The following Fedora 22 Security updates need testing: Age URL 431 https://bodhi.fedoraproject.org/updates/FEDORA-2015-5878 echoping-6.1-0.beta.r434svn.1.fc22 381 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9185 ceph-deploy-1.5.25-1.fc22 313 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12781 python-kdcproxy-0.3.2-1.fc22 268 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16239 nagios-4.0.8-1.fc22 256 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2d37e7dacf openstack-swift-2.2.0-6.fc22 225 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9039c25f1d miniupnpc-1.9-6.fc22 208 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4 libpng-1.6.16-4.fc22 208 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6 libpng-1.6.16-5.fc22 175 https://bodhi.fedoraproject.org/updates/FEDORA-2015-b9e4c97ff1 sos-3.2-2.fc22 148 https://bodhi.fedoraproject.org/updates/FEDORA-2015-f683150aa0 thttpd-2.25b-37.fc22 125 https://bodhi.fedoraproject.org/updates/FEDORA-2016-560802e52b xdelta-3.0.7-7.fc22 113 https://bodhi.fedoraproject.org/updates/FEDORA-2016-24d134e494 mingw-nsis-2.50-1.fc22 101 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3cbe9ad765 python-pygments-2.1.3-1.fc22 62 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a028331ebc poppler-0.30.0-4.fc22 33 https://bodhi.fedoraproject.org/updates/FEDORA-2016-73a5867050 squid-3.5.10-4.fc22 19 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f5107c318e webkitgtk4-2.12.3-1.fc22 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-363d307082 gd-2.1.1-4.fc22 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-40ccaff4d1 GraphicsMagick-1.3.24-1.fc22 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fe9112a9ff sudo-1.8.15-2.fc22 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c3bd6a3496 ntp-4.2.6p5-41.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-45402a6f3b iperf3-3.1.3-1.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3daf782dfa kernel-4.4.13-200.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3b49c9aa49 nfdump-1.6.15-1.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-03c0ed3127 php-zendframework-zendxml-1.0.2-2.fc22 php-ZendFramework2-2.4.10-1.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a41f762894 python-2.7.10-9.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7facc5f3d1 python3-3.4.2-7.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9c228cbf13 xen-4.5.3-8.fc22 The following Fedora 22 Critical Path updates have yet to be approved: Age URL 307 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13210 yum-3.4.3-508.fc22 225 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2123de044f libgphoto2-2.5.8-1.fc22 208 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6 libpng-1.6.16-5.fc22 208 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4 libpng-1.6.16-4.fc22 62 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a028331ebc poppler-0.30.0-4.fc22 58 https://bodhi.fedoraproject.org/updates/FEDORA-2016-027faabac4 libreport-2.6.4-2.fc22 abrt-2.6.1-11.fc22 57 https://bodhi.fedoraproject.org/updates/FEDORA-2016-af1f30412b pygtk2-2.24.0-14.fc22 53 https://bodhi.fedoraproject.org/updates/FEDORA-2016-41df7ccbc8 lldpad-1.0.1-4.git036e314.fc22 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-363d307082 gd-2.1.1-4.fc22 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fe9112a9ff sudo-1.8.15-2.fc22 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2cdb5d5a7c vim-7.4.1868-1.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-409af1ecfd lua-5.3.3-1.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f4a2bc1983 mdadm-3.3.4-3.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3daf782dfa kernel-4.4.13-200.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a41f762894 python-2.7.10-9.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ab75c587f3 perl-5.20.3-331.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-babda1429a thunderbird-45.1.1-2.fc22 The following builds have been pushed to Fedora 22 updates-testing cdbs-0.4.139-1.fc22 clamav-0.99.2-1.fc22 diffoscope-54-1.fc22 elog-3.1.1-5.fc22 mate-themes-3.16.2-2.fc22 multilib-rpm-config-1-4.fc22 pbuilder-0.225-1.fc22 perl-Regexp-Common-2016060801-1.fc22 perl-Starlet-0.30-1.fc22 python-2.7.10-9.fc22 python-regex-2016.06.05-1.fc22 python3-3.4.2-7.fc22 pyusb-1.0.0-1.fc22 qutebrowser-0.7.0-1.fc22 xen-4.5.3-8.fc22 Details about builds: ================================================================================ cdbs-0.4.139-1.fc22 (FEDORA-2016-9476f358dc) Common build system for Debian packages -------------------------------------------------------------------------------- Update Information: Update to version 0.4.139, see http://metadata.ftp- master.debian.org/changelogs//main/c/cdbs/cdbs_0.4.139_changelog for details. -------------------------------------------------------------------------------- ================================================================================ clamav-0.99.2-1.fc22 (FEDORA-2016-2f89f67c12) End-user tools for the Clam Antivirus scanner -------------------------------------------------------------------------------- Update Information: Update to 0.99.2, see http://blog.clamav.net/2016/05/clamav-0992-has-been- released.html - Drop cliopts patch fixed upstream, use upstream's "-- foreground" option name - Fix main.cvd (fedora #1325482, epel #1325717) - Own bytecode.cld (#1176252) and mirrors.dat, ship bytecode.cvd - Update daily.cvd - Fixup Requires(pre) usage (#1319151) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1333949 - clamav-0.99.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1333949 [ 2 ] Bug #1325482 - The main.cvd database in clamav-data-0.99.1-1 is corrupt https://bugzilla.redhat.com/show_bug.cgi?id=1325482 -------------------------------------------------------------------------------- ================================================================================ diffoscope-54-1.fc22 (FEDORA-2016-20f29b9166) In-depth comparison of files, archives, and directories -------------------------------------------------------------------------------- Update Information: Update to latest version. -------------------------------------------------------------------------------- ================================================================================ elog-3.1.1-5.fc22 (FEDORA-2016-b8a53f56ab) Logbook system to manage notes through a Web interface -------------------------------------------------------------------------------- Update Information: Logbook system to manage notes through a web interface -------------------------------------------------------------------------------- References: [ 1 ] Bug #1302504 - Review Request: elog - Logbook system to manage notes through a Web interface https://bugzilla.redhat.com/show_bug.cgi?id=1302504 -------------------------------------------------------------------------------- ================================================================================ mate-themes-3.16.2-2.fc22 (FEDORA-2016-a1b7d47f42) MATE Desktop themes -------------------------------------------------------------------------------- Update Information: - update to 3.16.2 release -------------------------------------------------------------------------------- ================================================================================ multilib-rpm-config-1-4.fc22 (FEDORA-2016-715672d9b8) Multilib packaging helpers -------------------------------------------------------------------------------- Update Information: packaging helpers for multilib issues -------------------------------------------------------------------------------- References: [ 1 ] Bug #1344231 - Review Request: multilib-rpm-config - packaging helpers for multilib issues https://bugzilla.redhat.com/show_bug.cgi?id=1344231 -------------------------------------------------------------------------------- ================================================================================ pbuilder-0.225-1.fc22 (FEDORA-2016-fb414bccb9) Personal package builder for Debian packages -------------------------------------------------------------------------------- Update Information: Update to version 0.225, see http://metadata.ftp- master.debian.org/changelogs//main/p/pbuilder/pbuilder_0.225_changelog for details. -------------------------------------------------------------------------------- ================================================================================ perl-Regexp-Common-2016060801-1.fc22 (FEDORA-2016-f40060d8ed) Regexp::Common Perl module -------------------------------------------------------------------------------- Update Information: Minor upstream fixes ---- -------------------------------------------------------------------------------- ================================================================================ perl-Starlet-0.30-1.fc22 (FEDORA-2016-2c67c49d78) Simple, high-performance PSGI/Plack HTTP server -------------------------------------------------------------------------------- Update Information: Upstream update -------------------------------------------------------------------------------- ================================================================================ python-2.7.10-9.fc22 (FEDORA-2016-a41f762894) An interpreted, interactive, object-oriented programming language -------------------------------------------------------------------------------- Update Information: Added patch for fixing possible integer overflow and heap corruption in zipimporter.get_data() -------------------------------------------------------------------------------- References: [ 1 ] Bug #1345858 - python: Heap overflow in zipimporter module [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1345858 -------------------------------------------------------------------------------- ================================================================================ python-regex-2016.06.05-1.fc22 (FEDORA-2016-0cdc8366fc) Alternative regular expression module, to replace re -------------------------------------------------------------------------------- Update Information: Update to the latest stable version. -------------------------------------------------------------------------------- ================================================================================ python3-3.4.2-7.fc22 (FEDORA-2016-7facc5f3d1) Version 3 of the Python programming language aka Python 3000 -------------------------------------------------------------------------------- Update Information: Added patch for fixing possible integer overflow and heap corruption in zipimporter.get_data() -------------------------------------------------------------------------------- References: [ 1 ] Bug #1345859 - python3: python: Heap overflow in zipimporter module [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1345859 -------------------------------------------------------------------------------- ================================================================================ pyusb-1.0.0-1.fc22 (FEDORA-2016-604f528281) Python bindings for libusb -------------------------------------------------------------------------------- Update Information: 1.0.0 final -------------------------------------------------------------------------------- References: [ 1 ] Bug #1346180 - new upstream version available https://bugzilla.redhat.com/show_bug.cgi?id=1346180 -------------------------------------------------------------------------------- ================================================================================ qutebrowser-0.7.0-1.fc22 (FEDORA-2016-b528d4975e) A keyboard-driven, vim-like browser based on PyQt5 and QtWebKit -------------------------------------------------------------------------------- Update Information: Update to 0.7.0 -------------------------------------------------------------------------------- ================================================================================ xen-4.5.3-8.fc22 (FEDORA-2016-9c228cbf13) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information: Qemu: scsi: esp: OOB r/w access while processing ESP_FIFO [CVE-2016-5338] (#1343323) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1343323 - CVE-2016-5338 Qemu: scsi: esp: OOB r/w access while processing ESP_FIFO https://bugzilla.redhat.com/show_bug.cgi?id=1343323 [ 2 ] Bug #1343909 - CVE-2016-5337 Qemu: scsi: megasas: information leakage in megasas_ctrl_get_info https://bugzilla.redhat.com/show_bug.cgi?id=1343909 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx