The following Fedora 22 Security updates need testing: Age URL 216 https://bodhi.fedoraproject.org/updates/FEDORA-2015-5878 echoping-6.1-0.beta.r434svn.1.fc22 165 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9185 ceph-deploy-1.5.25-1.fc22 98 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12781 python-kdcproxy-0.3.2-1.fc22 83 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13823 python-django-1.8.4-1.fc22 82 https://bodhi.fedoraproject.org/updates/FEDORA-2015-1aee5e6f0b conntrack-tools-1.4.2-9.fc22 77 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14199 sblim-sfcb-1.4.9-2.fc22 52 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16239 nagios-4.0.8-1.fc22 46 https://bodhi.fedoraproject.org/updates/FEDORA-2015-05490fc42d squid-3.4.13-3.fc22 46 https://bodhi.fedoraproject.org/updates/FEDORA-2015-be2c11d456 subversion-1.8.14-1.fc22 41 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2d37e7dacf openstack-swift-2.2.0-6.fc22 39 https://bodhi.fedoraproject.org/updates/FEDORA-2015-3e4043f088 python-pymongo-3.0.3-1.fc22 39 https://bodhi.fedoraproject.org/updates/FEDORA-2015-8d4b507cb0 cyrus-imapd-2.4.18-1.fc22 33 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6d2a957a87 postgresql-9.4.5-1.fc22 31 https://bodhi.fedoraproject.org/updates/FEDORA-2015-4bc7688b3e audiofile-0.3.6-9.fc22 26 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9f996ea146 sddm-0.12.0-5.fc22 16 https://bodhi.fedoraproject.org/updates/FEDORA-2015-5062ef3dbe openstack-ironic-discoverd-1.1.1-1.fc22 16 https://bodhi.fedoraproject.org/updates/FEDORA-2015-de44abca87 ntp-4.2.6p5-34.fc22 10 https://bodhi.fedoraproject.org/updates/FEDORA-2015-0552500cd7 python-pygments-2.0.2-3.fc22 10 https://bodhi.fedoraproject.org/updates/FEDORA-2015-48003c2343 dovecot-2.2.19-1.fc22 10 https://bodhi.fedoraproject.org/updates/FEDORA-2015-95f5ff8d44 perl-HTML-Scrubber-0.15-1.fc22 10 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9039c25f1d miniupnpc-1.9-6.fc22 9 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9eee2fbc78 rpcbind-0.2.3-0.3.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2015-1521e91178 wpa_supplicant-2.4-6.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2015-30f080e459 perl-IPTables-Parse-1.5-2.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2015-0de8163795 python-pycurl-7.19.5.1-3.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-34cbb284c4 metis-5.1.0-7.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-0ac1f25444 drupal7-jquery_update-2.7-1.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-e32ef62cea wildmagic5-5.13-12.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-01162d79b5 MUMPS-5.0.1-4.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-fd78327d35 snappy-player-1.0-7.20151010git166a98.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6a6076de9d libsedml-0.3.1-4.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-85760004ca owncloud-8.0.9-1.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-321ae39ee6 m2crypto-0.22.5-2.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-1b9c33d713 krb5-1.13.2-10.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-69133edcb2 telegram-cli-1.3.1-7.20150730git2052f4.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2a3726da40 openms-2.0.0-21.20150529git88dc25.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-56be43eae6 libsndfile-1.0.25-17.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-4329bbe285 tubo-5.0.15-3.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-db5973c72c librfm-5.3.16-8.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-1d49176aa1 pdns-3.4.7-1.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2015-5ad4a1f151 putty-0.66-1.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-668d213dc3 xen-4.5.2-2.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-cd94ad8d7c kernel-4.2.6-200.fc22
The following Fedora 22 Critical Path updates have yet to be approved: Age URL 91 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13210 yum-3.4.3-508.fc22 77 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14218 xulrunner-40.0-1.fc22 14 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7517bd0bc5 libtiff-4.0.3-21.fc22 10 https://bodhi.fedoraproject.org/updates/FEDORA-2015-ceb53e8625 phonon-4.8.3-7.fc22 10 https://bodhi.fedoraproject.org/updates/FEDORA-2015-8041d50c4b linux-firmware-20151030-58.git66d3d8d7.fc22 10 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2123de044f libgphoto2-2.5.8-1.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2015-0de8163795 python-pycurl-7.19.5.1-3.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2015-1521e91178 wpa_supplicant-2.4-6.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-38fc6652a8 NetworkManager-1.0.6-8.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6982da5fe4 prison-1.1.1-3.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-48f718ed1b vim-7.4.909-1.fc22 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-8da7317e5a lldpad-1.0.1-2.git986eb2e.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-56be43eae6 libsndfile-1.0.25-17.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-5cb48e152b bluez-5.35-1.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-069fea7e6b livecd-tools-22.3-1.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-1b9c33d713 krb5-1.13.2-10.fc22 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-a84e080ad0 kdepim-4.14.10-7.fc22 kdepim-runtime-4.14.10-5.fc22 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-f396e330d9 selinux-policy-3.13.1-128.20.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2015-ff8dec36c1 perl-Carp-1.38-1.fc22 1 https://bodhi.fedoraproject.org/updates/FEDORA-2015-bb8e7c410b samba-4.2.5-0.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-cd94ad8d7c kernel-4.2.6-200.fc22 The following builds have been pushed to Fedora 22 updates-testing PackageKit-Qt-0.9.5-5.fc22 clustershell-1.7-1.fc22 euca2ools-3.3.0-1.fc22 glogg-1.0.3-1.fc22 google-noto-cjk-fonts-1.004-2.fc22 kernel-4.2.6-200.fc22 kgpg-15.08.3-2.fc22 lilypond-2.19.31-1.fc22 lilypond-doc-2.19.31-1.fc22 nodejs-array-union-1.0.1-1.fc22 perl-DateTime-Event-Recurrence-0.18-1.fc22 perl-DateTime-Set-0.3500-1.fc22 perl-DateTime-Set-0.3600-1.fc22 php-zordius-lightncandy-0.23-1.fc22 protozero-1.2.2-2.fc22 python-aniso8601-1.1.0-1.fc22 rebase-helper-0.6.2-1.fc22 scite-3.6.2-1.fc22 torrent-file-editor-0.2.1-1.fc22 typesafe-config-1.2.0-4.fc22 wesnoth-1.12.5-1.fc22 xen-4.5.2-2.fc22 Details about builds: ================================================================================ PackageKit-Qt-0.9.5-5.fc22 (FEDORA-2015-acd0246e82) Qt support library for PackageKit -------------------------------------------------------------------------------- Update Information: PackageKit-Qt-0.9.5-5.fc22 - drop old Provides: PackageKit-qt - -Requires/+Recommends: PackageKit -------------------------------------------------------------------------------- References: [ 1 ] Bug #1224421 - plasma-desktop depends on PackageKit https://bugzilla.redhat.com/show_bug.cgi?id=1224421 -------------------------------------------------------------------------------- ================================================================================ clustershell-1.7-1.fc22 (FEDORA-2015-65ecabdf83) Python framework for efficient cluster administration -------------------------------------------------------------------------------- Update Information: clustershell-1.7-1.fc22 - update to 1.7 -------------------------------------------------------------------------------- ================================================================================ euca2ools-3.3.0-1.fc22 (FEDORA-2015-9fbb9b7462) Eucalyptus/AWS-compatible command line tools -------------------------------------------------------------------------------- Update Information: This update integrates several upstream bugfixes and also fixes breakage caused by errant options to /usr/bin/python. -------------------------------------------------------------------------------- ================================================================================ glogg-1.0.3-1.fc22 (FEDORA-2015-67f595e19e) Smart interactive log explorer -------------------------------------------------------------------------------- Update Information: update to the latest available version, rhbz#1280115. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1280115 - glogg-1.0.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1280115 -------------------------------------------------------------------------------- ================================================================================ google-noto-cjk-fonts-1.004-2.fc22 (FEDORA-2015-7ce4b37c4f) Google Noto Sans CJK Fonts -------------------------------------------------------------------------------- Update Information: new packages. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1273712 - Review Request: google-noto-cjk-fonts - Google Noto Sans CJK Fonts https://bugzilla.redhat.com/show_bug.cgi?id=1273712 -------------------------------------------------------------------------------- ================================================================================ kernel-4.2.6-200.fc22 (FEDORA-2015-cd94ad8d7c) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 4.2.6 stable update contains a number of important fixes across the tree. kernel-4.2.6-200.fc22 - Fix incorrect size calculations in megaraid with 64K pages (rhbz 1269300) - CVE-2015-8104 kvm: DoS infinite loop in microcode DB exception (rhbz 1278496 1279691) - CVE-2015-5307 kvm: DoS infinite loop in microcode AC exception (rhbz 1277172 1279688) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1278496 - CVE-2015-8104 virt: guest to host DoS by triggering an infinite loop in microcode via #DB exception https://bugzilla.redhat.com/show_bug.cgi?id=1278496 [ 2 ] Bug #1277172 - CVE-2015-5307 virt: guest to host DoS by triggering an infinite loop in microcode via #AC exception https://bugzilla.redhat.com/show_bug.cgi?id=1277172 [ 3 ] Bug #1271134 - CVE-2015-7799 kernel: net: slip: crash when using PPP character device driver https://bugzilla.redhat.com/show_bug.cgi?id=1271134 [ 4 ] Bug #1276437 - CVE-2015-7990 kernel: Race condition when sending message on unbound socket causing NULL pointer dereference https://bugzilla.redhat.com/show_bug.cgi?id=1276437 -------------------------------------------------------------------------------- ================================================================================ kgpg-15.08.3-2.fc22 (FEDORA-2015-e8d90a10ae) Manage GPG encryption keys -------------------------------------------------------------------------------- Update Information: kgpg-15.08.3-1.fc23 - 15.08.3 - fix typo in autostart.patch (#1245732) kgpg-15.08.3-2.fc22 - create/own (empty) global/system kgpgrc (#1245732) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1245732 - KGpg Fails to Autostart on Fedora 22 with KDE, Despite Being Enabled https://bugzilla.redhat.com/show_bug.cgi?id=1245732 -------------------------------------------------------------------------------- ================================================================================ lilypond-2.19.31-1.fc22 (FEDORA-2015-252b0a713f) A typesetting system for music notation -------------------------------------------------------------------------------- Update Information: lilypond-2.19.31-1.fc22 - 2.19.31. lilypond-2.19.31-1.fc23 - 2.19.31. lilypond-doc-2.19.31-1.fc22 - 2.19.31. lilypond-doc-2.19.31-1.fc23 - 2.19.31. -------------------------------------------------------------------------------- ================================================================================ lilypond-doc-2.19.31-1.fc22 (FEDORA-2015-252b0a713f) HTML documentation for LilyPond -------------------------------------------------------------------------------- Update Information: lilypond-2.19.31-1.fc22 - 2.19.31. lilypond-2.19.31-1.fc23 - 2.19.31. lilypond-doc-2.19.31-1.fc22 - 2.19.31. lilypond-doc-2.19.31-1.fc23 - 2.19.31. -------------------------------------------------------------------------------- ================================================================================ nodejs-array-union-1.0.1-1.fc22 (FEDORA-2015-a910f1b170) Create an array of unique values, in order, from the input arrays -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1272667 - Review Request: nodejs-array-union - Create an array of unique values, in order, from the input arrays https://bugzilla.redhat.com/show_bug.cgi?id=1272667 -------------------------------------------------------------------------------- ================================================================================ perl-DateTime-Event-Recurrence-0.18-1.fc22 (FEDORA-2015-95580e638e) DateTime::Set extension for create basic recurrence sets -------------------------------------------------------------------------------- Update Information: A new version of DateTime::Event::Recurrence is available. See http://cpansearch.perl.org/src/FGLOCK/DateTime-Event-Recurrence-0.18/Changes for the summary of changes in this release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1280282 - perl-DateTime-Event-Recurrence-0.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=1280282 -------------------------------------------------------------------------------- ================================================================================ perl-DateTime-Set-0.3500-1.fc22 (FEDORA-2015-4c1fce9e6c) Datetime sets and set math -------------------------------------------------------------------------------- Update Information: A new version of DateTime::Set is available. See http://cpansearch.perl.org/src/FGLOCK/DateTime-Set-0.3600/Changes for the summary of changes in this release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1280113 - perl-DateTime-Set-0.3600 is available https://bugzilla.redhat.com/show_bug.cgi?id=1280113 -------------------------------------------------------------------------------- ================================================================================ perl-DateTime-Set-0.3600-1.fc22 (FEDORA-2015-eabfa6c5e3) Datetime sets and set math -------------------------------------------------------------------------------- Update Information: A new version of DateTime::Set is available. See http://cpansearch.perl.org/src/FGLOCK/DateTime-Set-0.3600/Changes for the summary of changes in this release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1280113 - perl-DateTime-Set-0.3600 is available https://bugzilla.redhat.com/show_bug.cgi?id=1280113 -------------------------------------------------------------------------------- ================================================================================ php-zordius-lightncandy-0.23-1.fc22 (FEDORA-2015-32d7efc799) An extremely fast PHP implementation of handlebars and mustache -------------------------------------------------------------------------------- Update Information: * support {{{{rawblock}}}} ... {{{{/rawblock}}}} when FLAG_RAWBLOCK enabled * add prePartial() static method and prepartial compile option for extendibility * support private variable injection from handlebars custom block helpers * fix {{!-- --}} bug when it inside a partial * fix support for nested raw block -------------------------------------------------------------------------------- References: [ 1 ] Bug #1279865 - php-zordius-lightncandy-v0.23 is available https://bugzilla.redhat.com/show_bug.cgi?id=1279865 -------------------------------------------------------------------------------- ================================================================================ protozero-1.2.2-2.fc22 (FEDORA-2015-49d0bbd331) Minimalistic protocol buffer decoder and encoder in C++ -------------------------------------------------------------------------------- Update Information: New package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1260375 - Review Request: protozero - Minimalistic protocol buffer decoder and encoder in C++ https://bugzilla.redhat.com/show_bug.cgi?id=1260375 -------------------------------------------------------------------------------- ================================================================================ python-aniso8601-1.1.0-1.fc22 (FEDORA-2015-03ee3c7f8a) Another ISO 8601 parser for Python -------------------------------------------------------------------------------- Update Information: update to 1.1.0, rebuild with Python 3 -------------------------------------------------------------------------------- ================================================================================ rebase-helper-0.6.2-1.fc22 (FEDORA-2015-a4dfdb6636) The tool which helps you with rebase package -------------------------------------------------------------------------------- Update Information: New upstream version 0.6.2 (#1280294) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1280294 - rebase-helper-0.6.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1280294 -------------------------------------------------------------------------------- ================================================================================ scite-3.6.2-1.fc22 (FEDORA-2015-94cf99a94e) SCIntilla based GTK2 text editor -------------------------------------------------------------------------------- Update Information: Update to 3.6.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1279908 - scite-362 is available https://bugzilla.redhat.com/show_bug.cgi?id=1279908 -------------------------------------------------------------------------------- ================================================================================ torrent-file-editor-0.2.1-1.fc22 (FEDORA-2015-8dcd62bee6) Qt based GUI tool designed to create and edit .torrent files -------------------------------------------------------------------------------- Update Information: Bump to v0.2.1 -------------------------------------------------------------------------------- ================================================================================ typesafe-config-1.2.0-4.fc22 (FEDORA-2015-47cfa3461c) Configuration library for JVM languages -------------------------------------------------------------------------------- Update Information: Fix FTBFS RHBZ#1107469 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1107469 - typesafe-config: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1107469 -------------------------------------------------------------------------------- ================================================================================ wesnoth-1.12.5-1.fc22 (FEDORA-2015-2b68599049) Turn-based strategy game with a fantasy theme -------------------------------------------------------------------------------- Update Information: wesnoth-1.12.5-1.fc23 - 1.12.5. wesnoth-1.12.5-1.fc21 - 1.12.5. wesnoth-1.12.5-1.fc22 - 1.12.5. -------------------------------------------------------------------------------- ================================================================================ xen-4.5.2-2.fc22 (FEDORA-2015-668d213dc3) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information: x86: CPU lockup during exception delivery [XSA-156, CVE-2015-5307, CVE-2015-8104] ---- update to 4.5.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1277172 - CVE-2015-5307 virt: guest to host DoS by triggering an infinite loop in microcode via #AC exception https://bugzilla.redhat.com/show_bug.cgi?id=1277172 [ 2 ] Bug #1278496 - CVE-2015-8104 virt: guest to host DoS by triggering an infinite loop in microcode via #DB exception https://bugzilla.redhat.com/show_bug.cgi?id=1278496 -------------------------------------------------------------------------------- -- test mailing list test@lists.fedoraproject.org To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
