The following Fedora 22 Security updates need testing: Age URL 232 https://bodhi.fedoraproject.org/updates/FEDORA-2015-5878 echoping-6.1-0.beta.r434svn.1.fc22 181 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9185 ceph-deploy-1.5.25-1.fc22 113 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12781 python-kdcproxy-0.3.2-1.fc22 99 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13823 python-django-1.8.4-1.fc22 98 https://bodhi.fedoraproject.org/updates/FEDORA-2015-1aee5e6f0b conntrack-tools-1.4.2-9.fc22 68 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16239 nagios-4.0.8-1.fc22 62 https://bodhi.fedoraproject.org/updates/FEDORA-2015-05490fc42d squid-3.4.13-3.fc22 62 https://bodhi.fedoraproject.org/updates/FEDORA-2015-be2c11d456 subversion-1.8.14-1.fc22 56 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2d37e7dacf openstack-swift-2.2.0-6.fc22 55 https://bodhi.fedoraproject.org/updates/FEDORA-2015-3e4043f088 python-pymongo-3.0.3-1.fc22 46 https://bodhi.fedoraproject.org/updates/FEDORA-2015-4bc7688b3e audiofile-0.3.6-9.fc22 32 https://bodhi.fedoraproject.org/updates/FEDORA-2015-de44abca87 ntp-4.2.6p5-34.fc22 25 https://bodhi.fedoraproject.org/updates/FEDORA-2015-0552500cd7 python-pygments-2.0.2-3.fc22 25 https://bodhi.fedoraproject.org/updates/FEDORA-2015-95f5ff8d44 perl-HTML-Scrubber-0.15-1.fc22 25 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9039c25f1d miniupnpc-1.9-6.fc22 16 https://bodhi.fedoraproject.org/updates/FEDORA-2015-5ad4a1f151 putty-0.66-1.fc22 12 https://bodhi.fedoraproject.org/updates/FEDORA-2015-89ee6b7f82 potrace-1.13-2.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2015-c7b1be8823 seamonkey-2.39-1.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4 libpng-1.6.16-4.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6 libpng-1.6.16-5.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2015-e5e4ecf80d libpng15-1.5.21-2.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6691fc09b2 imapsync-1.644-2.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-0772f3f93b rpm-4.12.0.1-14.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-037f844d3e libxml2-2.9.3-1.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2c155d7632 grub2-2.02-0.17.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-703a7aad00 keepass-2.30-2.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6fb2c59536 ca-certificates-2015.2.6-1.0.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2015-8413bdd343 abrt-2.6.1-7.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2015-b5a8f09e32 knot-1.6.6-1.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2015-0b89738311 php-symfony-2.7.7-2.fc22 php-twig-1.23.1-2.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2015-afafa29551 pcre-8.37-7.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-89468612f5 jenkins-1.609.3-4.fc22
The following Fedora 22 Critical Path updates have yet to be approved: Age URL 107 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13210 yum-3.4.3-508.fc22 93 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14218 xulrunner-40.0-1.fc22 30 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7517bd0bc5 libtiff-4.0.3-21.fc22 25 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2123de044f libgphoto2-2.5.8-1.fc22 22 https://bodhi.fedoraproject.org/updates/FEDORA-2015-48f718ed1b vim-7.4.909-1.fc22 19 https://bodhi.fedoraproject.org/updates/FEDORA-2015-069fea7e6b livecd-tools-22.3-1.fc22 14 https://bodhi.fedoraproject.org/updates/FEDORA-2015-fee72c84ae kde-runtime-15.08.3-1.fc22 kdelibs-4.14.14-1.fc22 13 https://bodhi.fedoraproject.org/updates/FEDORA-2015-600c5627e8 libdvdread-5.0.3-1.fc22 13 https://bodhi.fedoraproject.org/updates/FEDORA-2015-5aaff55f5c vte3-0.36.5-1.fc22 12 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14488dbea4 libbluray-0.9.1-1.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6 libpng-1.6.16-5.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2015-ac150749f3 bind-9.10.2-6.P4.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4 libpng-1.6.16-4.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2a8c560b3e hwdata-0.284-1.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2015-82b7665427 koji-1.10.1-1.fc22 7 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9274339b62 libpng-1.6.19-1.fc22 7 https://bodhi.fedoraproject.org/updates/FEDORA-2015-d96e31cecd perl-Socket-2.021-1.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-037f844d3e libxml2-2.9.3-1.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-0772f3f93b rpm-4.12.0.1-14.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6fb2c59536 ca-certificates-2015.2.6-1.0.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-1d21e7f650 unzip-6.0-23.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-a55db2fb00 gnutls-3.3.19-1.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2015-afafa29551 pcre-8.37-7.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2015-912d8e4998 kernel-4.2.6-201.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2015-4f500b833b systemd-219-26.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2015-efc06edc85 NetworkManager-vpnc-1.0.8-1.fc22 NetworkManager-openconnect-1.0.8-1.fc22 NetworkManager-openvpn-1.0.8-1.fc22 NetworkManager-openswan-1.0.8-1.fc22 NetworkManager-fortisslvpn-1.0.8-1.fc22 NetworkManager-1.0.8-1.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2015-ae4c9ec179 nspr-4.10.10-2.fc22 nss-3.21.0-1.1.fc22 nss-softokn-3.21.0-1.1.fc22 nss-util-3.21.0-1.0.fc22
The following builds have been pushed to Fedora 22 updates-testing
cscppc-1.3.1-1.fc22 cups-filters-1.2.0-1.fc22 dnf-1.1.4-2.fc22 git-remote-hg-0.2-6.fc22 golang-github-opencontainers-specs-0-0.2.gitcf8dd12.fc22 hgsvn-0.3.12-1.fc22 ibus-table-1.9.11-1.fc22 jenkins-1.609.3-4.fc22 mathgl-2.3.3-4.fc22 mosquitto-1.4.5-1.fc22 mozilla-noscript-2.7-1.fc22 nodejs-ansi-font-0.0.2-1.fc22 nodejs-test-0.6.0-1.fc22 perl-Sereal-Decoder-3.007-2.fc22 python-aiohttp-0.19.0-1.fc22 python-pyspf-2.0.11-3.fc22 scotch-6.0.4-7.fc22 sigul-0.102-1.fc22
Details about builds:
================================================================================ cscppc-1.3.1-1.fc22 (FEDORA-2015-38b480a6ea) A compiler wrapper that runs cppcheck in background -------------------------------------------------------------------------------- Update Information:
- update to latest upstream (1.3.1) --------------------------------------------------------------------------------
================================================================================ cups-filters-1.2.0-1.fc22 (FEDORA-2015-1d2fe90a80) OpenPrinting CUPS filters and backends -------------------------------------------------------------------------------- Update Information:
New upstream release. --------------------------------------------------------------------------------
================================================================================ dnf-1.1.4-2.fc22 (FEDORA-2015-d060fec064) Package manager forked from Yum, using libsolv as a dependency resolver -------------------------------------------------------------------------------- Update Information:
This update fixes issues with DNF inside virtual environment (libguestfs). -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1278382 - DNF python programming error when run from virt-builder https://bugzilla.redhat.com/show_bug.cgi?id=1278382 --------------------------------------------------------------------------------
================================================================================ git-remote-hg-0.2-6.fc22 (FEDORA-2015-b59ee5851b) Mercurial wrapper for git -------------------------------------------------------------------------------- Update Information:
- Mercurial v3.5 has changed API - function context.memfilectx requires object repo as first parameter - changed requires to mercurial >= 3.5 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1265115 - Git fails to export to hg repo from which it was cloned https://bugzilla.redhat.com/show_bug.cgi?id=1265115 --------------------------------------------------------------------------------
================================================================================ golang-github-opencontainers-specs-0-0.2.gitcf8dd12.fc22 (FEDORA-2015-6ab7878820) Open Container Specification -------------------------------------------------------------------------------- Update Information:
Update ---- Needed by runc -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1286185 - Tracker for golang-github-opencontainers-specs https://bugzilla.redhat.com/show_bug.cgi?id=1286185 [ 2 ] Bug #1255370 - Review Request: golang-github-opencontainers-specs - Open Container Specifications https://bugzilla.redhat.com/show_bug.cgi?id=1255370 --------------------------------------------------------------------------------
================================================================================ hgsvn-0.3.12-1.fc22 (FEDORA-2015-9cc5c72a1c) A set of scripts to work locally on subversion checkouts using mercurial -------------------------------------------------------------------------------- Update Information:
Update to latest upstream releage hgsvn 0.3.12. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1285568 - hgsvn-0.3.12 is available https://bugzilla.redhat.com/show_bug.cgi?id=1285568 --------------------------------------------------------------------------------
================================================================================ ibus-table-1.9.11-1.fc22 (FEDORA-2015-300e8d7e09) The Table engine for IBus platform -------------------------------------------------------------------------------- Update Information:
Fix bug in Unihan_Variants.txt, U+9762 and U+7CFB are both simplified *and* traditional Chinese ---- Fix bug in Unihan_Variants.txt, U+8868 and U+6770 are both simplified *and* traditional Chinese ---- Fix hotkey matching -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1285379 - ��� and ��� are used both in simplified *and* traditional Chinese, ibus-table classifies them as simplified Chinese only https://bugzilla.redhat.com/show_bug.cgi?id=1285379 [ 2 ] Bug #1284749 - ��� and ��� are used both in simplified *and* traditional Chinese, ibus-table classifies them as simplified Chinese only https://bugzilla.redhat.com/show_bug.cgi?id=1284749 [ 3 ] Bug #1282683 - Some keyboard shortcuts in ibus-table do not work https://bugzilla.redhat.com/show_bug.cgi?id=1282683 --------------------------------------------------------------------------------
================================================================================ jenkins-1.609.3-4.fc22 (FEDORA-2015-89468612f5) An extendable open source continuous integration server -------------------------------------------------------------------------------- Update Information:
Security update, fixes: CVE-2015-5317 (SECURITY-153), CVE-2015-5319 (SECURITY-173), CVE-2015-5324 (SECURITY-186), CVE-2015-5321 (SECURITY-192), CVE-2015-5322 (SECURITY-195), CVE-2015-5323 (SECURITY-200), CVE-2015-5326 (SECURITY-214) --------------------------------------------------------------------------------
================================================================================ mathgl-2.3.3-4.fc22 (FEDORA-2015-aa070f51ae) Cross-platform library for making high-quality scientific graphics -------------------------------------------------------------------------------- Update Information:
Update to new 2.3.3. version. Support for coming gsl-2 added as well. --------------------------------------------------------------------------------
================================================================================ mosquitto-1.4.5-1.fc22 (FEDORA-2015-1c0b785ead) An Open Source MQTT v3.1/v3.1.1 Broker -------------------------------------------------------------------------------- Update Information:
Update to new upstream version 1.4.5 --------------------------------------------------------------------------------
================================================================================ mozilla-noscript-2.7-1.fc22 (FEDORA-2015-a6570c370f) JavaScript white list extension for Mozilla Firefox -------------------------------------------------------------------------------- Update Information:
v 2.7 ============================================================= - Removed informaction.com, flashgot.net and maone.net from the default whitelist to reduce the potential attack surface - Removed vestigial noscript.forbidData preference * Fixed shorthands not checked for ftp(s) sites (thanks Leon Winter for patch) * [Surrogate] Fixed googletag replacement (thanks barbaz) * Fixed incompatibility with importScript() from workers breaking new reCaptcha implementation (thanks Mr_KrzYch00 for reporting) v 2.6.9.39 ============================================================= * Work-around for a XSS "false positive" caused by nwolb.com passing Javascript code across subdomains in window.name (thanks Sagiv Masvari for reporting) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1284465 - mozilla-noscript-2.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1284465 --------------------------------------------------------------------------------
================================================================================ nodejs-ansi-font-0.0.2-1.fc22 (FEDORA-2015-fbe407e317) ANSI font styling utils -------------------------------------------------------------------------------- Update Information:
Initial package -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1285074 - Review Request: nodejs-ansi-font - ANSI font styling utils https://bugzilla.redhat.com/show_bug.cgi?id=1285074 --------------------------------------------------------------------------------
================================================================================ nodejs-test-0.6.0-1.fc22 (FEDORA-2015-8b806c8bea) (Un)CommonJS test runner -------------------------------------------------------------------------------- Update Information:
Initial package -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1285077 - Review Request: nodejs-test - (Un)CommonJS test runner https://bugzilla.redhat.com/show_bug.cgi?id=1285077 --------------------------------------------------------------------------------
================================================================================ perl-Sereal-Decoder-3.007-2.fc22 (FEDORA-2015-aad8cd2222) Perl deserialization for Sereal format -------------------------------------------------------------------------------- Update Information:
This release fixes incremental parsing of UTF-8 strings. It also improves build script. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1285914 - perl-Sereal-Decoder-3.007 is available https://bugzilla.redhat.com/show_bug.cgi?id=1285914 --------------------------------------------------------------------------------
================================================================================ python-aiohttp-0.19.0-1.fc22 (FEDORA-2015-f6108521d2) A Python HTTP client/server for asyncio -------------------------------------------------------------------------------- Update Information:
Update py3 --------------------------------------------------------------------------------
================================================================================ python-pyspf-2.0.11-3.fc22 (FEDORA-2015-1532cc0a3c) Python module and programs for SPF (Sender Policy Framework) -------------------------------------------------------------------------------- Update Information:
This update provides a complete/correct fix for [bug #1232595](https://bugzilla.redhat.com/show_bug.cgi?id=1232595), from Bojan Smojver. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1232595 - Improper use of python's ipaddress https://bugzilla.redhat.com/show_bug.cgi?id=1232595 --------------------------------------------------------------------------------
================================================================================ scotch-6.0.4-7.fc22 (FEDORA-2015-f2b049bc50) Graph, mesh and hypergraph partitioning library -------------------------------------------------------------------------------- Update Information:
This update adds the parmetis.h header to ptscotch-openmpi-devel and ptscotch- mpich-devel. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1286243 - parmetis.h should be installed https://bugzilla.redhat.com/show_bug.cgi?id=1286243 --------------------------------------------------------------------------------
================================================================================ sigul-0.102-1.fc22 (FEDORA-2015-db7d77b801) A signing server and related software client -------------------------------------------------------------------------------- Update Information:
Update to 0.102, fixing hangs in (sigul sign-rpms) processing. ---- - Update to sigul-0.101. Improves #1272535. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1283364 - utils.run_worker_threads can hang if a consumer thread crashes https://bugzilla.redhat.com/show_bug.cgi?id=1283364 --------------------------------------------------------------------------------