The following Fedora 22 Security updates need testing: Age URL 389 https://bodhi.fedoraproject.org/updates/FEDORA-2015-5878 echoping-6.1-0.beta.r434svn.1.fc22 338 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9185 ceph-deploy-1.5.25-1.fc22 271 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12781 python-kdcproxy-0.3.2-1.fc22 225 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16239 nagios-4.0.8-1.fc22 214 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2d37e7dacf openstack-swift-2.2.0-6.fc22 183 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9039c25f1d miniupnpc-1.9-6.fc22 165 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4 libpng-1.6.16-4.fc22 165 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6 libpng-1.6.16-5.fc22 147 https://bodhi.fedoraproject.org/updates/FEDORA-2015-3a5cebb105 ImageMagick-6.9.2.7-1.fc22 132 https://bodhi.fedoraproject.org/updates/FEDORA-2015-b9e4c97ff1 sos-3.2-2.fc22 106 https://bodhi.fedoraproject.org/updates/FEDORA-2015-f683150aa0 thttpd-2.25b-37.fc22 82 https://bodhi.fedoraproject.org/updates/FEDORA-2016-560802e52b xdelta-3.0.7-7.fc22 71 https://bodhi.fedoraproject.org/updates/FEDORA-2016-24d134e494 mingw-nsis-2.50-1.fc22 63 https://bodhi.fedoraproject.org/updates/FEDORA-2016-338a7e9925 graphite2-1.3.6-1.fc22 59 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3cbe9ad765 python-pygments-2.1.3-1.fc22 54 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7b40eb9e29 libecap-1.0.0-1.fc22 squid-3.5.10-1.fc22 27 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8d4b68e412 imlib2-1.4.8-1.fc22 25 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d19ed2f80d squid-3.5.10-2.fc22 20 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a028331ebc poppler-0.30.0-4.fc22 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-373c063e79 kernel-4.4.8-200.fc22 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5a9313e4b4 perl-5.20.3-330.fc22 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c1bad2b755 thunderbird-45.0-2.fc22 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1aaf308de4 community-mysql-5.6.30-1.fc22 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4a5ce6a6c0 cacti-0.8.8g-1.fc22 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-927aade89c rpm-4.12.0.1-17.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6fd7a31d36 pgpdump-0.30-1.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e205218629 php-5.6.21-1.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7d6cbcadca gd-2.1.1-3.fc22 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9851b69dbb openvas-cli-1.4.4-1.fc22 openvas-gsa-6.0.10-3.fc22 openvas-libraries-8.0.7-2.fc22 openvas-manager-6.0.8-2.fc22 openvas-scanner-5.0.5-3.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fe0d8f126a botan-1.10.13-1.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-777d838c1b ntp-4.2.6p5-40.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3e64b32a91 dhcp-4.3.2-8.fc22 The following Fedora 22 Critical Path updates have yet to be approved: Age URL 265 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13210 yum-3.4.3-508.fc22 183 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2123de044f libgphoto2-2.5.8-1.fc22 165 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6 libpng-1.6.16-5.fc22 165 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4 libpng-1.6.16-4.fc22 89 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d3fce30d64 mobile-broadband-provider-info-1.20151214-1.fc22 71 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ce419c9cab selinux-policy-3.13.1-128.28.fc22 60 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4d5434d82f parted-3.2-16.fc22 47 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d4e6e32c1c upower-0.99.3-2.fc22 27 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8d4b68e412 imlib2-1.4.8-1.fc22 20 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a028331ebc poppler-0.30.0-4.fc22 16 https://bodhi.fedoraproject.org/updates/FEDORA-2016-027faabac4 libreport-2.6.4-2.fc22 abrt-2.6.1-11.fc22 15 https://bodhi.fedoraproject.org/updates/FEDORA-2016-af1f30412b pygtk2-2.24.0-14.fc22 14 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1122e53c5a expat-2.1.1-1.fc22 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-89e3334638 gnome-shell-3.16.4-2.fc22 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5a9313e4b4 perl-5.20.3-330.fc22 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-83b47a28ce wavpack-4.80.0-1.fc22 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-373c063e79 kernel-4.4.8-200.fc22 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-41df7ccbc8 lldpad-1.0.1-4.git036e314.fc22 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-476f32d4ec evolution-ews-3.16.5-2.fc22 libsoup-2.50.0-2.fc22 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c1bad2b755 thunderbird-45.0-2.fc22 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-927aade89c rpm-4.12.0.1-17.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7d6cbcadca gd-2.1.1-3.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cc848e483a xulrunner-44.0-6.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ad6926a3c8 firefox-46.0-5.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3e64b32a91 dhcp-4.3.2-8.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e99389f35d openssh-6.9p1-12.fc22 The following builds have been pushed to Fedora 22 updates-testing argus-3.0.8-6.fc22 dhcp-4.3.2-8.fc22 gmic-1.7.1-1.fc22 kshutdown-3.99.1-0.1.beta.fc22 mutt-1.6.1-1.fc22 ntp-4.2.6p5-40.fc22 openssh-6.9p1-12.fc22 owncloud-8.2.3-6.fc22 perl-Module-CoreList-5.20160429-1.fc22 perl-PerlIO-eol-0.16-1.fc22 perl-Thread-Queue-3.09-1.fc22 php-myclabs-deep-copy-1.5.1-1.fc22 php-owncloud-tarstreamer-0.1.0-1.fc22 php-swiftmailer-5.4.2-1.fc22 php-symfony-2.7.12-2.fc22 python-justbytes-0.7-1.fc22 Details about builds: ================================================================================ argus-3.0.8-6.fc22 (FEDORA-2016-41153ed93e) Network transaction audit tool -------------------------------------------------------------------------------- Update Information: Logrotate fix. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1332098 - /etc/logrotate.d/argus from argus-3.0.8-4.fc23.x86_64 causes global default log compression for all logs handled by logrotate and not just the argus log https://bugzilla.redhat.com/show_bug.cgi?id=1332098 -------------------------------------------------------------------------------- ================================================================================ dhcp-4.3.2-8.fc22 (FEDORA-2016-3e64b32a91) Dynamic host configuration protocol software -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-2774 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1315259 - CVE-2016-2774 dhcp: unclosed TCP connections to OMAPI or failover ports can cause DoS https://bugzilla.redhat.com/show_bug.cgi?id=1315259 -------------------------------------------------------------------------------- ================================================================================ gmic-1.7.1-1.fc22 (FEDORA-2016-078df266cf) GREYC's Magic for Image Computing -------------------------------------------------------------------------------- Update Information: bump version ---- bump version ---- bump version ---- bump version -------------------------------------------------------------------------------- ================================================================================ kshutdown-3.99.1-0.1.beta.fc22 (FEDORA-2016-2b306dadc1) Graphical shutdown utility for Plasma 5 -------------------------------------------------------------------------------- Update Information: KShutdown 3.99.1 beta release. For more information visit http://kshutdown.sourceforge.net/releases/3.99.1beta.html. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1331948 - kshutdown-3.99.1beta is available https://bugzilla.redhat.com/show_bug.cgi?id=1331948 -------------------------------------------------------------------------------- ================================================================================ mutt-1.6.1-1.fc22 (FEDORA-2016-261a6b80b2) A text mode mail user agent -------------------------------------------------------------------------------- Update Information: Bugfix release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1332105 - mutt-1.6.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1332105 -------------------------------------------------------------------------------- ================================================================================ ntp-4.2.6p5-40.fc22 (FEDORA-2016-777d838c1b) The NTP daemon and utilities -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-1548, CVE-2016-2516, CVE-2016-2518, CVE-2016-1550 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1331462 - CVE-2016-1548 ntp: ntpd switching to interleaved mode with spoofed packets https://bugzilla.redhat.com/show_bug.cgi?id=1331462 [ 2 ] Bug #1331466 - CVE-2016-2516 ntp: assertion failure in ntpd on duplicate IPs on unconfig directives https://bugzilla.redhat.com/show_bug.cgi?id=1331466 [ 3 ] Bug #1331468 - CVE-2016-2518 ntp: out-of-bounds references on crafted packet https://bugzilla.redhat.com/show_bug.cgi?id=1331468 [ 4 ] Bug #1331464 - CVE-2016-1550 ntp: libntp message digest disclosure https://bugzilla.redhat.com/show_bug.cgi?id=1331464 -------------------------------------------------------------------------------- ================================================================================ openssh-6.9p1-12.fc22 (FEDORA-2016-e99389f35d) An open source implementation of SSH protocol versions 1 and 2 -------------------------------------------------------------------------------- Update Information: Fix DH GEX against non-default group sizes (openssh-7.2) (#1332082) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1332082 - server host key signature fails after update to 7.2p2 https://bugzilla.redhat.com/show_bug.cgi?id=1332082 -------------------------------------------------------------------------------- ================================================================================ owncloud-8.2.3-6.fc22 (FEDORA-2016-377b1a015c) Private file sync and share server -------------------------------------------------------------------------------- Update Information: Owncloud now follows the PHP SIG direction of using a fedora autoloader to directly call the autoloaders of the PHP libraries used. In addition a %check has been added to ensure the autoloader works correctly and new dependency versions bumped to match more closely with upstream. -------------------------------------------------------------------------------- ================================================================================ perl-Module-CoreList-5.20160429-1.fc22 (FEDORA-2016-28b86e4922) What modules are shipped with versions of perl -------------------------------------------------------------------------------- Update Information: This release brings data for perl 5.22.2. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1331902 - perl-Module-CoreList-5.20160429 is available https://bugzilla.redhat.com/show_bug.cgi?id=1331902 -------------------------------------------------------------------------------- ================================================================================ perl-PerlIO-eol-0.16-1.fc22 (FEDORA-2016-34683649de) PerlIO layer for normalizing line endings -------------------------------------------------------------------------------- Update Information: This release corrects build-time warnings. ---- This release improves documentation. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1331951 - perl-PerlIO-eol-0.16 is available https://bugzilla.redhat.com/show_bug.cgi?id=1331951 [ 2 ] Bug #1330787 - perl-PerlIO-eol-0.15 is available https://bugzilla.redhat.com/show_bug.cgi?id=1330787 -------------------------------------------------------------------------------- ================================================================================ perl-Thread-Queue-3.09-1.fc22 (FEDORA-2016-986f5d9b83) Thread-safe queues -------------------------------------------------------------------------------- Update Information: This release updates documentation. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1331991 - perl-Thread-Queue-3.09 is available https://bugzilla.redhat.com/show_bug.cgi?id=1331991 -------------------------------------------------------------------------------- ================================================================================ php-myclabs-deep-copy-1.5.1-1.fc22 (FEDORA-2016-4ee30b1a5d) Create deep copies (clones) of your objects -------------------------------------------------------------------------------- Update Information: **Version 1.5.1** * fix for exception -------------------------------------------------------------------------------- ================================================================================ php-owncloud-tarstreamer-0.1.0-1.fc22 (FEDORA-2016-4f1b200e56) Streaming dynamic tar files -------------------------------------------------------------------------------- Update Information: **Version 0.1.0** * Use UTF-8 filenames for any browser except Internet Explorer -------------------------------------------------------------------------------- ================================================================================ php-swiftmailer-5.4.2-1.fc22 (FEDORA-2016-eb8932fefc) Free Feature-rich PHP Mailer -------------------------------------------------------------------------------- Update Information: **Version 5.4.2** (2016-05-01) * fixed support for IPv6 sockets * added auto- retry when sending messages from the memory spool * fixed consecutive read calls in Swift_ByteStream_FileByteStream * added support for iso-8859-15 encoding * fixed PHP mail extra params on missing reversePath * added methods to set custom stream context options * fixed charset changes in QpContentEncoderProxy * added return-path header to the ignoredHeaders list of DKIMSigner * fixed crlf for subject using mail * fixed add soft line break only when necessary * fixed escaping command-line args to Sendmail -------------------------------------------------------------------------------- ================================================================================ php-symfony-2.7.12-2.fc22 (FEDORA-2016-bef87ba099) PHP framework for web projects -------------------------------------------------------------------------------- Update Information: **Version 2.7.12** (2016-04-29) * bug #18180 [Form] fixed BC break with pre selection of choices with `ChoiceType` and its children (HeahDude) * bug #18562 [WebProfilerBunde] Give an absolute url in case the request occured from another domain (romainneutron) * bug #18603 [PropertyAccess] ->getValue() should be read-only (nicolas-grekas) * bug #18593 [VarDumper] Fix dumping type hints for non-existing parent classes (nicolas-grekas) * bug #18581 [Console] [TableHelper] make it work with SymfonyStyle. (aitboudad) * bug #18280 [Routing] add query param if value is different from default (Tobion) * bug #18496 [Console] use ANSI escape sequences in ProgressBar overwrite method (alekitto) * bug #18491 [DependencyInjection] anonymous services are always private (xabbuh) * bug #18515 [Filesystem] Better error handling in remove() (nicolas-grekas) * bug #18449 [PropertyAccess] Fix regression (nicolas-grekas) * bug #18429 [Console] Correct time formatting. (camporter) * bug #18467 [DependencyInjection] Resolve aliases before removing abstract services + add tests (nicolas-grekas) * bug #18460 [DomCrawler] Fix select option with empty value (Matt Wells) * bug #18425 [Security] Fixed SwitchUserListener when exiting an impersonation with AnonymousToken (lyrixx) * bug #18317 [Form] fix "prototype" not required when parent form is not required (HeahDude) * bug #18439 [Logging] Add support for Firefox (43+) in ChromePhpHandler (arjenm) * bug #18385 Detect CLI color support for Windows 10 build 10586 (mlocati) * bug #18426 [EventDispatcher] Try first if the event is Stopped (lyrixx) * bug #18394 [FrameworkBundle] Return the invokable service if its name is the class name (dunglas) * bug #18265 Optimize ReplaceAliasByActualDefinitionPass (ajb- in) * bug #18349 [Process] Fix stream_select priority when writing to stdin (nicolas-grekas) * bug #18358 [Form] NumberToLocalizedStringTransformer should return floats when possible (nicolas-grekas) * bug #17926 [DependencyInjection] Enable alias for service_container (hason) * bug #18352 [Debug] Fix case sensitivity checks (nicolas-grekas) * bug #18336 [Debug] Fix handling of php7 throwables (nicolas-grekas) * bug #18354 [FrameworkBundle][TwigBridge] fix high deps tests (xabbuh) * bug #18312 [ClassLoader] Fix storing not-found classes in APC cache (nicolas-grekas) * bug #18298 [Validator] do not treat payload as callback (xabbuh) -------------------------------------------------------------------------------- ================================================================================ python-justbytes-0.7-1.fc22 (FEDORA-2016-09ecd64414) A library for handling computation with address ranges in bytes -------------------------------------------------------------------------------- Update Information: New upstream version. Significant API changes. But this should be no problem as no clients yet in Fedora. -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: http://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
