ lilypond-2.19.38-1.fc22 (FEDORA-2016-448973e3bf) A typesetting system for music notation -------------------------------------------------------------------------------- Update Information: Latest upstream. -------------------------------------------------------------------------------- ================================================================================ lilypond-doc-2.19.38-1.fc22 (FEDORA-2016-448973e3bf) HTML documentation for LilyPond -------------------------------------------------------------------------------- Update Information: Latest upstream. -------------------------------------------------------------------------------- ================================================================================ menulibre-2.1.2-4.fc22 (FEDORA-2016-0716991b47) FreeDesktop.org compliant menu editor -------------------------------------------------------------------------------- Update Information: Fix a problem where adding a launcher and no directory was selected would emit a type error -------------------------------------------------------------------------------- ================================================================================ myproxy-6.1.17-1.fc22 (FEDORA-2016-e3321db2fd) Manage X.509 Public Key Infrastructure (PKI) security credentials -------------------------------------------------------------------------------- Update Information: globus-proxy-utils - Better support for checking cert names. globus-common - Minor documentation fix. myproxy - Handle error returns from OCSP_parse_url. -------------------------------------------------------------------------------- ================================================================================ perl-Canary-Stability-2011-1.fc22 (FEDORA-2016-eea999568c) Canary to check perl compatibility for Schmorp's modules -------------------------------------------------------------------------------- Update Information: This release fixes color printing. It also improves the message text. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1317254 - perl-Canary-Stability-2011 is available https://bugzilla.redhat.com/show_bug.cgi?id=1317254 -------------------------------------------------------------------------------- ================================================================================ php-di-5.2.2-2.fc22 (FEDORA-2016-adb2640b55) The dependency injection container for humans -------------------------------------------------------------------------------- Update Information: ### 5.2.2 * Fix [#379](https://github.com/PHP-DI/PHP-DI/issues/379) Wrong match when using wildcards (by @HexSource and @mnapoli) ### 5.2.1 * Fix [#366](https://github.com/PHP-DI/PHP-DI/issues/366): Handle collisions between identical parent and child private properties ([#367](https://github.com/PHP-DI /PHP-DI/issues/367) by @mnapoli) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1298928 - php-di-5.2.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1298928 -------------------------------------------------------------------------------- ================================================================================ php-guzzlehttp-promises-1.1.0-1.fc22 (FEDORA-2016-b137a03e79) Guzzle promises library -------------------------------------------------------------------------------- Update Information: ### 1.1.0 - 2016-03-07 * Update EachPromise to prevent recurring on a iterator when advancing, as this could trigger fatal generator errors. * Update Promise to allow recursive waiting without unwrapping exceptions. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1315685 - php-guzzlehttp-promises-1.1.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1315685 -------------------------------------------------------------------------------- ================================================================================ php-paragonie-random-compat-1.2.2-1.fc22 (FEDORA-2016-58d4852999) PHP 5.x polyfill for random_bytes() and random_int() from PHP 7 -------------------------------------------------------------------------------- Update Information: ### Version 1.2.2 - 2016-03-11 * To prevent applications from hanging, if `/dev/urandom` is not accessible to PHP, skip mcrypt (which just fails before giving OpenSSL a chance and was morally equivalent to not offering OpenSSL at all). ### Version 1.2.1 - 2016-02-29 * PHP 5.6.10 - 5.6.12 will hang when mcrypt is used on Unix-based operating systems ([PHP bug 69833](https://bugs.php.net/bug.php?id=69833)). If you are running one of these versions, please upgrade (or make sure `/dev/urandom` is readable) otherwise you're relying on OpenSSL. ### Version 1.2.0 - 2016-02-05 * Whitespace and other cosmetic changes * Added a changelog. ### Version 1.1.6 - 2016-01-29 * Eliminate `open_basedir` warnings by detecting this configuration setting. (Thanks [@oucil](https://github.com/oucil) for reporting this.) * Added install instructions to the README. * Documentation cleanup (there is, in fact, no `MCRYPT_CREATE_IV` constant, I meant to write `MCRYPT_DEV_URANDOM`) ### Version 1.1.5 - 2016-01-06 * Prevent fatal errors on platforms with older versions of libsodium. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1296738 - php-paragonie-random-compat-1.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1296738 [ 2 ] Bug #1317102 - php-paragonie-random-compat-1.2.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1317102 -------------------------------------------------------------------------------- ================================================================================ php-phpunit-PHPUnit-4.8.24-1.fc22 (FEDORA-2016-ca82972c1e) The PHP Unit Testing framework -------------------------------------------------------------------------------- Update Information: **Version 4.8.24** - 2016-03-14 * Fixed #1959: Prophecy errors are not handled correctly * Fixed #2039: TestDox does not handle snake_case test methods properly * Fixed #2109: Process isolation leaks global variable -------------------------------------------------------------------------------- ================================================================================ python-babelfish-0.5.5-2.fc22 (FEDORA-2016-9943a37645) Python library to work with countries and languages -------------------------------------------------------------------------------- Update Information: New package python-babelfish -------------------------------------------------------------------------------- References: [ 1 ] Bug #1298238 - Review Request: python-babelfish - Python library to work with countries and languages https://bugzilla.redhat.com/show_bug.cgi?id=1298238 -------------------------------------------------------------------------------- ================================================================================ python-productmd-1.0-13.fc22 (FEDORA-2016-4e436e2043) Library providing parsers for metadata related to OS installation -------------------------------------------------------------------------------- Update Information: add patch for supporting subvariant -------------------------------------------------------------------------------- ================================================================================ rubygem-domain_name-0.5.20160309-1.fc22 (FEDORA-2016-484410bf2f) Domain Name manipulation library for Ruby -------------------------------------------------------------------------------- Update Information: New version 0.5.20160309 is released. -------------------------------------------------------------------------------- ================================================================================ scummvm-1.8.0-1.fc22 (FEDORA-2016-e1c6c3cd0f) Interpreter for several adventure games -------------------------------------------------------------------------------- Update Information: Update to 1.8.0 release -------------------------------------------------------------------------------- ================================================================================ scummvm-tools-1.8.0-1.fc22 (FEDORA-2016-2186f3eb65) Tools for scummVM / S.C.U.M.M scripting language -------------------------------------------------------------------------------- Update Information: Update to 1.8.0 release -------------------------------------------------------------------------------- ================================================================================ sddm-0.13.0-6.fc22 (FEDORA-2016-6a2445f5c8) QML based X11 desktop manager -------------------------------------------------------------------------------- Update Information: Enable gnome-pam-keyring support. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1317066 - sddm: use pam_gnome_keyring https://bugzilla.redhat.com/show_bug.cgi?id=1317066 -------------------------------------------------------------------------------- ================================================================================ svxlink-15.11-1.fc22 (FEDORA-2016-5a5b30812d) Repeater controller and EchoLink (simplex or repeater) -------------------------------------------------------------------------------- Update Information: Sync to 15.11 release ---- svxlink-14.08.1-3.fc21 - fix installed tmpfsfile (#1266511) svxlink-14.08.1-3.fc22 - fix installed tmpfsfile (#1266511) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1266511 - Service file installed instead of the tmpfs configuration https://bugzilla.redhat.com/show_bug.cgi?id=1266511 -------------------------------------------------------------------------------- ================================================================================ tilda-1.3.2-1.fc22 (FEDORA-2016-1ff66ff94d) A Gtk based drop down terminal for Linux and Unix -------------------------------------------------------------------------------- Update Information: - update to 1.3.2 - fixes bug #1317285 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1317285 - update 1.3.2 https://bugzilla.redhat.com/show_bug.cgi?id=1317285 -------------------------------------------------------------------------------- ================================================================================ torbrowser-launcher-0.2.4-1.fc22 (FEDORA-2016-0429f34acd) Tor Browser Bundle managing tool -------------------------------------------------------------------------------- Update Information: Fix signature verification bypass attack, reported by Jann Horn -------------------------------------------------------------------------------- References: [ 1 ] Bug #1317324 - torbrowser-launcher-v0.2.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1317324 -------------------------------------------------------------------------------- ================================================================================ upower-0.99.3-2.fc22 (FEDORA-2016-d4e6e32c1c) Power Management Service -------------------------------------------------------------------------------- Update Information: This update fixes a crash when an unpaired iPhone is plugged in. It should also fix access to a number of UPS devices. -------------------------------------------------------------------------------- ================================================================================ xpad-4.7.0-1.fc22 (FEDORA-2016-17bac3cde2) Sticky notepad for GTK -------------------------------------------------------------------------------- Update Information: Update to 4.7.0. Fixes bugs: #1317140 and #1299088 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1317140 - xpad-4.7.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1317140 [ 2 ] Bug #1299088 - XPad starts automatically at login (because it provides /etc/xdg/autostart/xpad.desktop file) https://bugzilla.redhat.com/show_bug.cgi?id=1299088 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: http://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
