The following Fedora 22 Security updates need testing: Age URL 412 https://bodhi.fedoraproject.org/updates/FEDORA-2015-5878 echoping-6.1-0.beta.r434svn.1.fc22 361 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9185 ceph-deploy-1.5.25-1.fc22 294 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12781 python-kdcproxy-0.3.2-1.fc22 248 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16239 nagios-4.0.8-1.fc22 237 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2d37e7dacf openstack-swift-2.2.0-6.fc22 206 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9039c25f1d miniupnpc-1.9-6.fc22 188 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4 libpng-1.6.16-4.fc22 188 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6 libpng-1.6.16-5.fc22 155 https://bodhi.fedoraproject.org/updates/FEDORA-2015-b9e4c97ff1 sos-3.2-2.fc22 129 https://bodhi.fedoraproject.org/updates/FEDORA-2015-f683150aa0 thttpd-2.25b-37.fc22 105 https://bodhi.fedoraproject.org/updates/FEDORA-2016-560802e52b xdelta-3.0.7-7.fc22 94 https://bodhi.fedoraproject.org/updates/FEDORA-2016-24d134e494 mingw-nsis-2.50-1.fc22 82 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3cbe9ad765 python-pygments-2.1.3-1.fc22 42 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a028331ebc poppler-0.30.0-4.fc22 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-73a5867050 squid-3.5.10-4.fc22 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-19c34099d3 libarchive-3.1.2-14.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f7e7a6067d jenkins-1.609.3-7.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f3262abda6 dosfstools-3.0.27-2.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5bd283c48b bugzilla-4.4.12-1.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8fd9019541 xen-4.5.3-5.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a302f49f6d thunderbird-45.1.0-2.fc22 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-33ad3f97d4 openslp-2.0.0-6.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2363b37a98 kernel-4.4.11-200.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f5107c318e webkitgtk4-2.12.3-1.fc22 The following Fedora 22 Critical Path updates have yet to be approved: Age URL 287 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13210 yum-3.4.3-508.fc22 206 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2123de044f libgphoto2-2.5.8-1.fc22 188 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6 libpng-1.6.16-5.fc22 188 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4 libpng-1.6.16-4.fc22 112 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d3fce30d64 mobile-broadband-provider-info-1.20151214-1.fc22 83 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4d5434d82f parted-3.2-16.fc22 70 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d4e6e32c1c upower-0.99.3-2.fc22 42 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a028331ebc poppler-0.30.0-4.fc22 39 https://bodhi.fedoraproject.org/updates/FEDORA-2016-027faabac4 libreport-2.6.4-2.fc22 abrt-2.6.1-11.fc22 38 https://bodhi.fedoraproject.org/updates/FEDORA-2016-af1f30412b pygtk2-2.24.0-14.fc22 34 https://bodhi.fedoraproject.org/updates/FEDORA-2016-41df7ccbc8 lldpad-1.0.1-4.git036e314.fc22 21 https://bodhi.fedoraproject.org/updates/FEDORA-2016-828f77de70 samba-4.2.12-0.fc22 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-19c34099d3 libarchive-3.1.2-14.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f3262abda6 dosfstools-3.0.27-2.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a302f49f6d thunderbird-45.1.0-2.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8ec2270aae libbluray-0.9.3-1.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-494ae26ab2 hwdata-0.289-1.fc22 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-33ad3f97d4 openslp-2.0.0-6.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2363b37a98 kernel-4.4.11-200.fc22 The following builds have been pushed to Fedora 22 updates-testing ansible-2.1.0.0-1.fc22 booth-1.0-2.570876d.git.fc22 cdbs-0.4.137-1.fc22 dynafed-1.2.1-2.fc22 fedfind-2.4.7-1.fc22 kernel-4.4.11-200.fc22 libdkimpp-1.0.9-1.fc22 open-vm-tools-10.0.5-2.fc22 perl-DBIx-RunSQL-0.14-1.fc22 perl-Lingua-Translit-0.26-1.fc22 python-boto-2.40.0-1.fc22 scribus-1.4.6-1.fc22 shotwell-0.23.1-1.fc22 smtpping-1.1.3-1.fc22 waf-1.8.21-1.fc22 webkitgtk4-2.12.3-1.fc22 Details about builds: ================================================================================ ansible-2.1.0.0-1.fc22 (FEDORA-2016-9b87ab9c77) SSH-based configuration management, deployment, and task execution system -------------------------------------------------------------------------------- Update Information: Update to 2.1 upstream with bugfixes and enhancements. See https://github.com/ansible/ansible/blob/stable-2.1/CHANGELOG.md for more details. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1336266 - Ansible 2.0.2.0 regression (known bug, fixed upstream) https://bugzilla.redhat.com/show_bug.cgi?id=1336266 [ 2 ] Bug #1332233 - remote_tmp filling up since upgrading to ansible 2 https://bugzilla.redhat.com/show_bug.cgi?id=1332233 [ 3 ] Bug #1337474 - dnf: state=present|absent returns skipping instead of changed https://bugzilla.redhat.com/show_bug.cgi?id=1337474 [ 4 ] Bug #1334097 - ansible fails when running Task [setup] https://bugzilla.redhat.com/show_bug.cgi?id=1334097 -------------------------------------------------------------------------------- ================================================================================ booth-1.0-2.570876d.git.fc22 (FEDORA-2016-c8f8b4c4b4) Ticket Manager for Multi-site Clusters -------------------------------------------------------------------------------- Update Information: - update per the changesets recently accepted by the upstream (memory/resource leaks fixes, patches previously attached separately that make unit test pass, internal cleanups, etc.) -------------------------------------------------------------------------------- ================================================================================ cdbs-0.4.137-1.fc22 (FEDORA-2016-17aa1bb3f6) Common build system for Debian packages -------------------------------------------------------------------------------- Update Information: Update to version 0.4.137, see http://metadata.ftp- master.debian.org/changelogs//main/c/cdbs/cdbs_0.4.137_changelog for details. ---- Update to version 0.4.131, see http://ftp- master.metadata.debian.org/changelogs//main/c/cdbs/cdbs_0.4.131_changelog for details. -------------------------------------------------------------------------------- ================================================================================ dynafed-1.2.1-2.fc22 (FEDORA-2016-57272816cf) Ultra-scalable dynamic system for federating HTTP-based storage resources -------------------------------------------------------------------------------- Update Information: - first Fedora version of the package -------------------------------------------------------------------------------- ================================================================================ fedfind-2.4.7-1.fc22 (FEDORA-2016-62449be3b4) Fedora Finder finds Fedora -------------------------------------------------------------------------------- Update Information: This update provides the latest release of [fedfind](https://www.happyassassin.net/fedfind). It fixes handling of two week Atomic compose IDs in `fedfind.release.get_release`. -------------------------------------------------------------------------------- ================================================================================ kernel-4.4.11-200.fc22 (FEDORA-2016-2363b37a98) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 4.4.11 update contains a number of important fixes across the tree -------------------------------------------------------------------------------- References: [ 1 ] Bug #1332139 - CVE-2016-3713 kernel: kvm: out-of-bounds access in set_var_mtrr_msr https://bugzilla.redhat.com/show_bug.cgi?id=1332139 [ 2 ] Bug #1337528 - CVE-2016-4913 kernel: Information leak when handling NM entries containing NUL https://bugzilla.redhat.com/show_bug.cgi?id=1337528 [ 3 ] Bug #1338625 - CVE-2016-4951 kernel: Null pointer dereference in tipc_nl_publ_dump https://bugzilla.redhat.com/show_bug.cgi?id=1338625 -------------------------------------------------------------------------------- ================================================================================ libdkimpp-1.0.9-1.fc22 (FEDORA-2016-6a65beb28c) Lightweight and portable DKIM (RFC4871) library -------------------------------------------------------------------------------- Update Information: - Release 1.0.9 - Update README.md - Removed logically dead code - Add fall through comment - Unused code -------------------------------------------------------------------------------- References: [ 1 ] Bug #1338775 - libdkimpp-1.0.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1338775 -------------------------------------------------------------------------------- ================================================================================ open-vm-tools-10.0.5-2.fc22 (FEDORA-2016-36485d53b0) Open Virtual Machine Tools for virtual machines hosted on VMware -------------------------------------------------------------------------------- Update Information: New version from upstream, obsoletes open-vm-tools-deploypkg and patches for gcc 6. ---- open-vm-tools-10.0.0-4.fc22 - Add -std=c++11 to CXXFLAGS for fixing the build issue, https://kojipkgs.fedoraproject.org//work/tasks/3685/11273685/build.log open- vm-tools-10.0.0-4.fc23 - Add -std=c++11 to CXXFLAGS for fixing the build issue, https://kojipkgs.fedoraproject.org//work/tasks/3685/11273685/build.log open- vm-tools-10.0.0-4.fc21 - Add -std=c++11 to CXXFLAGS for fixing the build issue, https://kojipkgs.fedoraproject.org//work/tasks/3685/11273685/build.log ---- - Add license macro. - Remove initscripts requirement (#1226369). - Delete mount.vmhgfs instead of excluding from packaging, so the debug information is not included in the package (#1190540). - Be more explicit with configuration files, newer mock complains of files being listed twice. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1305108 - open-vm-tools FTBFS with GCC 6 https://bugzilla.redhat.com/show_bug.cgi?id=1305108 [ 2 ] Bug #1258105 - open-vm-tools is too old for Fedora 23 on VMware Workstation 12 https://bugzilla.redhat.com/show_bug.cgi?id=1258105 [ 3 ] Bug #1177972 - [RFE] modify log string "The vmusr service needs to run inside a virtual machine" https://bugzilla.redhat.com/show_bug.cgi?id=1177972 [ 4 ] Bug #1190540 - open-vm-tools-debuginfo cannot be installed because it conflicts with itself. https://bugzilla.redhat.com/show_bug.cgi?id=1190540 [ 5 ] Bug #1226369 - Unneeded dependency on initscripts https://bugzilla.redhat.com/show_bug.cgi?id=1226369 -------------------------------------------------------------------------------- ================================================================================ perl-DBIx-RunSQL-0.14-1.fc22 (FEDORA-2016-fe98d32eae) Run SQL commands from a file -------------------------------------------------------------------------------- Update Information: 0.14 20160524 --- - ->handle_command_line now also accepts an SQL string instead of only accepting SQL files - Silence some warnings if a statement does not return columns (like a CREATE statement). RT #114647 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1339835 - perl-DBIx-RunSQL: 0.14 release available https://bugzilla.redhat.com/show_bug.cgi?id=1339835 -------------------------------------------------------------------------------- ================================================================================ perl-Lingua-Translit-0.26-1.fc22 (FEDORA-2016-feee33a419) Transliterates text between writing systems -------------------------------------------------------------------------------- Update Information: * Spelling corrections in man page - thanks to Lucas Kanashiro for providing a patch! * Maintainership passed from Lingua-Systems to Netzum Sorglos. * developer-manual__eng.pdf: removed - the documentation is now available online (see link in Lingua::Translit's man page). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1339024 - perl-Lingua-Translit-0.26 is available https://bugzilla.redhat.com/show_bug.cgi?id=1339024 -------------------------------------------------------------------------------- ================================================================================ python-boto-2.40.0-1.fc22 (FEDORA-2016-00e3a6806e) A simple, lightweight interface to Amazon Web Services -------------------------------------------------------------------------------- Update Information: http://docs.pythonboto.org/en/latest/releasenotes/v2.40.0.html -------------------------------------------------------------------------------- ================================================================================ scribus-1.4.6-1.fc22 (FEDORA-2016-c883a0f6c3) DeskTop Publishing application written in Qt -------------------------------------------------------------------------------- Update Information: https://www.scribus.net/scribus-1-4-6-released/ -------------------------------------------------------------------------------- ================================================================================ shotwell-0.23.1-1.fc22 (FEDORA-2016-d9d42403e1) A photo organizer for the GNOME desktop -------------------------------------------------------------------------------- Update Information: Shotwell 0.23.1 - 23 May 2016 ----------------------------- * Update Facebook application id. Facebook integration works again (#748991) * Remove obsolete VAPIs * Remove custom WEXITSTATUS implementation * Fix an assert in file monitor caused by renaming a file (#759403) * Rename "Yorba website" to "Shotwell website" in About dialog so it actually says what it does. * Change the way how shotwell checks whether it runs uninstalled to allow running with symlinks (#747374) * Copyright was transferred from Yorba to SFC * Do not block closing the viewer if there was an issue loading the photo (#740436) * Remove remaining references to .gnome2 directory (#766339) * Update icons to hires versions and add a symbolic one (#717326) * If we can't find any pixbuf representation of the Photo, push an empty pixmap to force the display of the error message (#766338) * Fix a critical when get_metadata returns null * Remove deprecated calls to gtk_widget_render_icon() (#719188) * Panic out if we cannot open the file in the viewer * Make toolbar use GtkOverlay instead of implementing a custom pop-up to prevent all kinds of issues with overlaying other applications or toolboxes (#756126) * Remove criticals caused by mouse hiding algorithm -------------------------------------------------------------------------------- References: [ 1 ] Bug #1224562 - Error publishing on Facebook https://bugzilla.redhat.com/show_bug.cgi?id=1224562 -------------------------------------------------------------------------------- ================================================================================ smtpping-1.1.3-1.fc22 (FEDORA-2016-723a274243) Small tool for measuring SMTP parameters -------------------------------------------------------------------------------- Update Information: - clean up implementation - use af_unspec - Added support for -4 and -6 flags - restore signal handler (fix double ctrl+c) - Send message with Content-Type - Update README.md - socket() return -1 on failure - Merge pull request #1 from karasz/master - fixed typo -------------------------------------------------------------------------------- References: [ 1 ] Bug #1338790 - smtpping-1.1.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1338790 -------------------------------------------------------------------------------- ================================================================================ waf-1.8.21-1.fc22 (FEDORA-2016-1eafb7d340) A Python-based build system -------------------------------------------------------------------------------- Update Information: NEW IN WAF 1.8.21 ----------------- * Fix for extra lines in windows logs #1715 * Add commit() method to ConfigSet # 1717 * Enable manifest node objects in java #1722 * Identify java tasks more accurately and add build order on non-jar tasks #1725 * Add PlatformToolset ver. to msvs proj template #1729 * Enable Colorgcc for other compilers #1732 -------------------------------------------------------------------------------- ================================================================================ webkitgtk4-2.12.3-1.fc22 (FEDORA-2016-f5107c318e) GTK+ Web content engine library -------------------------------------------------------------------------------- Update Information: This update addresses the following vulnerabilities: - CVE-2016-1857, CVE-2016-1856 Additional fixes: - Improved the detection of supported MIME types supported by the media player. - Fix web process crash when playing adaptive streaming media. - Change the volume while thumb slider is dragged, not only when released. - Fix leaked thread in network process. - Fix several crashes and rendering issues. - Translation updates: Hungarian. -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
