The following Fedora 22 Security updates need testing: Age URL 347 https://bodhi.fedoraproject.org/updates/FEDORA-2015-5878 echoping-6.1-0.beta.r434svn.1.fc22 296 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9185 ceph-deploy-1.5.25-1.fc22 229 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12781 python-kdcproxy-0.3.2-1.fc22 183 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16239 nagios-4.0.8-1.fc22 171 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2d37e7dacf openstack-swift-2.2.0-6.fc22 141 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9039c25f1d miniupnpc-1.9-6.fc22 123 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4 libpng-1.6.16-4.fc22 123 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6 libpng-1.6.16-5.fc22 105 https://bodhi.fedoraproject.org/updates/FEDORA-2015-3a5cebb105 ImageMagick-6.9.2.7-1.fc22 90 https://bodhi.fedoraproject.org/updates/FEDORA-2015-b9e4c97ff1 sos-3.2-2.fc22 64 https://bodhi.fedoraproject.org/updates/FEDORA-2015-f683150aa0 thttpd-2.25b-37.fc22 52 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4c57c232c0 xulrunner-44.0-1.fc22 40 https://bodhi.fedoraproject.org/updates/FEDORA-2016-560802e52b xdelta-3.0.7-7.fc22 29 https://bodhi.fedoraproject.org/updates/FEDORA-2016-24d134e494 mingw-nsis-2.50-1.fc22 21 https://bodhi.fedoraproject.org/updates/FEDORA-2016-338a7e9925 graphite2-1.3.6-1.fc22 17 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3cbe9ad765 python-pygments-2.1.3-1.fc22 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7b40eb9e29 libecap-1.0.0-1.fc22 squid-3.5.10-1.fc22 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c71532c5e2 putty-0.67-1.fc22 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-bb7bdd7063 php-pecl-http-2.5.6-1.fc22 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5f44e89fe0 python-tgcaptcha2-0.3.1-1.fc22 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d339d610c1 openssh-6.9p1-11.fc22 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-dc3740c56e apache-commons-collections-3.2.2-1.fc22 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e6651efbaf tomcat-7.0.68-3.fc22 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-161b73fc2c bind99-9.9.8-4.P4.fc22 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-364c0a9df4 bind-9.10.3-9.P4.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-40a657cee1 dropbear-2016.72-1.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0429f34acd torbrowser-launcher-0.2.4-1.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ddc8c5c950 seamonkey-2.40-1.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-47c0adc816 webkitgtk3-2.4.10-1.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9ec1850fff webkitgtk-2.4.10-1.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-68b43a4e0d webkitgtk4-2.10.9-1.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3a57b19360 kernel-4.4.6-200.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-bfaf6a133b qemu-2.3.1-13.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cee7647200 git-2.4.11-1.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ed99cb602e krb5-1.13.2-14.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-665c11ed92 libmaxminddb-1.1.5-1.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b91d895e5a moodle-2.8.11-1.fc22 The following Fedora 22 Critical Path updates have yet to be approved: Age URL 222 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13210 yum-3.4.3-508.fc22 141 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2123de044f libgphoto2-2.5.8-1.fc22 137 https://bodhi.fedoraproject.org/updates/FEDORA-2015-48f718ed1b vim-7.4.909-1.fc22 123 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6 libpng-1.6.16-5.fc22 123 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4 libpng-1.6.16-4.fc22 52 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4c57c232c0 xulrunner-44.0-1.fc22 47 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d3fce30d64 mobile-broadband-provider-info-1.20151214-1.fc22 29 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ce419c9cab selinux-policy-3.13.1-128.28.fc22 25 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b37af739e7 spatialite-tools-4.2.0-20.fc22 sqlite-3.11.0-2.fc22 21 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3b03252507 rpm-4.12.0.1-16.fc22 18 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4d5434d82f parted-3.2-16.fc22 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-364c0a9df4 bind-9.10.3-9.P4.fc22 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-11b32d067d gtk2-2.24.30-1.fc22 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-76aa957f67 gnutls-3.3.22-1.fc22 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d339d610c1 openssh-6.9p1-11.fc22 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4072c51267 dracut-041-15.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d4e6e32c1c upower-0.99.3-2.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3a57b19360 kernel-4.4.6-200.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-dbc09943ac ca-certificates-2016.2.7-1.0.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4e719508d2 pcre-8.38-4.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-47c0adc816 webkitgtk3-2.4.10-1.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ed99cb602e krb5-1.13.2-14.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-33be675c57 firefox-45.0.1-2.fc22 The following builds have been pushed to Fedora 22 updates-testing bitlbee-3.4.2-1.fc22 firefox-45.0.1-2.fc22 git-tools-0-0.2.20160313gitd6d55b3.fc22 gnome-documents-3.16.6-1.fc22 libisds-0.10.3-1.fc22 libmaxminddb-1.1.5-1.fc22 liferea-1.10.18-2.fc22 liveusb-creator-3.91.0-1.fc22 mingw-taglib-1.10-1.fc22 moodle-2.8.11-1.fc22 pcp-3.11.1-1.fc22 perl-Config-General-2.60-1.fc22 perl-DBIx-Connector-0.56-1.fc22 perl-File-Edit-Portable-1.24-1.fc22 perl-Module-CoreList-5.20160320-1.fc22 php-horde-Horde-Date-2.3.0-1.fc22 pkgdiff-1.7.2-1.fc22 python-qt5-5.5.1-2.fc22.2 python3-cherrypy-5.1.0-1.fc22 reposurgeon-3.37-1.fc22 shinken-2.4.3-1.fc22 yash-2.41-1.fc22 Details about builds: ================================================================================ bitlbee-3.4.2-1.fc22 (FEDORA-2016-b7d222b354) IRC to other chat networks gateway -------------------------------------------------------------------------------- Update Information: New upstream release (#1319428) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1319428 - bitlbee-3.4.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1319428 -------------------------------------------------------------------------------- ================================================================================ firefox-45.0.1-2.fc22 (FEDORA-2016-33be675c57) Mozilla Firefox Web browser -------------------------------------------------------------------------------- Update Information: - Ship a Debian patch to disable extension signing for system directory ---- - new upstream (45.0.1) - fixed Fedora 24 themes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1293874 - [DEBIAN] firefox: support for Fedora add-ons was removed https://bugzilla.redhat.com/show_bug.cgi?id=1293874 -------------------------------------------------------------------------------- ================================================================================ git-tools-0-0.2.20160313gitd6d55b3.fc22 (FEDORA-2016-6e7b9d3622) Assorted git-related scripts and tools -------------------------------------------------------------------------------- Update Information: First package of git-tools: assorted git-related scripts and tools -------------------------------------------------------------------------------- References: [ 1 ] Bug #1308779 - Review Request: git-tools - Assorted git-related scripts and tools https://bugzilla.redhat.com/show_bug.cgi?id=1308779 -------------------------------------------------------------------------------- ================================================================================ gnome-documents-3.16.6-1.fc22 (FEDORA-2016-40c024e90d) A document manager application for GNOME -------------------------------------------------------------------------------- Update Information: * Unbreak going back from preview when launched from search provider * Try not to open PDFs in GIMP -------------------------------------------------------------------------------- ================================================================================ libisds-0.10.3-1.fc22 (FEDORA-2016-de0e66848a) Library for accessing the Czech Data Boxes -------------------------------------------------------------------------------- Update Information: This release fixes a type mismatch when logging binary blobs. It also make the code more portable to non-POSIX platforms. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1319363 - libisds-0.10.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1319363 -------------------------------------------------------------------------------- ================================================================================ libmaxminddb-1.1.5-1.fc22 (FEDORA-2016-665c11ed92) C library for the MaxMind DB file format -------------------------------------------------------------------------------- Update Information: rebase to new upstream version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1283921 - libmaxminddb: Missing bounds checking and verification of data type causes segfault [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1283921 [ 2 ] Bug #1283920 - libmaxminddb: Missing bounds checking and verification of data type causes segfault [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1283920 -------------------------------------------------------------------------------- ================================================================================ liferea-1.10.18-2.fc22 (FEDORA-2016-35b616e667) An RSS/RDF feed reader -------------------------------------------------------------------------------- Update Information: This update packages the symbolic icon for liferea, backported from the 1.11.xx series. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1243881 - Add symbolic icon from unstable release https://bugzilla.redhat.com/show_bug.cgi?id=1243881 -------------------------------------------------------------------------------- ================================================================================ liveusb-creator-3.91.0-1.fc22 (FEDORA-2016-77e613d54d) Fedora Media Writer -------------------------------------------------------------------------------- Update Information: Updated to another upstream pre-release -------------------------------------------------------------------------------- ================================================================================ mingw-taglib-1.10-1.fc22 (FEDORA-2016-c116ac5b01) Audio Meta-Data Library -------------------------------------------------------------------------------- Update Information: Update to 1.10 -------------------------------------------------------------------------------- ================================================================================ moodle-2.8.11-1.fc22 (FEDORA-2016-b91d895e5a) A Course Management System -------------------------------------------------------------------------------- Update Information: Multiple CVEs -------------------------------------------------------------------------------- References: [ 1 ] Bug #1319680 - CVE-2016-2151 CVE-2016-2152 CVE-2016-2153 CVE-2016-2154 CVE-2016-2155 CVE-2016-2156 CVE-2016-2157 CVE-2016-2158 CVE-2016-2159 CVE-2016-2190 moodle: multiple security issues fixed in 3.0.3, 2.9.5, 2.8.11, 2.7.13 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1319680 -------------------------------------------------------------------------------- ================================================================================ pcp-3.11.1-1.fc22 (FEDORA-2016-4969de37e5) System-level performance monitoring and performance management -------------------------------------------------------------------------------- Update Information: Update to latest PCP sources. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1304722 - None https://bugzilla.redhat.com/show_bug.cgi?id=1304722 [ 2 ] Bug #1286361 - None https://bugzilla.redhat.com/show_bug.cgi?id=1286361 [ 3 ] Bug #1262723 - None https://bugzilla.redhat.com/show_bug.cgi?id=1262723 [ 4 ] Bug #1210976 - None https://bugzilla.redhat.com/show_bug.cgi?id=1210976 [ 5 ] Bug #1065803 - None https://bugzilla.redhat.com/show_bug.cgi?id=1065803 -------------------------------------------------------------------------------- ================================================================================ perl-Config-General-2.60-1.fc22 (FEDORA-2016-a034f7d4c8) Generic configuration module for Perl -------------------------------------------------------------------------------- Update Information: Updated to release 2.60 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1319683 - Please upgrade to upstream version https://bugzilla.redhat.com/show_bug.cgi?id=1319683 -------------------------------------------------------------------------------- ================================================================================ perl-DBIx-Connector-0.56-1.fc22 (FEDORA-2016-ab786e8f95) Fast, safe DBI connection and transaction management -------------------------------------------------------------------------------- Update Information: 0.56 2016-03-16T17:07:05Z - Added Firebird support, thanks to Stefan Suciu. - Fixed SQLite savepoint support to properly detect SQlite versions 3.9 and higher. - Restored MySQL savepoint testing when the DBICTEST_* environment variables are set. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1318457 - perl-DBIx-Connector-0.56 is available https://bugzilla.redhat.com/show_bug.cgi?id=1318457 -------------------------------------------------------------------------------- ================================================================================ perl-File-Edit-Portable-1.24-1.fc22 (FEDORA-2016-263e541f54) Read and write files while keeping the original line-endings intact -------------------------------------------------------------------------------- Update Information: 1.24 2016-03-14 - fixed bug where recsep() was producing uninit warnings if the file we're looking for an rs in was empty (ie. "-z $fh" is true) (closes #35) - added new test file t/18-bug.t - cleaned up a few Critic issues 1.23 2016-03-10 - no code changes - critic.t now only runs with AUTHOR_TESTING env var set - corrected a couple of other tests that were failing on CPAN testers 1.22 2016-03-07 - last two releases have focused primarily on reliability and far more enhanced unit testing, with a couple new features - recsep() and platform_recsep() can now be imported into the local namespace (non-OO) (closes #23) - cleaned up return structure for recsep types (closes #29) - renamed _open() to _binmode_handle() - cleanup and tidy of all test files - cleanup of numerous unnecessary prereqs in Makefile.PL - write() now uses the correct recsep for a file if multiple read()s are concurrently open (fixes #30) - catch warning and die if write() is called with the 'contents' param set to a previously closed file handle (closes #31) - read() now simply overwrites it's data for a file if it has been read more than once prior to a write() (closes #32) - added t/000-critic.t (closes #33) - fixed minor issues to satisfy critic tests 1.21 2016-03-07 - write() now dies if not called with the 'file' param and more than one file is currently open with read() (fixes #21) - write functions for regex and hex (closes #25) - added _convert_recsep(), which consolidates repetitive code (#25) - added 'type' param to recsep() and platform_recsep(), returns the type of line ending (win, nix, mac, etc) (#25) - added _recsep_regex(), returns the regex instead of having it peppered throughout the code (#25) - added _platform_replace(), replaces file's line endings to platform recsep (de-duplicates code) - added _strip_ends(), removes all line endings from file (also to de-dup code) - remove all requirements/uses of File::Spec::Function (closes #27) - implemented recsep caching (#22), but after benchmarks, it performed worse than no cache, so backed it all out - added/updated numerous tests for recsep() and platform_recsep() due to new 'type' param (closes #26) - update/add other new tests, and small POD fixes/updates -------------------------------------------------------------------------------- References: [ 1 ] Bug #1315521 - perl-File-Edit-Portable-1.24 is available https://bugzilla.redhat.com/show_bug.cgi?id=1315521 -------------------------------------------------------------------------------- ================================================================================ perl-Module-CoreList-5.20160320-1.fc22 (FEDORA-2016-cee16b3951) What modules are shipped with versions of perl -------------------------------------------------------------------------------- Update Information: This releases fixes record for Digest::SHA version in 5.18.4. It also provides data for Perl 5.23.9. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1319536 - perl-Module-CoreList-5.20160320 is available https://bugzilla.redhat.com/show_bug.cgi?id=1319536 -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Date-2.3.0-1.fc22 (FEDORA-2016-e180829700) Horde Date package -------------------------------------------------------------------------------- Update Information: **Horde_Date 2.3.0** * [jan] Add Horde_Date::getTimezoneAlias(). * [jan] Update Greek translation (Limperis Antonis). -------------------------------------------------------------------------------- ================================================================================ pkgdiff-1.7.2-1.fc22 (FEDORA-2016-a9633ba152) A tool for analyzing changes in Linux software packages -------------------------------------------------------------------------------- Update Information: New Features * Ability to download plain-text added/removed patches from the report Bug Fixes * Do not show time stamp in the report * Fixed removal of tmp directory in the rfcdiff-1.41-CUSTOM.sh -------------------------------------------------------------------------------- References: [ 1 ] Bug #1319365 - pkgdiff-1.7.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1319365 -------------------------------------------------------------------------------- ================================================================================ python-qt5-5.5.1-2.fc22.2 (FEDORA-2016-6aa4c7d748) Python bindings for Qt5 -------------------------------------------------------------------------------- Update Information: Add python-qt5-webkit/python3-qt-webkit Provides: to be compatible with future updates with real -webkit sub-packages. -------------------------------------------------------------------------------- ================================================================================ python3-cherrypy-5.1.0-1.fc22 (FEDORA-2016-3d6bbbb918) Pythonic, object-oriented web development framework -------------------------------------------------------------------------------- Update Information: Updated to version 5.1.0, added a patch from an upstream issue that fixes a build test error. -------------------------------------------------------------------------------- ================================================================================ reposurgeon-3.37-1.fc22 (FEDORA-2016-ce81636eec) SCM Repository Manipulation Tool -------------------------------------------------------------------------------- Update Information: 3.37: 2016-03-14 - Prevent two potential crash bug introduced by Python 3 porting. 3.36: 2016-03-13 - The repocutter and repomapper utilities are now 8-bit clean under Python 3. - Reorder 'done' stream terminator after tag and commit creates. - Fix for GitLab issue #52, crash on a weird unite case. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1317319 - reposurgeon-3.37 is available https://bugzilla.redhat.com/show_bug.cgi?id=1317319 -------------------------------------------------------------------------------- ================================================================================ shinken-2.4.3-1.fc22 (FEDORA-2016-5c64b55edc) Python Monitoring tool -------------------------------------------------------------------------------- Update Information: Update from upstream. -------------------------------------------------------------------------------- ================================================================================ yash-2.41-1.fc22 (FEDORA-2016-b72c4476f0) Yet Another SHell -------------------------------------------------------------------------------- Update Information: New version 2.41 is released. -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: http://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
