The following Fedora 22 Security updates need testing: Age URL 385 https://bodhi.fedoraproject.org/updates/FEDORA-2015-5878 echoping-6.1-0.beta.r434svn.1.fc22 334 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9185 ceph-deploy-1.5.25-1.fc22 267 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12781 python-kdcproxy-0.3.2-1.fc22 221 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16239 nagios-4.0.8-1.fc22 209 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2d37e7dacf openstack-swift-2.2.0-6.fc22 179 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9039c25f1d miniupnpc-1.9-6.fc22 161 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4 libpng-1.6.16-4.fc22 161 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6 libpng-1.6.16-5.fc22 143 https://bodhi.fedoraproject.org/updates/FEDORA-2015-3a5cebb105 ImageMagick-6.9.2.7-1.fc22 128 https://bodhi.fedoraproject.org/updates/FEDORA-2015-b9e4c97ff1 sos-3.2-2.fc22 102 https://bodhi.fedoraproject.org/updates/FEDORA-2015-f683150aa0 thttpd-2.25b-37.fc22 90 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4c57c232c0 xulrunner-44.0-1.fc22 78 https://bodhi.fedoraproject.org/updates/FEDORA-2016-560802e52b xdelta-3.0.7-7.fc22 67 https://bodhi.fedoraproject.org/updates/FEDORA-2016-24d134e494 mingw-nsis-2.50-1.fc22 59 https://bodhi.fedoraproject.org/updates/FEDORA-2016-338a7e9925 graphite2-1.3.6-1.fc22 54 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3cbe9ad765 python-pygments-2.1.3-1.fc22 50 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7b40eb9e29 libecap-1.0.0-1.fc22 squid-3.5.10-1.fc22 23 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8d4b68e412 imlib2-1.4.8-1.fc22 21 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d19ed2f80d squid-3.5.10-2.fc22 15 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a028331ebc poppler-0.30.0-4.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-75063477ca xen-4.5.3-2.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ab154c56dd ansible-2.0.2.0-1.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-373c063e79 kernel-4.4.8-200.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a9c8f9dcff roundcubemail-1.1.5-1.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5a9313e4b4 perl-5.20.3-330.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c1bad2b755 thunderbird-45.0-2.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1aaf308de4 community-mysql-5.6.30-1.fc22 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4a5ce6a6c0 cacti-0.8.8g-1.fc22 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-927aade89c rpm-4.12.0.1-17.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6fd7a31d36 pgpdump-0.30-1.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cad1ff2dbb firefox-46.0-4.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e205218629 php-5.6.21-1.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7d6cbcadca gd-2.1.1-3.fc22 The following Fedora 22 Critical Path updates have yet to be approved: Age URL 260 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13210 yum-3.4.3-508.fc22 179 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2123de044f libgphoto2-2.5.8-1.fc22 161 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6 libpng-1.6.16-5.fc22 161 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4 libpng-1.6.16-4.fc22 90 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4c57c232c0 xulrunner-44.0-1.fc22 85 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d3fce30d64 mobile-broadband-provider-info-1.20151214-1.fc22 67 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ce419c9cab selinux-policy-3.13.1-128.28.fc22 56 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4d5434d82f parted-3.2-16.fc22 43 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d4e6e32c1c upower-0.99.3-2.fc22 23 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8d4b68e412 imlib2-1.4.8-1.fc22 19 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1576899f4e gnome-settings-daemon-3.16.5-1.fc22 15 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a028331ebc poppler-0.30.0-4.fc22 15 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a18dc43d88 control-center-3.16.4-1.fc22 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-027faabac4 libreport-2.6.4-2.fc22 abrt-2.6.1-11.fc22 10 https://bodhi.fedoraproject.org/updates/FEDORA-2016-af1f30412b pygtk2-2.24.0-14.fc22 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-695843b69a hwdata-0.288-1.fc22 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1122e53c5a expat-2.1.1-1.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-89e3334638 gnome-shell-3.16.4-2.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5a9313e4b4 perl-5.20.3-330.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-83b47a28ce wavpack-4.80.0-1.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-373c063e79 kernel-4.4.8-200.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-41df7ccbc8 lldpad-1.0.1-4.git036e314.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-476f32d4ec evolution-ews-3.16.5-2.fc22 libsoup-2.50.0-2.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c1bad2b755 thunderbird-45.0-2.fc22 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-927aade89c rpm-4.12.0.1-17.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7d6cbcadca gd-2.1.1-3.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cad1ff2dbb firefox-46.0-4.fc22 The following builds have been pushed to Fedora 22 updates-testing RBTools-0.7.6-1.fc22 ansible1.9-1.9.6-2.fc22 firefox-46.0-4.fc22 gd-2.1.1-3.fc22 gimagereader-3.1.90-1.fc22 ibus-typing-booster-1.4.3-1.fc22 ipsec-tools-0.8.2-5.fc22 pencil-2.0.18-1.fc22 pgpdump-0.30-1.fc22 php-5.6.21-1.fc22 php-league-flysystem-1.0.22-1.fc22 quassel-0.12.4-1.fc22 shotwell-0.23.0-1.fc22 tripwire-2.4.3.1-10.fc22 webkitgtk4-2.12.2-1.fc22 Details about builds: ================================================================================ RBTools-0.7.6-1.fc22 (FEDORA-2016-eb1c59d9a6) Tools for use with ReviewBoard -------------------------------------------------------------------------------- Update Information: https://www.reviewboard.org/docs/releasenotes/rbtools/0.7.6/ ---- RBTools-0.7.5-2.fc21 - New upstream release 0.7.5 - https://www.reviewboard.org/docs/releasenotes/rbtools/0.7.5/ RBTools-0.7.5-2.fc22 - New upstream release 0.7.5 - https://www.reviewboard.org/docs/releasenotes/rbtools/0.7.5/ RBTools-0.7.5-2.el6 - New upstream release 0.7.5 - https://www.reviewboard.org/docs/releasenotes/rbtools/0.7.5/ RBTools-0.7.5-2.el7 - New upstream release 0.7.5 - https://www.reviewboard.org/docs/releasenotes/rbtools/0.7.5/ RBTools-0.7.5-2.fc23 - New upstream release 0.7.5 - https://www.reviewboard.org/docs/releasenotes/rbtools/0.7.5/ -------------------------------------------------------------------------------- ================================================================================ ansible1.9-1.9.6-2.fc22 (FEDORA-2016-48b827a9d9) SSH-based configuration management, deployment, and task execution system -------------------------------------------------------------------------------- Update Information: Fix Conflicts so uses can 'dnf install --allowerasing' or 'yum swap ansible ansible1.9' easily to switch between versions without having to uninstall. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1330979 - Ansible 2.0 is not backwards compatible with 1.9 https://bugzilla.redhat.com/show_bug.cgi?id=1330979 -------------------------------------------------------------------------------- ================================================================================ firefox-46.0-4.fc22 (FEDORA-2016-cad1ff2dbb) Mozilla Firefox Web browser -------------------------------------------------------------------------------- Update Information: - New upstream version (46.0) - Fixed aarch64/ppc64le build failures - Fixed missing addons/langpacks -------------------------------------------------------------------------------- ================================================================================ gd-2.1.1-3.fc22 (FEDORA-2016-7d6cbcadca) A graphics library for quick creation of PNG or JPEG images -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-3074 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1321893 - CVE-2016-3074 php: Signedness vulnerability causing heap overflow in libgd https://bugzilla.redhat.com/show_bug.cgi?id=1321893 -------------------------------------------------------------------------------- ================================================================================ gimagereader-3.1.90-1.fc22 (FEDORA-2016-569bc82d7c) A front-end to tesseract-ocr -------------------------------------------------------------------------------- Update Information: Update to version 3.1.90, see https://github.com/manisandro/gImageReader/releases/tag/v3.1.90 for details. -------------------------------------------------------------------------------- ================================================================================ ibus-typing-booster-1.4.3-1.fc22 (FEDORA-2016-883d129169) A typing booster engine for the IBus platform -------------------------------------------------------------------------------- Update Information: update to 1.4.3 ---- update to 1.4.2 ---- update to 1.4.1; Add property menu to choose the current preedit input method -------------------------------------------------------------------------------- References: [ 1 ] Bug #1331338 - [abrt] ibus-typing-booster: hunspell_table.py:1278:_process_key_event:AttributeError: 'editor' object has no attribute 'trans' https://bugzilla.redhat.com/show_bug.cgi?id=1331338 [ 2 ] Bug #1330461 - [abrt] ibus-typing-booster: hunspell_table.py:444:update_candidates:AttributeError: 'editor' object has no attribute '_transliterated_string' https://bugzilla.redhat.com/show_bug.cgi?id=1330461 -------------------------------------------------------------------------------- ================================================================================ ipsec-tools-0.8.2-5.fc22 (FEDORA-2016-77364fcd0c) Tools for configuring and using IPSEC -------------------------------------------------------------------------------- Update Information: Resolves: rhbz#1251691 ifup-ipsec causes invalid ICMP redirects -------------------------------------------------------------------------------- References: [ 1 ] Bug #1251691 - ifup-ipsec causes invalid ICMP redirects https://bugzilla.redhat.com/show_bug.cgi?id=1251691 -------------------------------------------------------------------------------- ================================================================================ pencil-2.0.18-1.fc22 (FEDORA-2016-6836707b00) A sketching and GUI prototyping tool -------------------------------------------------------------------------------- Update Information: New upstream release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1327652 - Pencil continues under a new upstream maintainer https://bugzilla.redhat.com/show_bug.cgi?id=1327652 -------------------------------------------------------------------------------- ================================================================================ pgpdump-0.30-1.fc22 (FEDORA-2016-6fd7a31d36) PGP packet visualizer -------------------------------------------------------------------------------- Update Information: CVE-2016-4021 pgpdump: endless loop parsing specially crafted input -------------------------------------------------------------------------------- References: [ 1 ] Bug #1328351 - CVE-2016-4021 pgpdump: endless loop parsing specially crafted input https://bugzilla.redhat.com/show_bug.cgi?id=1328351 -------------------------------------------------------------------------------- ================================================================================ php-5.6.21-1.fc22 (FEDORA-2016-e205218629) PHP scripting language for creating dynamic web sites -------------------------------------------------------------------------------- Update Information: 28 Apr 2016, **PHP 5.6.21** ** Core: ** * Fixed bug #69537 (__debugInfo with empty string for key gives error). (krakjoe) * Fixed bug #71841 (EG(error_zval) is not handled well). (Laruence) **BCmath:** * Fixed bug #72093 (bcpowmod accepts negative scale and corrupts _one_ definition). (Stas) **Curl:** * Fixed bug #71831 (CURLOPT_NOPROXY applied as long instead of string). (Michael Sierks) **Date:** * Fixed bug #71889 (DateInterval::format Segmentation fault). (Thomas Punt) **EXIF:** * Fixed bug #72094 (Out of bounds heap read access in exif header processing). (Stas) **GD:** * Fixed bug #71952 (Corruption inside imageaffinematrixget). (Stas) * Fixed bug #71912 (libgd: signedness vulnerability). (Stas) **Intl:** * Fixed bug #72061 (Out-of-bounds reads in zif_grapheme_stripos with negative offset). (Stas) **OCI8:** * Fixed bug #71422 (Fix ORA-01438: value larger than specified precision allowed for this column). (Chris Jones) **ODBC:** * Fixed bug #63171 (Script hangs after max_execution_time). (Remi) **Opcache:** * Fixed bug #71843 (null ptr deref ZEND_RETURN_SPEC_CONST_HANDLER). (Laruence) **PDO:** * Fixed bug #52098 (Own PDOStatement implementation ignore __call()). (Daniel Kalaspuffar, Julien) * Fixed bug #71447 (Quotes inside comments not properly handled). (Matteo) **Postgres:** * Fixed bug #71820 (pg_fetch_object binds parameters before call constructor). (Anatol) **SPL:** * Fixed bug #67582 (Cloned SplObjectStorage with overwritten getHash fails offsetExists()). (Nikita) **Standard:** * Fixed bug #71840 (Unserialize accepts wrongly data). (Ryat, Laruence) * Fixed bug #67512 (php_crypt() crashes if crypt_r() does not exist or _REENTRANT is not defined). (Nikita) **XML:** * Fixed bug #72099 (xml_parse_into_struct segmentation fault). (Stas) -------------------------------------------------------------------------------- ================================================================================ php-league-flysystem-1.0.22-1.fc22 (FEDORA-2016-2f9de9155d) Filesystem abstraction: Many filesystems, one API -------------------------------------------------------------------------------- Update Information: **Version 1.0.22** - 2016-04-28 * Fix root directory creation problem #632 ---- **Version 1.0.21** - 2016-04-22 * Explicitly return false when a has call receives an empty filename. * MounManager copy and move operators now comply to the Filesystem's signature. -------------------------------------------------------------------------------- ================================================================================ quassel-0.12.4-1.fc22 (FEDORA-2016-0431acaa78) A modern distributed IRC system -------------------------------------------------------------------------------- Update Information: Update to latest upstream quassel release, 0.12.4 -------------------------------------------------------------------------------- ================================================================================ shotwell-0.23.0-1.fc22 (FEDORA-2016-f068f65016) A photo organizer for the GNOME desktop -------------------------------------------------------------------------------- Update Information: Update Shotwell to the latest released version. -------------------------------------------------------------------------------- ================================================================================ tripwire-2.4.3.1-10.fc22 (FEDORA-2016-4b4738c591) IDS (Intrusion Detection System) -------------------------------------------------------------------------------- Update Information: update to 2.4.3.1 ---- update to 2.4.3.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1308196 - tripwire: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1308196 -------------------------------------------------------------------------------- ================================================================================ webkitgtk4-2.12.2-1.fc22 (FEDORA-2016-493262f777) GTK+ Web content engine library -------------------------------------------------------------------------------- Update Information: This update brings the following changes: - Fix rendering of scrollbars with GTK themes using stepper buttons. - Fix compatibility issue with 2.12.1 regarding local storage access from file URLs. - Make menu list buttons use the text color from the theme. - Do not show resize grip in non-resizable text fields. - Fix accessibility events causing Orca to echo key presses instead of speaking the inserted characters in password fields. - Fix an off by one error in hyphenation. - Fix several crashes and rendering issues. - Fix the build with libjpeg v9. - Translation updates: Bulgarian, Finnish, Greek, Italian, Turkish. -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: http://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
