The following Fedora 22 Security updates need testing: Age URL 349 https://bodhi.fedoraproject.org/updates/FEDORA-2015-5878 echoping-6.1-0.beta.r434svn.1.fc22 298 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9185 ceph-deploy-1.5.25-1.fc22 231 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12781 python-kdcproxy-0.3.2-1.fc22 185 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16239 nagios-4.0.8-1.fc22 173 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2d37e7dacf openstack-swift-2.2.0-6.fc22 143 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9039c25f1d miniupnpc-1.9-6.fc22 125 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4 libpng-1.6.16-4.fc22 125 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6 libpng-1.6.16-5.fc22 107 https://bodhi.fedoraproject.org/updates/FEDORA-2015-3a5cebb105 ImageMagick-6.9.2.7-1.fc22 92 https://bodhi.fedoraproject.org/updates/FEDORA-2015-b9e4c97ff1 sos-3.2-2.fc22 66 https://bodhi.fedoraproject.org/updates/FEDORA-2015-f683150aa0 thttpd-2.25b-37.fc22 54 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4c57c232c0 xulrunner-44.0-1.fc22 42 https://bodhi.fedoraproject.org/updates/FEDORA-2016-560802e52b xdelta-3.0.7-7.fc22 31 https://bodhi.fedoraproject.org/updates/FEDORA-2016-24d134e494 mingw-nsis-2.50-1.fc22 23 https://bodhi.fedoraproject.org/updates/FEDORA-2016-338a7e9925 graphite2-1.3.6-1.fc22 18 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3cbe9ad765 python-pygments-2.1.3-1.fc22 14 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7b40eb9e29 libecap-1.0.0-1.fc22 squid-3.5.10-1.fc22 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-bb7bdd7063 php-pecl-http-2.5.6-1.fc22 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5f44e89fe0 python-tgcaptcha2-0.3.1-1.fc22 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d339d610c1 openssh-6.9p1-11.fc22 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e6651efbaf tomcat-7.0.68-3.fc22 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-161b73fc2c bind99-9.9.8-4.P4.fc22 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-364c0a9df4 bind-9.10.3-9.P4.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ddc8c5c950 seamonkey-2.40-1.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-47c0adc816 webkitgtk3-2.4.10-1.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9ec1850fff webkitgtk-2.4.10-1.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-68b43a4e0d webkitgtk4-2.10.9-1.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-bfaf6a133b qemu-2.3.1-13.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cee7647200 git-2.4.11-1.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ed99cb602e krb5-1.13.2-14.fc22 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-665c11ed92 libmaxminddb-1.1.5-1.fc22 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b91d895e5a moodle-2.8.11-1.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-06e4c327b7 vtun-3.0.3-15.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-dc3740c56e apache-commons-collections-3.2.2-3.fc22 The following Fedora 22 Critical Path updates have yet to be approved: Age URL 224 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13210 yum-3.4.3-508.fc22 143 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2123de044f libgphoto2-2.5.8-1.fc22 139 https://bodhi.fedoraproject.org/updates/FEDORA-2015-48f718ed1b vim-7.4.909-1.fc22 125 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6 libpng-1.6.16-5.fc22 125 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4 libpng-1.6.16-4.fc22 54 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4c57c232c0 xulrunner-44.0-1.fc22 49 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d3fce30d64 mobile-broadband-provider-info-1.20151214-1.fc22 31 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ce419c9cab selinux-policy-3.13.1-128.28.fc22 23 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3b03252507 rpm-4.12.0.1-16.fc22 20 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4d5434d82f parted-3.2-16.fc22 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-364c0a9df4 bind-9.10.3-9.P4.fc22 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-11b32d067d gtk2-2.24.30-1.fc22 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-76aa957f67 gnutls-3.3.22-1.fc22 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d339d610c1 openssh-6.9p1-11.fc22 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4072c51267 dracut-041-15.fc22 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d4e6e32c1c upower-0.99.3-2.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-dbc09943ac ca-certificates-2016.2.7-1.0.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4e719508d2 pcre-8.38-4.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-47c0adc816 webkitgtk3-2.4.10-1.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ed99cb602e krb5-1.13.2-14.fc22 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-33be675c57 firefox-45.0.1-2.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fe22f37fba hwdata-0.287-1.fc22 The following builds have been pushed to Fedora 22 updates-testing apache-commons-collections-3.2.2-3.fc22 fedpkg-1.22-3.fc22 golang-github-coreos-pkg-0-0.6.git2c77715.fc22 golang-github-grpc-grpc-go-0-0.6.gitb88c12e.fc22 golang-github-olekukonko-tablewriter-0-0.2.gitcca8bbc.fc22 golang-github-russross-blackfriday-1.2-14.fc22 golang-github-shurcooL-sanitized_anchor_name-0-0.9.git10ef21a.fc22 golang-googlecode-goprotobuf-0-0.21.git6aaa8d4.fc22 golang-googlecode-net-0-0.31.git6acef71.fc22 kscreenlocker-5.5.5-2.fc22 libreoffice-4.4.7.2-5.fc22 man-pages-3.81-5.fc22 perl-DBD-SQLite-1.46-4.fc22 perl-Qt-0.96.0-14.fc22 php-horde-ingo-3.2.9-1.fc22 php-horde-turba-4.2.13-1.fc22 php-horde-wicked-2.0.5-1.fc22 php-sabre-xml-1.4.0-1.fc22 phpMyAdmin-4.6.0-1.fc22 plasma-systemsettings-5.5.5-2.fc22 python-aiohttp-0.21.5-1.fc22 python-behave-1.2.5-11.fc22 rpkg-1.43-1.fc22 tweak-3.02-1.fc22 uid_wrapper-1.2.1-1.fc22 Details about builds: ================================================================================ apache-commons-collections-3.2.2-3.fc22 (FEDORA-2016-dc3740c56e) Provides new interfaces, implementations and utilities for Java Collections -------------------------------------------------------------------------------- Update Information: Update to upstream version 3.2.2 which fixes serialization vulnerability -------------------------------------------------------------------------------- References: [ 1 ] Bug #1316430 - Version 3.2.1 has a CVSS 10.0 vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=1316430 -------------------------------------------------------------------------------- ================================================================================ fedpkg-1.22-3.fc22 (FEDORA-2016-afd32f1ad8) Fedora utility for working with dist-git -------------------------------------------------------------------------------- Update Information: * new support for dist git namespacing * adds copr-build command -------------------------------------------------------------------------------- ================================================================================ golang-github-coreos-pkg-0-0.6.git2c77715.fc22 (FEDORA-2016-6a7ef7cf22) A collection of go utility packages -------------------------------------------------------------------------------- Update Information: Update ---- Bump to upstream 42a8c3b1a6f917bb8346ef738f32712a7ca0ede7 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1250457 - Tracker for golang-github-coreos-pkg https://bugzilla.redhat.com/show_bug.cgi?id=1250457 [ 2 ] Bug #1245958 - Review Request: golang-github-coreos-pkg - A collection of go utility packages https://bugzilla.redhat.com/show_bug.cgi?id=1245958 -------------------------------------------------------------------------------- ================================================================================ golang-github-grpc-grpc-go-0-0.6.gitb88c12e.fc22 (FEDORA-2016-24e7c79eaa) The Go language implementation of gRPC. HTTP/2 based RPC -------------------------------------------------------------------------------- Update Information: Update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1250461 - Tracker for golang-github-grpc-grpc-go https://bugzilla.redhat.com/show_bug.cgi?id=1250461 -------------------------------------------------------------------------------- ================================================================================ golang-github-olekukonko-tablewriter-0-0.2.gitcca8bbc.fc22 (FEDORA-2016-a1902abcf8) ASCII table in golang -------------------------------------------------------------------------------- Update Information: Update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1320304 - Tracker for golang-github-olekukonko-tablewriter https://bugzilla.redhat.com/show_bug.cgi?id=1320304 -------------------------------------------------------------------------------- ================================================================================ golang-github-russross-blackfriday-1.2-14.fc22 (FEDORA-2016-e8f66ea6e4) Markdown processor implemented in Go -------------------------------------------------------------------------------- Update Information: Update ---- Update spec file to spec-2.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1222338 - Tracker for golang-github-russross-blackfriday https://bugzilla.redhat.com/show_bug.cgi?id=1222338 -------------------------------------------------------------------------------- ================================================================================ golang-github-shurcooL-sanitized_anchor_name-0-0.9.git10ef21a.fc22 (FEDORA-2016-bafa882af5) Package sanitized_anchor_name provides a func to create sanitized anchor names -------------------------------------------------------------------------------- Update Information: Update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1222336 - Tracker for golang-github-shurcooL-sanitized_anchor_name https://bugzilla.redhat.com/show_bug.cgi?id=1222336 -------------------------------------------------------------------------------- ================================================================================ golang-googlecode-goprotobuf-0-0.21.git6aaa8d4.fc22 (FEDORA-2016-d7088441b5) Go support for Google protocol buffers -------------------------------------------------------------------------------- Update Information: Update ---- Bump to upstream 0f7a9caded1fb3c9cc5a9b4bcf2ff633cc8ae644 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1246113 - Tracker for golang-googlecode-goprotobuf https://bugzilla.redhat.com/show_bug.cgi?id=1246113 -------------------------------------------------------------------------------- ================================================================================ golang-googlecode-net-0-0.31.git6acef71.fc22 (FEDORA-2016-7b02da028e) Supplementary Go networking libraries -------------------------------------------------------------------------------- Update Information: Update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1230677 - Tracker for golang-googlecode-net https://bugzilla.redhat.com/show_bug.cgi?id=1230677 -------------------------------------------------------------------------------- ================================================================================ kscreenlocker-5.5.5-2.fc22 (FEDORA-2016-93f6f1ba20) Library and components for secure lock screen architecture -------------------------------------------------------------------------------- Update Information: Add Conflicts: plasma-workspace < 5.5 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1320499 - dnf upgrade from Fedora 21 to 22 fails due to conflicts between plasma-workspace and kscreenlocker https://bugzilla.redhat.com/show_bug.cgi?id=1320499 -------------------------------------------------------------------------------- ================================================================================ libreoffice-4.4.7.2-5.fc22 (FEDORA-2016-42b5d8ffe7) Free Software Productivity Suite -------------------------------------------------------------------------------- Update Information: Resolves: rhbz#1318333 can't open xlsx document -------------------------------------------------------------------------------- References: [ 1 ] Bug #1318333 - can't open xlsx document https://bugzilla.redhat.com/show_bug.cgi?id=1318333 -------------------------------------------------------------------------------- ================================================================================ man-pages-3.81-5.fc22 (FEDORA-2016-2bab047f46) Linux kernel and C library user-space interface documentation -------------------------------------------------------------------------------- Update Information: * backport changes in FTM requirements from version 4.05 * strftime.3: Note which 'tm' fields are used to calculate each output string -------------------------------------------------------------------------------- References: [ 1 ] Bug #1162218 - strftime(3) manpage should specify struct tm elements used/ignored https://bugzilla.redhat.com/show_bug.cgi?id=1162218 [ 2 ] Bug #1083071 - manual pages document _BSD_SOURCE and _SVID_SOURCE feature macros despite that they are deprecated https://bugzilla.redhat.com/show_bug.cgi?id=1083071 -------------------------------------------------------------------------------- ================================================================================ perl-DBD-SQLite-1.46-4.fc22 (FEDORA-2016-4deb64b3c1) SQLite DBI Driver -------------------------------------------------------------------------------- Update Information: This release adapts to disabled FTS3 tokenizer in sqlite-3.11.0. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1309675 - perl-DBD-SQLite-1.50-1.fc24 FTBFS: t/43_fts3.t test fails https://bugzilla.redhat.com/show_bug.cgi?id=1309675 -------------------------------------------------------------------------------- ================================================================================ perl-Qt-0.96.0-14.fc22 (FEDORA-2016-27bf0fbc49) Perl bindings for Qt -------------------------------------------------------------------------------- Update Information: This release fixes code generation with "puic4 -x" command. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1118240 - puic4 is broken: fix provided https://bugzilla.redhat.com/show_bug.cgi?id=1118240 -------------------------------------------------------------------------------- ================================================================================ php-horde-ingo-3.2.9-1.fc22 (FEDORA-2016-a448d08f33) An email filter rules manager -------------------------------------------------------------------------------- Update Information: **ingo 3.2.9** * [mjr] Fix PHP deprecated warnings in unit test (PR #176, Mathieu Parent). * [mjr] Honor 'date', 'echo', and 'ls' path overrides (Bug #14284). * [jan] Update Greek translation (Limperis Antonis). * [jan] Fix Oracle compatibility (Bug #14262). -------------------------------------------------------------------------------- ================================================================================ php-horde-turba-4.2.13-1.fc22 (FEDORA-2016-18ac25d29a) A web based address book -------------------------------------------------------------------------------- Update Information: **turba 4.2.13** * [mjr] Honor alternative_name mapping (Bug #14280). * [mjr] Fix dealing with orphaned virtual address books. * [jan] Update Greek translation (Limperis Antonis). -------------------------------------------------------------------------------- ================================================================================ php-horde-wicked-2.0.5-1.fc22 (FEDORA-2016-78ead7ca0f) Wiki application -------------------------------------------------------------------------------- Update Information: **wicked 2.0.5** * [jan] Use access rules compatible with both Apache 2.2 and 2.4. -------------------------------------------------------------------------------- ================================================================================ php-sabre-xml-1.4.0-1.fc22 (FEDORA-2016-c8e6c54297) XML library that you may not hate -------------------------------------------------------------------------------- Update Information: he sabre/xml library is a specialized XML reader and writer. Autoloader: /usr/share/php/Sabre/Xml/autoload.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1316912 - Review Request: php-sabre-xml - XML library that you may not hate https://bugzilla.redhat.com/show_bug.cgi?id=1316912 -------------------------------------------------------------------------------- ================================================================================ phpMyAdmin-4.6.0-1.fc22 (FEDORA-2016-282e0086b4) Handle the administration of MySQL over the World Wide Web -------------------------------------------------------------------------------- Update Information: >From upstream [Release Notes](https://www.phpmyadmin.net/files/4.6.0/): Welcome to phpMyAdmin 4.6.0, a regular maintenance release including over 60 new features and bug fixes. Please note that this release ends support for old versions of Microsoft Internet Explorer, which are no longer supported by Microsoft. There is a new configuration directive, $cfg['Servers'][$i]['ssl_verify'] which is useful in some cases with self-signed certificates. The ForceSSL and PmaAbsoluteUri configuration directives have been removed (the functions of both of these should better be handled by the webserver than the application). A complete list of new features and bugs that have been fixed is available in the ChangeLog file or changelog.php included with this release. A few highlights: * Allow setting routine-wise privileges * UI for defining partitioning in create table window * Support JSON data type * Editing partitions in table Structure * Copy results to clipboard * Reactivate cut&paste possibility in print view * Display binary strings as text if they are valid UTF-8 * Copy multiple tables to database * Show MySQL error messages in user language * Add new configuration directive 'ssl_verify' for self-signed certificates with mysqlnd and PHP >=5.6 * Remove ForceSSL and PmaAbsoluteUri configuration directives (these are better handled by proper webserver configuration) * Fixed several bugs relating to exporting, particularly with DEFAULT and COMMENT fields There are many more improvements; please refer to the ChangeLog for full details. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1320352 - phpMyAdmin-4.6.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1320352 -------------------------------------------------------------------------------- ================================================================================ plasma-systemsettings-5.5.5-2.fc22 (FEDORA-2016-69f0123658) KDE System Settings application -------------------------------------------------------------------------------- Update Information: Add Conflicts: kde-workspace < 5.0 to give extra depsolver hints on upgrades -------------------------------------------------------------------------------- References: [ 1 ] Bug #1268493 - dnf system upgrade fails due to conflict between plasma-systemsettings.f22 kde-workspace.f21 https://bugzilla.redhat.com/show_bug.cgi?id=1268493 -------------------------------------------------------------------------------- ================================================================================ python-aiohttp-0.21.5-1.fc22 (FEDORA-2016-83393afd92) A Python HTTP client/server for asyncio -------------------------------------------------------------------------------- Update Information: Update to new upstream version 0.21.5 -------------------------------------------------------------------------------- ================================================================================ python-behave-1.2.5-11.fc22 (FEDORA-2016-9f2f951cca) Tools for the behavior-driven development, Python style -------------------------------------------------------------------------------- Update Information: /usr/bin/behave belongs to python2 package still (#1319632) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1319632 - No executable with python-behave https://bugzilla.redhat.com/show_bug.cgi?id=1319632 -------------------------------------------------------------------------------- ================================================================================ rpkg-1.43-1.fc22 (FEDORA-2016-afd32f1ad8) Utility for interacting with rpm+git packaging systems -------------------------------------------------------------------------------- Update Information: * new support for dist git namespacing * adds copr-build command -------------------------------------------------------------------------------- ================================================================================ tweak-3.02-1.fc22 (FEDORA-2016-354afa4ef5) An efficient hex editor -------------------------------------------------------------------------------- Update Information: New version 3.02 -------------------------------------------------------------------------------- ================================================================================ uid_wrapper-1.2.1-1.fc22 (FEDORA-2016-dfeafdcb7f) A wrapper for privilege separation -------------------------------------------------------------------------------- Update Information: Update to version 1.2.1 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: http://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
