The following Fedora 22 Security updates need testing:
Age URL
394
https://bodhi.fedoraproject.org/updates/FEDORA-2015-5878
echoping-6.1-0.beta.r434svn.1.fc22
343
https://bodhi.fedoraproject.org/updates/FEDORA-2015-9185
ceph-deploy-1.5.25-1.fc22
275
https://bodhi.fedoraproject.org/updates/FEDORA-2015-12781
python-kdcproxy-0.3.2-1.fc22
230
https://bodhi.fedoraproject.org/updates/FEDORA-2015-16239 nagios-4.0.8-1.fc22
218
https://bodhi.fedoraproject.org/updates/FEDORA-2015-2d37e7dacf
openstack-swift-2.2.0-6.fc22
187
https://bodhi.fedoraproject.org/updates/FEDORA-2015-9039c25f1d
miniupnpc-1.9-6.fc22
170
https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4
libpng-1.6.16-4.fc22
170
https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6
libpng-1.6.16-5.fc22
151
https://bodhi.fedoraproject.org/updates/FEDORA-2015-3a5cebb105
ImageMagick-6.9.2.7-1.fc22
137
https://bodhi.fedoraproject.org/updates/FEDORA-2015-b9e4c97ff1 sos-3.2-2.fc22
110
https://bodhi.fedoraproject.org/updates/FEDORA-2015-f683150aa0
thttpd-2.25b-37.fc22
87
https://bodhi.fedoraproject.org/updates/FEDORA-2016-560802e52b
xdelta-3.0.7-7.fc22
76
https://bodhi.fedoraproject.org/updates/FEDORA-2016-24d134e494
mingw-nsis-2.50-1.fc22
67
https://bodhi.fedoraproject.org/updates/FEDORA-2016-338a7e9925
graphite2-1.3.6-1.fc22
63
https://bodhi.fedoraproject.org/updates/FEDORA-2016-3cbe9ad765
python-pygments-2.1.3-1.fc22
24
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a028331ebc
poppler-0.30.0-4.fc22
13
https://bodhi.fedoraproject.org/updates/FEDORA-2016-c1bad2b755
thunderbird-45.0-2.fc22
13
https://bodhi.fedoraproject.org/updates/FEDORA-2016-1aaf308de4
community-mysql-5.6.30-1.fc22
11
https://bodhi.fedoraproject.org/updates/FEDORA-2016-927aade89c
rpm-4.12.0.1-17.fc22
8
https://bodhi.fedoraproject.org/updates/FEDORA-2016-6fd7a31d36
pgpdump-0.30-1.fc22
8
https://bodhi.fedoraproject.org/updates/FEDORA-2016-e205218629 php-5.6.21-1.fc22
8
https://bodhi.fedoraproject.org/updates/FEDORA-2016-7d6cbcadca gd-2.1.1-3.fc22
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-9851b69dbb
openvas-cli-1.4.4-1.fc22 openvas-gsa-6.0.10-3.fc22 openvas-libraries-8.0.7-2.fc22
openvas-manager-6.0.8-2.fc22 openvas-scanner-5.0.5-3.fc22
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-fe0d8f126a
botan-1.10.13-1.fc22
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-777d838c1b
ntp-4.2.6p5-40.fc22
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-3e64b32a91 dhcp-4.3.2-8.fc22
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-1e39d934ed
openssl-1.0.1k-15.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-377b1a015c
owncloud-8.2.4-1.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-655d81aa89
squid-3.5.10-3.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d708261ce2
jackson-dataformat-xml-2.5.0-3.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b4212484d5
imlib2-1.4.9-1.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d049ad1118
ioprocess-0.15.1-1.fc22
The following Fedora 22 Critical Path updates have yet to be approved:
Age URL
269
https://bodhi.fedoraproject.org/updates/FEDORA-2015-13210 yum-3.4.3-508.fc22
187
https://bodhi.fedoraproject.org/updates/FEDORA-2015-2123de044f
libgphoto2-2.5.8-1.fc22
170
https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6
libpng-1.6.16-5.fc22
170
https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4
libpng-1.6.16-4.fc22
93
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d3fce30d64
mobile-broadband-provider-info-1.20151214-1.fc22
76
https://bodhi.fedoraproject.org/updates/FEDORA-2016-ce419c9cab
selinux-policy-3.13.1-128.28.fc22
64
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4d5434d82f parted-3.2-16.fc22
52
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d4e6e32c1c
upower-0.99.3-2.fc22
24
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a028331ebc
poppler-0.30.0-4.fc22
20
https://bodhi.fedoraproject.org/updates/FEDORA-2016-027faabac4
libreport-2.6.4-2.fc22 abrt-2.6.1-11.fc22
19
https://bodhi.fedoraproject.org/updates/FEDORA-2016-af1f30412b
pygtk2-2.24.0-14.fc22
15
https://bodhi.fedoraproject.org/updates/FEDORA-2016-83b47a28ce
wavpack-4.80.0-1.fc22
15
https://bodhi.fedoraproject.org/updates/FEDORA-2016-41df7ccbc8
lldpad-1.0.1-4.git036e314.fc22
13
https://bodhi.fedoraproject.org/updates/FEDORA-2016-c1bad2b755
thunderbird-45.0-2.fc22
11
https://bodhi.fedoraproject.org/updates/FEDORA-2016-927aade89c
rpm-4.12.0.1-17.fc22
8
https://bodhi.fedoraproject.org/updates/FEDORA-2016-7d6cbcadca gd-2.1.1-3.fc22
7
https://bodhi.fedoraproject.org/updates/FEDORA-2016-cc848e483a
xulrunner-44.0-6.fc22
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-3e64b32a91 dhcp-4.3.2-8.fc22
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-e99389f35d
openssh-6.9p1-12.fc22
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-1e39d934ed
openssl-1.0.1k-15.fc22
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-828f77de70
samba-4.2.12-0.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b4212484d5
imlib2-1.4.9-1.fc22
The following builds have been pushed to Fedora 22 updates-testing
booth-1.0-2.eb4256a.git.fc22
geomorph-0.60.1-9.fc22
imlib2-1.4.9-1.fc22
ioprocess-0.15.1-1.fc22
orocos-bfl-0.8.99-5.20160503gitc1b18e3.fc22
owncloud-8.2.4-1.fc22
perl-Sys-Syslog-0.34-1.fc22
perl-Tree-Simple-1.29-1.fc22
python-prompt_toolkit-1.0.0-1.fc22
qutebrowser-0.6.2-1.fc22
thinkfan-0.9.3-1.fc22
Details about builds:
================================================================================
booth-1.0-2.eb4256a.git.fc22 (FEDORA-2016-deacf31bbe)
Ticket Manager for Multi-site Clusters
--------------------------------------------------------------------------------
Update Information:
- update a subset of out-of-tree patches per
https://github.com/ClusterLabs/booth/pull/22#issuecomment-216936987 - pre-
inclusion cleanups in the spec (apply systemd scriptlet operations with
`booth-arbitrator`, avoid overloading file implicitly considered `%doc` as
`%license`)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1314865 - Review Request: booth - Ticket Manager for Multi-site Clusters
https://bugzilla.redhat.com/show_bug.cgi?id=1314865
--------------------------------------------------------------------------------
================================================================================
geomorph-0.60.1-9.fc22 (FEDORA-2016-a53dacfb64)
A height field editor for Linux
--------------------------------------------------------------------------------
Update Information:
Fix Gdk-ERROR: The program 'geomorph' received an X Window System error.
--------------------------------------------------------------------------------
================================================================================
imlib2-1.4.9-1.fc22 (FEDORA-2016-b4212484d5)
Image loading, saving, rendering, and manipulation library
--------------------------------------------------------------------------------
Update Information:
A new upstream update fixing several vulnerabilities. See the bug list for more
information. ---- Rebase to the new upstream bugfix-only version. Add security
fixes for the referenced bugs.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1323616 - CVE-2016-3993 imlib2: off by one error in MergeUpdate
https://bugzilla.redhat.com/show_bug.cgi?id=1323616
[ 2 ] Bug #1327477 - CVE-2016-4024 imlib2: integer overflow resulting in insufficient
heap allocation
https://bugzilla.redhat.com/show_bug.cgi?id=1327477
[ 3 ] Bug #1323060 - CVE-2016-3994 imlib2: out of bound read in GIF loader
https://bugzilla.redhat.com/show_bug.cgi?id=1323060
[ 4 ] Bug #1323080 - CVE-2011-5326 imlib2: divide by zero on 2x1 ellipse
https://bugzilla.redhat.com/show_bug.cgi?id=1323080
--------------------------------------------------------------------------------
================================================================================
ioprocess-0.15.1-1.fc22 (FEDORA-2016-d049ad1118)
Slave process to perform risky IO
--------------------------------------------------------------------------------
Update Information:
Resolves: BZ#1287946
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1287946 - ioprocess-0.15.0 tarball md5sum changed between -3 and -4
https://bugzilla.redhat.com/show_bug.cgi?id=1287946
--------------------------------------------------------------------------------
================================================================================
orocos-bfl-0.8.99-5.20160503gitc1b18e3.fc22 (FEDORA-2016-875fbae2f8)
A framework for inference in Dynamic Bayesian Networks
--------------------------------------------------------------------------------
Update Information:
new package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1233240 - Review Request: orocos-bfl - A framework for inference in Dynamic
Bayesian Networks
https://bugzilla.redhat.com/show_bug.cgi?id=1233240
--------------------------------------------------------------------------------
================================================================================
owncloud-8.2.4-1.fc22 (FEDORA-2016-377b1a015c)
Private file sync and share server
--------------------------------------------------------------------------------
Update Information:
Owncloud now follows the PHP SIG direction of using a fedora autoloader to
directly call the autoloaders of the PHP libraries used. In addition a %check
has been added to ensure the autoloader works correctly and new dependency
versions bumped to match more closely with upstream. This also updates to 8.2.4
fixing a number of issues identified upstream.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1333700 - owncloud: new security issues fixed upstream in 7.0.14, 8.0.12 and
8.1.7 [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1333700
--------------------------------------------------------------------------------
================================================================================
perl-Sys-Syslog-0.34-1.fc22 (FEDORA-2016-6b36b78356)
Perl interface to the UNIX syslog(3) calls
--------------------------------------------------------------------------------
Update Information:
This relases fixes processing TIMESTAMP field, new lines in perror output, neol
option, syslog facility.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1333789 - perl-Sys-Syslog-0.34 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1333789
--------------------------------------------------------------------------------
================================================================================
perl-Tree-Simple-1.29-1.fc22 (FEDORA-2016-7c000ac795)
Tree::Simple Perl module
--------------------------------------------------------------------------------
Update Information:
----
--------------------------------------------------------------------------------
================================================================================
python-prompt_toolkit-1.0.0-1.fc22 (FEDORA-2016-cb0da8d2f4)
Library for building powerful interactive command lines in Python
--------------------------------------------------------------------------------
Update Information:
Update to 1.0.0
--------------------------------------------------------------------------------
================================================================================
qutebrowser-0.6.2-1.fc22 (FEDORA-2016-38a92dd163)
A keyboard-driven, vim-like browser based on PyQt5 and QtWebKit
--------------------------------------------------------------------------------
Update Information:
Removed patches that were only relevant to the previous version 0.6.1.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1331989 - qutebrowser-v0.6.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1331989
--------------------------------------------------------------------------------
================================================================================
thinkfan-0.9.3-1.fc22 (FEDORA-2016-a89bf677bc)
A simple fan control program
--------------------------------------------------------------------------------
Update Information:
Update to version 0.9.3, see
https://github.com/vmatare/thinkfan/releases/tag/0.9.3 for details.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1311406 - [RFE] Thinkfan has a new upstream location
https://bugzilla.redhat.com/show_bug.cgi?id=1311406
--------------------------------------------------------------------------------