The following Fedora 22 Security updates need testing: Age URL 369 https://bodhi.fedoraproject.org/updates/FEDORA-2015-5878 echoping-6.1-0.beta.r434svn.1.fc22 318 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9185 ceph-deploy-1.5.25-1.fc22 251 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12781 python-kdcproxy-0.3.2-1.fc22 205 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16239 nagios-4.0.8-1.fc22 194 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2d37e7dacf openstack-swift-2.2.0-6.fc22 163 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9039c25f1d miniupnpc-1.9-6.fc22 145 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4 libpng-1.6.16-4.fc22 145 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6 libpng-1.6.16-5.fc22 127 https://bodhi.fedoraproject.org/updates/FEDORA-2015-3a5cebb105 ImageMagick-6.9.2.7-1.fc22 112 https://bodhi.fedoraproject.org/updates/FEDORA-2015-b9e4c97ff1 sos-3.2-2.fc22 86 https://bodhi.fedoraproject.org/updates/FEDORA-2015-f683150aa0 thttpd-2.25b-37.fc22 75 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4c57c232c0 xulrunner-44.0-1.fc22 62 https://bodhi.fedoraproject.org/updates/FEDORA-2016-560802e52b xdelta-3.0.7-7.fc22 51 https://bodhi.fedoraproject.org/updates/FEDORA-2016-24d134e494 mingw-nsis-2.50-1.fc22 43 https://bodhi.fedoraproject.org/updates/FEDORA-2016-338a7e9925 graphite2-1.3.6-1.fc22 39 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3cbe9ad765 python-pygments-2.1.3-1.fc22 34 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7b40eb9e29 libecap-1.0.0-1.fc22 squid-3.5.10-1.fc22 33 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5f44e89fe0 python-tgcaptcha2-0.3.1-1.fc22 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-250042b8a6 xstream-1.4.9-1.fc22 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7eb5caa94d parallel-20160222-1.fc22 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8d4b68e412 imlib2-1.4.8-1.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d19ed2f80d squid-3.5.10-2.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-880b91c090 xerces-c-3.1.3-1.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-db13edba7c libreswan-3.17-1.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-96bfd9e873 libtasn1-4.8-1.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-657a4a658e glpi-0.90.3-1.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a028331ebc poppler-0.30.0-4.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6cf17ad0df springframework-amqp-1.3.9-4.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-48b3761baa samba-4.2.11-0.fc22 The following Fedora 22 Critical Path updates have yet to be approved: Age URL 245 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13210 yum-3.4.3-508.fc22 163 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2123de044f libgphoto2-2.5.8-1.fc22 145 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6 libpng-1.6.16-5.fc22 145 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4 libpng-1.6.16-4.fc22 75 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4c57c232c0 xulrunner-44.0-1.fc22 69 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d3fce30d64 mobile-broadband-provider-info-1.20151214-1.fc22 51 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ce419c9cab selinux-policy-3.13.1-128.28.fc22 43 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3b03252507 rpm-4.12.0.1-16.fc22 40 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4d5434d82f parted-3.2-16.fc22 31 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4072c51267 dracut-041-15.fc22 27 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d4e6e32c1c upower-0.99.3-2.fc22 22 https://bodhi.fedoraproject.org/updates/FEDORA-2016-33be675c57 firefox-45.0.1-2.fc22 21 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fe22f37fba hwdata-0.287-1.fc22 15 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f5078f60f9 ntfs-3g-2016.2.22-1.fc22 testdisk-7.0-7.fc22 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-dedd49a5b7 lorax-22.14-1.fc22 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8d4b68e412 imlib2-1.4.8-1.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-50cc0dbbde wavpack-4.75.2-1.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6d6f111230 elfutils-0.166-1.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1576899f4e gnome-settings-daemon-3.16.5-1.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-922ad45d24 gcc-python-plugin-0.14-4.3.fc22 gcc-5.3.1-6.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9097b02af0 vim-7.4.1718-1.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-48b3761baa samba-4.2.11-0.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a028331ebc poppler-0.30.0-4.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2cdfd91ad1 webkitgtk3-2.4.11-1.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a18dc43d88 control-center-3.16.4-1.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-96bfd9e873 libtasn1-4.8-1.fc22 The following builds have been pushed to Fedora 22 updates-testing R-RInside-0.2.13-3.fc22 R-Rcpp-0.12.4-1.fc22 atomic-reactor-1.6.5-1.fc22 control-center-3.16.4-1.fc22 cppcheck-1.73-1.fc22 deluge-1.3.12-3.fc22 fedfind-2.4.4-1.fc22 gcompris-15.10-6.fc22 glpi-0.90.3-1.fc22 golang-github-prometheus-procfs-0-0.14.git406e5b7.fc22 golang-github-shurcooL-sanitized_anchor_name-0-0.10.git10ef21a.fc22 haproxy-1.5.16-3.fc22 iprutils-2.4.11.1-1.fc22 keepalived-1.2.20-1.fc22 libndn-cxx-0.4.1-1.fc22 libtasn1-4.8-1.fc22 liveusb-creator-3.92.1-1.fc22 mate-themes-3.16.1-1.fc22 menulibre-2.1.3-1.fc22 nacl-gcc-4.4.3-18.20150504gitf80d6b9.fc22 nacl-newlib-2.1.0-9.20150528git8c4da47.fc22 osbs-client-0.20-1.fc22 peervpn-0.044-1.fc22 php-bartlett-php-compatinfo-db-1.7.0-1.fc22 php-composer-installers-1.0.24-1.fc22 php-doctrine-dbal-2.5.4-1.fc22 poppler-0.30.0-4.fc22 privoxy-3.0.24-1.fc22 pythia8-8.2.15-1.fc22 qbittorrent-3.3.4-1.fc22 qsstv-9.1.3-1.fc22 qutebrowser-0.6.1-1.fc22 rebase-helper-0.7.3-1.fc22 root-5.34.36-1.fc22 samba-4.2.11-0.fc22 springframework-amqp-1.3.9-4.fc22 texworks-0.6.0-1.fc22 webkitgtk-2.4.11-1.fc22 webkitgtk3-2.4.11-1.fc22 xpad-4.8.0-1.fc22 Details about builds: ================================================================================ R-RInside-0.2.13-3.fc22 (FEDORA-2016-8187a5d85c) C++ Classes to Embed R in C++ Applications -------------------------------------------------------------------------------- Update Information: R-Rcpp updated to new upstream release. R-RInside rebuilt using the new R-Rcpp version. -------------------------------------------------------------------------------- ================================================================================ R-Rcpp-0.12.4-1.fc22 (FEDORA-2016-8187a5d85c) Seamless R and C++ Integration -------------------------------------------------------------------------------- Update Information: R-Rcpp updated to new upstream release. R-RInside rebuilt using the new R-Rcpp version. -------------------------------------------------------------------------------- ================================================================================ atomic-reactor-1.6.5-1.fc22 (FEDORA-2016-5201884cca) Improved builder for Docker images -------------------------------------------------------------------------------- Update Information: New upstream release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1304907 - atomic-reactor-1.6.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1304907 -------------------------------------------------------------------------------- ================================================================================ control-center-3.16.4-1.fc22 (FEDORA-2016-a18dc43d88) Utilities to configure the GNOME desktop -------------------------------------------------------------------------------- Update Information: # Updated translations # Fix a few memory leaks # Notifications: * Don't crash because of zero-length string # Printers: * Fix crash when certain characters were used, adding a printer manually # Region: * Show the current locale instead of en_US as the language if not already set. This happened for newly created users. # Sharing: * Ensure Tracker rygel plugin is disabled -------------------------------------------------------------------------------- ================================================================================ cppcheck-1.73-1.fc22 (FEDORA-2016-d5453ab215) Tool for static C/C++ code analysis -------------------------------------------------------------------------------- Update Information: Update to 1.73, see full list of changes at https://sourceforge.net/p/cppcheck/news/. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1282119 - cppcheck-1.73 is available https://bugzilla.redhat.com/show_bug.cgi?id=1282119 -------------------------------------------------------------------------------- ================================================================================ deluge-1.3.12-3.fc22 (FEDORA-2016-b6ac96d107) A GTK+ BitTorrent client with support for DHT, UPnP, and PEX -------------------------------------------------------------------------------- Update Information: Small bugfix release for misc. GTK UI bugs. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1219582 - [abrt] deluge-gtk: torrentview.py:457:update_view:TypeError: value is of the wrong type for this column https://bugzilla.redhat.com/show_bug.cgi?id=1219582 [ 2 ] Bug #1223058 - [abrt] deluge-gtk: addtorrentdialog.py:258:add_from_magnets:UnboundLocalError: local variable 'info_hash' referenced before assignment https://bugzilla.redhat.com/show_bug.cgi?id=1223058 -------------------------------------------------------------------------------- ================================================================================ fedfind-2.4.4-1.fc22 (FEDORA-2016-21b3c07212) Fedora Finder finds Fedora -------------------------------------------------------------------------------- Update Information: This update provides a new release of fedfind, which improves the `pdc_query` function and adds a `get_weight` function to the helpers module, both needed for the new [fedora_nightlies](https://pagure.io/fedora_nightlies) project. -------------------------------------------------------------------------------- ================================================================================ gcompris-15.10-6.fc22 (FEDORA-2016-f00608f88a) Educational suite for kids 2-10 years old -------------------------------------------------------------------------------- Update Information: - Put administration panel launcher in a -administration sub-pkg, make it an addon to gcompris in appdata - Add Requires: gstreamer-plugins-base - Fix crash in falling letters due to double free -------------------------------------------------------------------------------- References: [ 1 ] Bug #1322031 - [abrt] gcompris: is_letter_equal(): gcompris killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1322031 [ 2 ] Bug #1303340 - GCompris 15.x must be run as root for audio https://bugzilla.redhat.com/show_bug.cgi?id=1303340 -------------------------------------------------------------------------------- ================================================================================ glpi-0.90.3-1.fc22 (FEDORA-2016-657a4a658e) Free IT asset management software -------------------------------------------------------------------------------- Update Information: **Version 0.90.3** * security update to prevent a minor vulnerability * fix issues with post-only ticket form See [changelog](https://github.com/glpi- project/glpi/issues?q=milestone:0.90.3) for more details. ---- **Version 0.90.2** Include bugfixes and some minor features : * An alert in central page when some of your mysql tables are marked as crashed * A better flexibility in splitted layout for small screens * More fields in Search- engine (Document comments, ticket id for Changes) * Redirect to previous page after a profile switching (when it is possible) * An icon for default document type * A better compatibility when collecting emails from office365 See [changelog](https://github.com/glpi-project/glpi/issues?q=milestone:0.90.2) This package also fix the logrotate configuration. -------------------------------------------------------------------------------- ================================================================================ golang-github-prometheus-procfs-0-0.14.git406e5b7.fc22 (FEDORA-2016-1f81413b99) Functions to retrieve system, kernel and process metrics from the /proc fs -------------------------------------------------------------------------------- Update Information: Polish the spec file ---- Update for etcd-2.2.1 ---- Update spec file to spec-2.0 Bump to upstream c91d8eefde16bd047416409eb56353ea84a186e4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1326057 - buggy spec for s390x/gcc-go https://bugzilla.redhat.com/show_bug.cgi?id=1326057 [ 2 ] Bug #1214778 - Tracker for golang-github-prometheus-procfs https://bugzilla.redhat.com/show_bug.cgi?id=1214778 -------------------------------------------------------------------------------- ================================================================================ golang-github-shurcooL-sanitized_anchor_name-0-0.10.git10ef21a.fc22 (FEDORA-2016-a4f146ff25) Package sanitized_anchor_name provides a func to create sanitized anchor names -------------------------------------------------------------------------------- Update Information: Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1222336 - Tracker for golang-github-shurcooL-sanitized_anchor_name https://bugzilla.redhat.com/show_bug.cgi?id=1222336 [ 2 ] Bug #1326056 - buggy spec for s390x/gcc-go https://bugzilla.redhat.com/show_bug.cgi?id=1326056 -------------------------------------------------------------------------------- ================================================================================ haproxy-1.5.16-3.fc22 (FEDORA-2016-adbc267b63) HAProxy reverse proxy for high availability environments -------------------------------------------------------------------------------- Update Information: Update to 1.5.16 -------------------------------------------------------------------------------- ================================================================================ iprutils-2.4.11.1-1.fc22 (FEDORA-2016-29485a361f) Utilities for the IBM Power Linux RAID adapters -------------------------------------------------------------------------------- Update Information: Update to 2.4.11.1 -------------------------------------------------------------------------------- ================================================================================ keepalived-1.2.20-1.fc22 (FEDORA-2016-76a87ed287) High Availability monitor built upon LVS, VRRP and service pollers -------------------------------------------------------------------------------- Update Information: Update to 1.2.20 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1323526 - keepalived-1.2.20 is available https://bugzilla.redhat.com/show_bug.cgi?id=1323526 -------------------------------------------------------------------------------- ================================================================================ libndn-cxx-0.4.1-1.fc22 (FEDORA-2016-09a3136788) C++ library implementing Named Data Networking primitives -------------------------------------------------------------------------------- Update Information: New release -------------------------------------------------------------------------------- ================================================================================ libtasn1-4.8-1.fc22 (FEDORA-2016-96bfd9e873) The ASN.1 library used in GNUTLS -------------------------------------------------------------------------------- Update Information: Update to 4.8 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1325965 - libtasn1: infinite loop while parsing DER certificates https://bugzilla.redhat.com/show_bug.cgi?id=1325965 -------------------------------------------------------------------------------- ================================================================================ liveusb-creator-3.92.1-1.fc22 (FEDORA-2016-77e613d54d) Fedora Media Writer -------------------------------------------------------------------------------- Update Information: Updated to another upstream pre-release -------------------------------------------------------------------------------- ================================================================================ mate-themes-3.16.1-1.fc22 (FEDORA-2016-1ad0e25d36) MATE Desktop themes -------------------------------------------------------------------------------- Update Information: update latest upstream version -------------------------------------------------------------------------------- ================================================================================ menulibre-2.1.3-1.fc22 (FEDORA-2016-5f9abcd55d) FreeDesktop.org compliant menu editor -------------------------------------------------------------------------------- Update Information: Update to upstream release 2.1.3. -------------------------------------------------------------------------------- ================================================================================ nacl-gcc-4.4.3-18.20150504gitf80d6b9.fc22 (FEDORA-2016-26a2a4f89f) C and C++ compilers for nacl -------------------------------------------------------------------------------- Update Information: New packages: nacl-gcc and nacl-newlib - toolchain components used to build nacl support in Chromium -------------------------------------------------------------------------------- References: [ 1 ] Bug #1270358 - Review Request: nacl-newlib - C library intended for use on embedded systems https://bugzilla.redhat.com/show_bug.cgi?id=1270358 [ 2 ] Bug #1270357 - Review Request: nacl-gcc - Various compilers (C, C++) for nacl https://bugzilla.redhat.com/show_bug.cgi?id=1270357 -------------------------------------------------------------------------------- ================================================================================ nacl-newlib-2.1.0-9.20150528git8c4da47.fc22 (FEDORA-2016-26a2a4f89f) C library intended for use on embedded systems -------------------------------------------------------------------------------- Update Information: New packages: nacl-gcc and nacl-newlib - toolchain components used to build nacl support in Chromium -------------------------------------------------------------------------------- References: [ 1 ] Bug #1270358 - Review Request: nacl-newlib - C library intended for use on embedded systems https://bugzilla.redhat.com/show_bug.cgi?id=1270358 [ 2 ] Bug #1270357 - Review Request: nacl-gcc - Various compilers (C, C++) for nacl https://bugzilla.redhat.com/show_bug.cgi?id=1270357 -------------------------------------------------------------------------------- ================================================================================ osbs-client-0.20-1.fc22 (FEDORA-2016-c2e54b061f) Python command line client for OpenShift Build Service -------------------------------------------------------------------------------- Update Information: New upstream release. ---- New upstream release. ---- New upstream release. -------------------------------------------------------------------------------- ================================================================================ peervpn-0.044-1.fc22 (FEDORA-2016-f53d9ef10f) A VPN software using full mesh network topology -------------------------------------------------------------------------------- Update Information: Update to 0.044 -------------------------------------------------------------------------------- ================================================================================ php-bartlett-php-compatinfo-db-1.7.0-1.fc22 (FEDORA-2016-f3b0586d71) Reference Database to be used with php-compatinfo library -------------------------------------------------------------------------------- Update Information: **Version 1.7.0** - 2016-04-11 * Added * Support to PHP 7.0.5 * Support to PHP 5.6.20 * Support to PHP 5.5.34 * Changed * Imagick reference updated to version 3.4.1 (stable) * Lzf reference updated to version 1.6.5 (stable) * Mongo reference updated to version 1.6.13 (stable) -------------------------------------------------------------------------------- ================================================================================ php-composer-installers-1.0.24-1.fc22 (FEDORA-2016-c415d6c762) A multi-framework Composer library installer -------------------------------------------------------------------------------- Update Information: ### v1.0.24 * Added ImageCMS installer. * Update Bitrix installer: configuration for setting custom path to directory with kernel. * Remove TYPO3 Extension installers [#281](https://github.com/composer/installers/pull/281). * Added new types in the Kirby installer: kirby-plugin and kirby-field. * Added Mautic installer. * Added new types in the Drupal installer: custom-theme and custom-module. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1325590 - php-composer-installers-1.0.24 is available https://bugzilla.redhat.com/show_bug.cgi?id=1325590 -------------------------------------------------------------------------------- ================================================================================ php-doctrine-dbal-2.5.4-1.fc22 (FEDORA-2016-eb6298ca8a) Doctrine Database Abstraction Layer (DBAL) -------------------------------------------------------------------------------- Update Information: ### v2.5.4 * 2249: Compatibility mis-match? PGSQL_ATTR_DISABLE_PREPARES in v2.5.2 (in a PHP 5.6.16 envt) * 2272: [DBAL-1779] Fix string column type declarations with whitespace on SQLite * 2273: Fix usage of PDO::PGSQL_ATTR_DISABLE_PREPARES for edge case pdo_pgsql setups ### v2.5.3 * 818: Rebuild SQLServerPlatform::doModifyLimitQuery again to use a CTE * 2268: #2260 - loosening doctrine/common requirement: allowing 2.6.x ### v2.5.2 #### Bug * [DBAL-1115] - [GH-773] Fix quoted identifiers for database creation SQL on SQL Anywhere * [DBAL-1121] - [GH-777] Make host and server connection parameters optional for sqlanywhere driver * [DBAL-1128] - [GH-782] Fix: SQLite offset with no limit support * [DBAL-1132] - [GH-786] Fix removing autoincrement column from a primary key * [DBAL-1137] - Infinite recursion on non-unique table/join alias in QueryBuilder * [DBAL-1154] - [GH-806] Fix broken functional test for SQL server * [DBAL-1169] - [GH-815] Fix for inconsistent use of getSQLDeclaration * [DBAL-1181] - [GH-822] Fix for bad profiling data, showing an indefinitely long query * [DBAL-1183] - [GH-823] fix client_encoding setting to support pgbouncer * [DBAL-1186] - [GH-826] fix incorrect ordering of columns in clustered indexes on sql server * [DBAL-1189] - [GH-828] rehashed charset implementation to support old versions of postgresql * [DBAL-1192] - [GH-831] allow hhvm/mysqli failure so poor travis can feel better * [DBAL-1215] - [GH-844] template1 as default database for PostgreSQL * [DBAL-1217] - [GH-846] Fix retrieving the database name connected to for SQL Server * [DBAL-1218] - [GH-847] [DBAL-1217] Fix retrieving the database name connected to for SQL Anywhere * [DBAL-1220] - [GH-849] Fix dropping database with active connection on PostgreSQL * [DBAL-1233] - TEXT type in MSSQL should be NVARCHAR(MAX) not VARCHAR(MAX) * [DBAL-1240] - [GH-864] Fix undefined notices within MasterSlaveConnection * [DBAL-1260] - [GH-878] Fix call on non-object in ping() with PDO wrapper * [DBAL-1296] - [GH-903] Override methods for sharding connection #### Documentation * [DBAL-1174] - [GH-817] Fixed a minor typo #### Improvement * [DBAL-1159] - [GH-809] travis: PHP 7.0 nightly added * [DBAL-1270] - [GH-886] Add test for MariaDB 5.5, 10.0 and 10.1 on Travis #### Task * [DBAL-1299] - [GH-906] [2.5] Fix allowed failures for HHVM + MariaDB builds on Travis -------------------------------------------------------------------------------- References: [ 1 ] Bug #1153987 - php-doctrine-dbal-2.5.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1153987 -------------------------------------------------------------------------------- ================================================================================ poppler-0.30.0-4.fc22 (FEDORA-2016-a028331ebc) PDF rendering library -------------------------------------------------------------------------------- Update Information: A heap buffer overflow vulnerability was removed from the poppler library. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1326226 - poppler: heap buffer overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1326226 -------------------------------------------------------------------------------- ================================================================================ privoxy-3.0.24-1.fc22 (FEDORA-2016-355565dd9a) Privacy enhancing proxy -------------------------------------------------------------------------------- Update Information: 3.0.24 https://www.privoxy.org/announce.txt -------------------------------------------------------------------------------- References: [ 1 ] Bug #1325595 - privoxy-3.0.24 is available https://bugzilla.redhat.com/show_bug.cgi?id=1325595 -------------------------------------------------------------------------------- ================================================================================ pythia8-8.2.15-1.fc22 (FEDORA-2016-db3d6e9e1b) Pythia Event Generator for High Energy Physics -------------------------------------------------------------------------------- Update Information: Update to root 5.34.36. Also a new pythia8 version -------------------------------------------------------------------------------- ================================================================================ qbittorrent-3.3.4-1.fc22 (FEDORA-2016-e9beba0935) A Bittorrent Client -------------------------------------------------------------------------------- Update Information: New minor release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1322187 - qbittorrent-3.3.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1322187 -------------------------------------------------------------------------------- ================================================================================ qsstv-9.1.3-1.fc22 (FEDORA-2016-96755a1f3b) Qt-based slow-scan TV and fax -------------------------------------------------------------------------------- Update Information: 20160410 QSSTV 9.1.3 * fixing compiler error: missing function cleanupcache in release mode 20160409 QSSTV 9.1.2 * implementation of image cache for faster image display in the gallery bug fix ,race condition for RxNotification 20160408 QSSTV 9.1.1 * replaced jpeg2000 library Jasper with openjpeg because some distros won't support Jasper anymore. Jasper has not been maintained for more than 10 years. 20151130 QSSTV 9.0.9 * directories are auto-created if they don't exist * additional CAT command now also works with rigctld 20150930 QSSTV 9.0.8 * fix DRM status update 20150929 QSSTV 9.0.7 * fixed hang on exit -------------------------------------------------------------------------------- References: [ 1 ] Bug #1325618 - qsstv-9.1.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1325618 -------------------------------------------------------------------------------- ================================================================================ qutebrowser-0.6.1-1.fc22 (FEDORA-2016-598f24ac09) A keyboard-driven, vim-like browser based on PyQt5 and QtWebKit -------------------------------------------------------------------------------- Update Information: Upgrade straight from 0.5.x to 0.6.1. The skipped over 0.6.0 had a bug straight on the quickstart page, which was reported and promptly solved. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1323867 - qutebrowser-v0.6.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1323867 -------------------------------------------------------------------------------- ================================================================================ rebase-helper-0.7.3-1.fc22 (FEDORA-2016-0428d8751d) The tool which helps you with rebase package -------------------------------------------------------------------------------- Update Information: New upstream release 0.7.3. It contains fixes. (#1325599) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1325599 - rebase-helper-0.7.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1325599 -------------------------------------------------------------------------------- ================================================================================ root-5.34.36-1.fc22 (FEDORA-2016-db3d6e9e1b) Numerical data analysis framework -------------------------------------------------------------------------------- Update Information: Update to root 5.34.36. Also a new pythia8 version -------------------------------------------------------------------------------- ================================================================================ samba-4.2.11-0.fc22 (FEDORA-2016-48b3761baa) Server and Client software to interoperate with Windows machines -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1309987 - CVE-2015-5370 samba: crash in dcesrv_auth_bind_ack due to missing error check https://bugzilla.redhat.com/show_bug.cgi?id=1309987 [ 2 ] Bug #1311893 - CVE-2016-2110 samba: Man-in-the-middle attacks possible with NTLMSSP authentication https://bugzilla.redhat.com/show_bug.cgi?id=1311893 [ 3 ] Bug #1311902 - CVE-2016-2111 samba: Spoofing vulnerability when domain controller is configured https://bugzilla.redhat.com/show_bug.cgi?id=1311902 [ 4 ] Bug #1311903 - CVE-2016-2112 samba: Missing downgrade detection https://bugzilla.redhat.com/show_bug.cgi?id=1311903 [ 5 ] Bug #1311910 - CVE-2016-2113 samba: Server certificates not validated at client side https://bugzilla.redhat.com/show_bug.cgi?id=1311910 [ 6 ] Bug #1312082 - CVE-2016-2114 samba: Samba based active directory domain controller does not enforce smb signing https://bugzilla.redhat.com/show_bug.cgi?id=1312082 [ 7 ] Bug #1312084 - CVE-2016-2115 samba: Smb signing not required by default when smb client connection is used for ipc usage https://bugzilla.redhat.com/show_bug.cgi?id=1312084 [ 8 ] Bug #1317990 - CVE-2016-2118 samba: SAMR and LSA man in the middle attacks https://bugzilla.redhat.com/show_bug.cgi?id=1317990 -------------------------------------------------------------------------------- ================================================================================ springframework-amqp-1.3.9-4.fc22 (FEDORA-2016-6cf17ad0df) Support for Spring programming model with AMQP -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-2173 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1326205 - CVE-2016-2173 springframework-amqp: remote code execution https://bugzilla.redhat.com/show_bug.cgi?id=1326205 -------------------------------------------------------------------------------- ================================================================================ texworks-0.6.0-1.fc22 (FEDORA-2016-3da4736e1c) A simple IDE for authoring TeX documents -------------------------------------------------------------------------------- Update Information: * Complete redesign of the PDF previewer using QtPDF by Charlie Sharpsteen * Fast and responsive preview even at very high magnifications * New page modes: continuous scrolling and two-column layout * Text selection/copying from the PDF * Go back to previous view after clicking on a link using Alt+left arrow * Fix disappearing spellcheck underline with some fonts/font sizes in Qt 5 * Update the width of the line number display when changing the editor font * Show a note in the "About Scripts" dialog for disabled script languages -------------------------------------------------------------------------------- References: [ 1 ] Bug #1325668 - texworks-0.6.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1325668 -------------------------------------------------------------------------------- ================================================================================ webkitgtk-2.4.11-1.fc22 (FEDORA-2016-775b60e5ee) GTK+ Web content engine library -------------------------------------------------------------------------------- Update Information: This update resolves following issues: * Fix a crash when changing elment attributes with DOM bindings - rhbz#1321722 * Fix the build on ARM64 Translation updates: * Chinese * Japanese ---- This update fixes a regression causing various crashes in various WebKitGTK+ consumers. -------------------------------------------------------------------------------- ================================================================================ webkitgtk3-2.4.11-1.fc22 (FEDORA-2016-2cdfd91ad1) GTK+ Web content engine library -------------------------------------------------------------------------------- Update Information: This update resolves following issues: * Fix a crash when changing elment attributes with DOM bindings - rhbz#1321722 * Fix the build on ARM64 Translation updates: * Chinese * Japanese ---- This update fixes a regression causing various crashes in Evolution and other WebKitGTK+ consumers. ---- This update addresses the following vulnerabilities: * [CVE-2015-1120](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1120) * [CVE-2015-1076](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1076) * [CVE-2015-1071](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1071) * [CVE-2015-1081](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1081) * [CVE-2015-1122](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1122) * [CVE-2015-1155](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1155) * [CVE-2014-1748](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1748) * [CVE-2015-3752](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3752) * [CVE-2015-5809](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5809) * [CVE-2015-5928](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5928) * [CVE-2015-3749](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3749) * [CVE-2015-3659](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3659) * [CVE-2015-3748](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3748) * [CVE-2015-3743](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3743) * [CVE-2015-3731](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3731) * [CVE-2015-3745](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3745) * [CVE-2015-5822](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5822) * [CVE-2015-3658](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3658) * [CVE-2015-3741](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3741) * [CVE-2015-3727](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3727) * [CVE-2015-5801](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5801) * [CVE-2015-5788](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5788) * [CVE-2015-3747](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3747) * [CVE-2015-5794](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5794) * [CVE-2015-1127](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1127) * [CVE-2015-1153](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1153) * [CVE-2015-1083](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1083) Additional fixes: * Fix rendering of form controls and scrollbars with GTK+ >= 3.19 * Fix crashes on PowerPC 64. * Fix the build on PowerPC 32. * Add ARM64 build support. Translation updates * German * Spanish * French * Italian * Korean * Brazilian Portuguese * Russian * Chinese. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1321722 - [abrt] evolution: WTF::StringImpl::startsWith(): SIGSEGV with webkitgtk3-2.4.10 https://bugzilla.redhat.com/show_bug.cgi?id=1321722 -------------------------------------------------------------------------------- ================================================================================ xpad-4.8.0-1.fc22 (FEDORA-2016-a347976931) Sticky notepad for GTK -------------------------------------------------------------------------------- Update Information: New upstream release with various bugfixes. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1325659 - xpad-4.8.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1325659 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: http://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
