The following Fedora 22 Security updates need testing:
Age URL
364
https://bodhi.fedoraproject.org/updates/FEDORA-2015-5878
echoping-6.1-0.beta.r434svn.1.fc22
313
https://bodhi.fedoraproject.org/updates/FEDORA-2015-9185
ceph-deploy-1.5.25-1.fc22
245
https://bodhi.fedoraproject.org/updates/FEDORA-2015-12781
python-kdcproxy-0.3.2-1.fc22
200
https://bodhi.fedoraproject.org/updates/FEDORA-2015-16239 nagios-4.0.8-1.fc22
188
https://bodhi.fedoraproject.org/updates/FEDORA-2015-2d37e7dacf
openstack-swift-2.2.0-6.fc22
157
https://bodhi.fedoraproject.org/updates/FEDORA-2015-9039c25f1d
miniupnpc-1.9-6.fc22
140
https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4
libpng-1.6.16-4.fc22
140
https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6
libpng-1.6.16-5.fc22
121
https://bodhi.fedoraproject.org/updates/FEDORA-2015-3a5cebb105
ImageMagick-6.9.2.7-1.fc22
107
https://bodhi.fedoraproject.org/updates/FEDORA-2015-b9e4c97ff1 sos-3.2-2.fc22
80
https://bodhi.fedoraproject.org/updates/FEDORA-2015-f683150aa0
thttpd-2.25b-37.fc22
69
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4c57c232c0
xulrunner-44.0-1.fc22
57
https://bodhi.fedoraproject.org/updates/FEDORA-2016-560802e52b
xdelta-3.0.7-7.fc22
46
https://bodhi.fedoraproject.org/updates/FEDORA-2016-24d134e494
mingw-nsis-2.50-1.fc22
37
https://bodhi.fedoraproject.org/updates/FEDORA-2016-338a7e9925
graphite2-1.3.6-1.fc22
33
https://bodhi.fedoraproject.org/updates/FEDORA-2016-3cbe9ad765
python-pygments-2.1.3-1.fc22
28
https://bodhi.fedoraproject.org/updates/FEDORA-2016-7b40eb9e29
libecap-1.0.0-1.fc22 squid-3.5.10-1.fc22
28
https://bodhi.fedoraproject.org/updates/FEDORA-2016-5f44e89fe0
python-tgcaptcha2-0.3.1-1.fc22
7
https://bodhi.fedoraproject.org/updates/FEDORA-2016-250042b8a6
xstream-1.4.9-1.fc22
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-5f196e4e4a xen-4.5.3-1.fc22
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-246417376c
latex2rtf-2.3.10-1.fc22
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-9282d83bee php-5.6.20-1.fc22
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-f61f02e9e2
fuse-encfs-1.8.1-1.fc22
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-ed5110c4bb
kernel-4.4.6-201.fc22
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-6ad4474058
python-pillow-2.8.2-5.fc22
2
https://bodhi.fedoraproject.org/updates/FEDORA-2016-7eb5caa94d
parallel-20160222-1.fc22
2
https://bodhi.fedoraproject.org/updates/FEDORA-2016-8d4b68e412
imlib2-1.4.8-1.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d19ed2f80d
squid-3.5.10-2.fc22
The following Fedora 22 Critical Path updates have yet to be approved:
Age URL
239
https://bodhi.fedoraproject.org/updates/FEDORA-2015-13210 yum-3.4.3-508.fc22
157
https://bodhi.fedoraproject.org/updates/FEDORA-2015-2123de044f
libgphoto2-2.5.8-1.fc22
154
https://bodhi.fedoraproject.org/updates/FEDORA-2015-48f718ed1b vim-7.4.909-1.fc22
140
https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6
libpng-1.6.16-5.fc22
140
https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4
libpng-1.6.16-4.fc22
69
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4c57c232c0
xulrunner-44.0-1.fc22
63
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d3fce30d64
mobile-broadband-provider-info-1.20151214-1.fc22
46
https://bodhi.fedoraproject.org/updates/FEDORA-2016-ce419c9cab
selinux-policy-3.13.1-128.28.fc22
37
https://bodhi.fedoraproject.org/updates/FEDORA-2016-3b03252507
rpm-4.12.0.1-16.fc22
34
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4d5434d82f parted-3.2-16.fc22
26
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4072c51267 dracut-041-15.fc22
22
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d4e6e32c1c
upower-0.99.3-2.fc22
16
https://bodhi.fedoraproject.org/updates/FEDORA-2016-33be675c57
firefox-45.0.1-2.fc22
15
https://bodhi.fedoraproject.org/updates/FEDORA-2016-fe22f37fba
hwdata-0.287-1.fc22
11
https://bodhi.fedoraproject.org/updates/FEDORA-2016-18d1833265
thunderbird-38.7.1-1.fc22
9
https://bodhi.fedoraproject.org/updates/FEDORA-2016-881765e99c
systemtap-3.0-2.fc22
9
https://bodhi.fedoraproject.org/updates/FEDORA-2016-f5078f60f9
ntfs-3g-2016.2.22-1.fc22 testdisk-7.0-7.fc22
7
https://bodhi.fedoraproject.org/updates/FEDORA-2016-dedd49a5b7 lorax-22.14-1.fc22
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-ed5110c4bb
kernel-4.4.6-201.fc22
2
https://bodhi.fedoraproject.org/updates/FEDORA-2016-8d4b68e412
imlib2-1.4.8-1.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-50cc0dbbde
wavpack-4.75.2-1.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-060be75c14
webkitgtk3-2.4.10-2.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-6d6f111230
elfutils-0.166-1.fc22
The following builds have been pushed to Fedora 22 updates-testing
GeoIP-GeoLite-data-2016.04-1.fc22
Random123-1.09-1.fc22
chirp-20160402-1.fc22
cjdns-17.3-11.fc22
composer-1.0.0-1.fc22
dovecot-2.2.23-1.fc22
elfutils-0.166-1.fc22
getdns-0.9.0-1.fc22
gtkspell3-3.0.8-1.fc22
gtkspellmm30-3.0.4-2.fc22
hplip-3.15.9-4.fc22
imapsync-1.684-1.fc22
libmediainfo-0.7.84-1.fc22
liferea-1.10.19-1.fc22
mediainfo-0.7.84-1.fc22
mediatomb-0.12.1-38.fc22.20120403gitb66dc1
mingw-gtkspell3-3.0.8-1.fc22
mingw-gtkspellmm30-3.0.4-2.fc22
nasm-2.11.06-2.fc22
ovirt-guest-agent-1.0.11-3.fc22
php-PHP-CSS-Parser-7.0.2-1.fc22
php-horde-Horde-Auth-2.1.12-1.fc22
php-horde-Horde-Crypt-2.7.3-1.fc22
php-horde-Horde-Css-Parser-1.0.9-1.fc22
php-horde-Horde-Dav-1.1.3-1.fc22
php-horde-Horde-Kolab-Storage-2.2.2-1.fc22
php-horde-Horde-ListHeaders-1.2.4-1.fc22
php-horde-Horde-Log-2.2.0-1.fc22
php-horde-Horde-Nls-2.2.0-1.fc22
php-horde-Horde-SyncMl-2.0.7-1.fc22
php-horde-imp-6.2.14-1.fc22
php-horde-ingo-3.2.10-1.fc22
php-horde-nag-4.2.9-1.fc22
php-horde-turba-4.2.14-1.fc22
php-paragonie-random-compat-1.4.1-1.fc22
php-symfony-2.7.11-2.fc22
python-breathe-4.2.0-1.fc22
squid-3.5.10-2.fc22
sysreporter-3.0.3-1.fc22
wavpack-4.75.2-1.fc22
webkitgtk-2.4.10-2.fc22
webkitgtk3-2.4.10-2.fc22
znc-1.6.3-1.fc22
Details about builds:
================================================================================
GeoIP-GeoLite-data-2016.04-1.fc22 (FEDORA-2016-af65be0c5a)
Free GeoLite IP geolocation country database
--------------------------------------------------------------------------------
Update Information:
Update to Apil 2016 GeoLite databases.
--------------------------------------------------------------------------------
================================================================================
Random123-1.09-1.fc22 (FEDORA-2016-0dc747cc49)
Library of random number generators
--------------------------------------------------------------------------------
Update Information:
* Update to new release * Package only available on x86, x86_64 and ppc -
upstream does not support other arches.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1324478 - Update to 1.09
https://bugzilla.redhat.com/show_bug.cgi?id=1324478
[ 2 ] Bug #1311304 - gccfeatures.h breaks compilation on arches other than x86 and ppc
https://bugzilla.redhat.com/show_bug.cgi?id=1311304
--------------------------------------------------------------------------------
================================================================================
chirp-20160402-1.fc22 (FEDORA-2016-838f001506)
A tool for programming two-way radio equipment
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1324577 - RFE current in the repos is 2 months behind upstream
https://bugzilla.redhat.com/show_bug.cgi?id=1324577
--------------------------------------------------------------------------------
================================================================================
cjdns-17.3-11.fc22 (FEDORA-2016-ce63703998)
The privacy-friendly network without borders
--------------------------------------------------------------------------------
Update Information:
Cjdns is an IP6 mesh VPN with cryptographic address allocation. This is the
first Fedora release. This version uses libsodium instead of nacl.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1268716 - Review Request: cjdns - IP6 VPN with crypto address allocation
https://bugzilla.redhat.com/show_bug.cgi?id=1268716
--------------------------------------------------------------------------------
================================================================================
composer-1.0.0-1.fc22 (FEDORA-2016-c2e6b9ce88)
Dependency Manager for PHP
--------------------------------------------------------------------------------
Update Information:
**Version 1.0.0** * Added support for bitbucket-oauth configuration *
Added warning when running composer as super user, set
COMPOSER_ALLOW_SUPERUSER=1 to hide the warning if you really must * Added
PluginManager::getGlobalComposer getter to retrieve the global instance (which
can be null!) * Fixed dependency solver error reporting in many cases it now
shows you proper errors instead of just saying a package does not exist *
Fixed output of failed downloads appearing as 100% done instead of Failed *
Fixed handling of empty directories when archiving, they are not skipped anymore
* Fixed installation of broken plugins corrupting the vendor state when
combined with symlinked path repositories ---- **Version 1.0.0-beta2** *
Break: The install command now turns into an update command automatically if you
have no composer.lock. This was done only half-way before which caused
inconsistencies * Break: By default the remove command now removes
dependencies as well, and --update-with-dependencies is deprecated. Use --no-
update-with-dependencies to get old behavior * Added support for SSL_CERT_DIR
env var and openssl.capath ini value * Added some conflict detection in why-
not command * Added suggestion of root package's suggests in create-project
command * Fixed create-project ignoring --ignore-platform-reqs when choosing
a version of the package * Fixed search command in a directory without
composer.json * Fixed path repository handling of symlinks on windows *
Fixed PEAR repo handling to prefer HTTPS mirrors over HTTP ones * Fixed
handling of Path env var on Windows, only PATH was accepted before * Small
error reporting and docs improvements
--------------------------------------------------------------------------------
================================================================================
dovecot-2.2.23-1.fc22 (FEDORA-2016-9f0b97c62d)
Secure imap and pop3 server
--------------------------------------------------------------------------------
Update Information:
- Various fixes to doveadm. Especially running commands via doveadm-
server was broken. - director: Fixed user weakness getting stuck in some
situations - director: Fixed a situation where directors keep re-sending
different states to each others and never becoming synced. - director: Fixed
assert-crash related to a slow "user killed" reply - Fixed assert-crash
related to istream-concat, which could have been triggered at least by a
Sieve script.
--------------------------------------------------------------------------------
================================================================================
elfutils-0.166-1.fc22 (FEDORA-2016-6d6f111230)
A collection of utilities and DSOs to handle compiled objects
--------------------------------------------------------------------------------
Update Information:
Upgrade to elfutils-0.166. Various bug fixes. ppc32 and sparc32 build/testsuite
fixes, better support for non-linux (kfreebsd/hurd), build fixes for older glibc
without ELF compression types, a fix for over-adjusting alignment of NOBITS
sections, bug fixes for issues found by gcc6, recognize some Go and ARM ELF
notes, addition of new i386/x86_64 relocation types and elfcompress -q would
erroneously imply --force.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1295951 - Unsupported/confusing golang notes
https://bugzilla.redhat.com/show_bug.cgi?id=1295951
[ 2 ] Bug #1285613 - Missing NT_ARM_SYSTEM_CALL
https://bugzilla.redhat.com/show_bug.cgi?id=1285613
--------------------------------------------------------------------------------
================================================================================
getdns-0.9.0-1.fc22 (FEDORA-2016-f5bd0e63f8)
Modern asynchronous API to the DNS
--------------------------------------------------------------------------------
Update Information:
Updated to 0.9.0
--------------------------------------------------------------------------------
================================================================================
gtkspell3-3.0.8-1.fc22 (FEDORA-2016-366a895bc5)
On-the-fly spell checking for GtkTextView widgets
--------------------------------------------------------------------------------
Update Information:
Update to version 3.0.8, see
http://gtkspell.sourceforge.net/ChangeLog for
details.
--------------------------------------------------------------------------------
================================================================================
gtkspellmm30-3.0.4-2.fc22 (FEDORA-2016-893f3481ab)
On-the-fly spell checking for GtkTextView widgets - C++ bindings
--------------------------------------------------------------------------------
Update Information:
Update to version 3.0.4, see
http://gtkspell.sourceforge.net/NEWS for details.
--------------------------------------------------------------------------------
================================================================================
hplip-3.15.9-4.fc22 (FEDORA-2016-f0a25261f4)
HP Linux Imaging and Printing Project
--------------------------------------------------------------------------------
Update Information:
Fixes bug with proprietary plugin.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1249414 - hp-plugin (3.15.7) hangs on 'su'
https://bugzilla.redhat.com/show_bug.cgi?id=1249414
--------------------------------------------------------------------------------
================================================================================
imapsync-1.684-1.fc22 (FEDORA-2016-e1ed475951)
Tool to migrate email between IMAP servers
--------------------------------------------------------------------------------
Update Information:
Update to 1.684
--------------------------------------------------------------------------------
================================================================================
libmediainfo-0.7.84-1.fc22 (FEDORA-2016-c48b46e056)
Library for supplies technical and tag information about a video or audio file
--------------------------------------------------------------------------------
Update Information:
Update to 0.7.84.
--------------------------------------------------------------------------------
================================================================================
liferea-1.10.19-1.fc22 (FEDORA-2016-91b1ca0f4e)
An RSS/RDF feed reader
--------------------------------------------------------------------------------
Update Information:
This update updates liferea to 1.10.19 * it fixes compilation problems in
the 1.10.18 release * it also fixes a problem with updating favicons
--------------------------------------------------------------------------------
================================================================================
mediainfo-0.7.84-1.fc22 (FEDORA-2016-c48b46e056)
Supplies technical and tag information about a video or audio file (CLI)
--------------------------------------------------------------------------------
Update Information:
Update to 0.7.84.
--------------------------------------------------------------------------------
================================================================================
mediatomb-0.12.1-38.fc22.20120403gitb66dc1 (FEDORA-2016-94ff06eb91)
MediaTomb - UPnP AV Mediaserver for Linux
--------------------------------------------------------------------------------
Update Information:
Systemd fixes.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1272709 - mediatomb missed requirements
https://bugzilla.redhat.com/show_bug.cgi?id=1272709
[ 2 ] Bug #1211048 - mediatomb deamon does not release sockets at stop - systemd
service
https://bugzilla.redhat.com/show_bug.cgi?id=1211048
[ 3 ] Bug #850203 - Introduce new systemd-rpm macros in mediatomb spec file
https://bugzilla.redhat.com/show_bug.cgi?id=850203
--------------------------------------------------------------------------------
================================================================================
mingw-gtkspell3-3.0.8-1.fc22 (FEDORA-2016-bd8ed91d2d)
MinGW Windows GtkSpell3 library
--------------------------------------------------------------------------------
Update Information:
Update to version 3.0.8, see
http://gtkspell.sourceforge.net/ChangeLog for
details.
--------------------------------------------------------------------------------
================================================================================
mingw-gtkspellmm30-3.0.4-2.fc22 (FEDORA-2016-b832f9e3c0)
MinGW Windows GtkSpellmm library
--------------------------------------------------------------------------------
Update Information:
Update to version 3.0.4, see
http://gtkspell.sourceforge.net/NEWS for details.
--------------------------------------------------------------------------------
================================================================================
nasm-2.11.06-2.fc22 (FEDORA-2016-b3c9dcc237)
A portable x86 assembler which uses Intel-like syntax
--------------------------------------------------------------------------------
Update Information:
Fixes a regression introduced in version 2.11.06, which breaks syslinux build.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1315153 - error: symbol references not supported in preprocess-only mode
https://bugzilla.redhat.com/show_bug.cgi?id=1315153
--------------------------------------------------------------------------------
================================================================================
ovirt-guest-agent-1.0.11-3.fc22 (FEDORA-2016-34b176643f)
The oVirt Guest Agent
--------------------------------------------------------------------------------
Update Information:
Bump to ovirt guest agent 1.0.11.3 release (ovirt 3.6.5) ---- ovirt-guest-
agent-1.0.11-2.fc22 - BZ#1271167 - Execute diskmapper elevated or it won't be
working
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1271167 - [abrt] ovirt-guest-agent-common:
__init__.py:378:__getitem__:AttributeError: python: undefined symbol:
udev_device_get_property_value
https://bugzilla.redhat.com/show_bug.cgi?id=1271167
--------------------------------------------------------------------------------
================================================================================
php-PHP-CSS-Parser-7.0.2-1.fc22 (FEDORA-2016-d84c0c01f5)
A Parser for CSS Files
--------------------------------------------------------------------------------
Update Information:
**Horde_Css_Parser 1.0.9** * [jan] Update to PHP-CSS-Parser 7.0.2 (Request
#14297). --- **PHP-CSS-Parser 7.0.2** * Compatibility with PHP 7.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Auth-2.1.12-1.fc22 (FEDORA-2016-06c103d8ee)
Horde Authentication API
--------------------------------------------------------------------------------
Update Information:
**Horde_Auth 2.1.12** * [mjr] Fix creating/removing mailbox in cyrsql driver
(Bug #14295, federico.mennite).
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Crypt-2.7.3-1.fc22 (FEDORA-2016-717931e7e5)
Horde Cryptography API
--------------------------------------------------------------------------------
Update Information:
**Horde_Crypt 2.7.3** * [jan] Work around broken PGP key servers.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Css-Parser-1.0.9-1.fc22 (FEDORA-2016-d84c0c01f5)
Horde CSS Parser
--------------------------------------------------------------------------------
Update Information:
**Horde_Css_Parser 1.0.9** * [jan] Update to PHP-CSS-Parser 7.0.2 (Request
#14297). --- **PHP-CSS-Parser 7.0.2** * Compatibility with PHP 7.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Dav-1.1.3-1.fc22 (FEDORA-2016-43c57b0a30)
Horde library for WebDAV, CalDAV, CardDAV
--------------------------------------------------------------------------------
Update Information:
**Horde_Dav 1.1.3** * [jan] Fix down migration of database schema.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Kolab-Storage-2.2.2-1.fc22 (FEDORA-2016-e1a11d9a97)
A package for handling Kolab data stored on an IMAP server
--------------------------------------------------------------------------------
Update Information:
**Horde_Kolab_Storage 2.2.2** * [jan] Update Greek translation (Limperis
Antonis).
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-ListHeaders-1.2.4-1.fc22 (FEDORA-2016-0d537b6350)
Horde List Headers Parsing Library
--------------------------------------------------------------------------------
Update Information:
**Horde_ListHeaders 1.2.4** * [jan] Add Greek translation (Limperis Antonis).
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Log-2.2.0-1.fc22 (FEDORA-2016-c92418ff52)
Horde Logging library
--------------------------------------------------------------------------------
Update Information:
**Horde_Log 2.2.0** * [jan] Add a few common aliases for the log level
constants. * [jan] Allow to have multiple log level names with the same value.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Nls-2.2.0-1.fc22 (FEDORA-2016-ffdaf8b9e2)
Native Language Support (NLS)
--------------------------------------------------------------------------------
Update Information:
**Horde_Nls 2.2.0** * [jan] Add Horde_Nls::getTimezonesWithAbbreviations(). *
[jan] Update Greek translation (Limperis Antonis).
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-SyncMl-2.0.7-1.fc22 (FEDORA-2016-735e13817e)
Horde_SyncMl provides an API for processing SyncML requests
--------------------------------------------------------------------------------
Update Information:
**Horde_SyncMl 2.0.7** * [jan] Update Greek translation (Limperis Antonis).
--------------------------------------------------------------------------------
================================================================================
php-horde-imp-6.2.14-1.fc22 (FEDORA-2016-7dfd84986c)
A web based webmail system
--------------------------------------------------------------------------------
Update Information:
**imp 6.2.14** * [mjr] Fix renaming subfolders in basic view (Bug #14254). *
[mjr] Fix display of mailbox sizes in basic view (Bug #14308). * [mjr] Fix fatal
error when deleting messages in basic view when IMAP server does not support
QRESYNC or CONDSTORE (Bug #14257).
--------------------------------------------------------------------------------
================================================================================
php-horde-ingo-3.2.10-1.fc22 (FEDORA-2016-7ef501d55a)
An email filter rules manager
--------------------------------------------------------------------------------
Update Information:
**ingo 3.2.10** * [jan] Don't duplicate messages in Procmail's vacation recipe
if excluding email addresses (Michael.Martin, Bug #14275). * [jan] Remove stop-
script feature from Procmail driver.
--------------------------------------------------------------------------------
================================================================================
php-horde-nag-4.2.9-1.fc22 (FEDORA-2016-c78f14a4ff)
A web based task list manager
--------------------------------------------------------------------------------
Update Information:
**nag 4.2.9** * [jan] Fix regression with date picker in tasks form (Bug
#14303). * [mjr] Fix handling EAS categories/tags.
--------------------------------------------------------------------------------
================================================================================
php-horde-turba-4.2.14-1.fc22 (FEDORA-2016-eb782808ef)
A web based address book
--------------------------------------------------------------------------------
Update Information:
**turba 4.2.14** * [mjr] Fix persisting tags when moving or copying a contact
to another address book (Bug #14312). * [mjr] Fix resetting state when changing
sync_book prefs and device has forced multiplex. * [mjr] Fix synchronizing
contact notes via ActiveSync when no truncation value is requested by the client
(Bug #14307).
--------------------------------------------------------------------------------
================================================================================
php-paragonie-random-compat-1.4.1-1.fc22 (FEDORA-2016-e4a54efa7f)
PHP 5.x polyfill for random_bytes() and random_int() from PHP 7
--------------------------------------------------------------------------------
Update Information:
### Version 1.4.1 - 2016-03-18 * Update comment in random.php ### Version
1.4.0 - 2016-03-18 * Restored OpenSSL in the version 1 branch in preparation to
remove OpenSSL in version 2. ### Version 1.3.1/1.2.3 - 2016-03-18 * Add more
possible values to `open_baseir` check. ### Version 1.3.0 - 2016-03-17 *
Removed `openssl_random_pseudo_bytes()` entirely. If you are using
random_compat in PHP on a Unix-like OS but cannot access `/dev/urandom`,
version 1.3+ will throw an `Exception`. If you want to trust OpenSSL, feel
free to write your own fallback code. e.g. ``` try { $bytes =
random_bytes(32); } catch (Exception $ex) { $strong = false;
$bytes = openssl_random_pseudo_bytes(32, $strong); if (!$strong) {
throw $ex; } } ```
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1318836 - php-paragonie-random-compat-2.0.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1318836
--------------------------------------------------------------------------------
================================================================================
php-symfony-2.7.11-2.fc22 (FEDORA-2016-68b347345b)
PHP framework for web projects
--------------------------------------------------------------------------------
Update Information:
**Version 2.7.11** (2016-03-25) * bug #18255 [HttpFoundation] Fix support of
custom mime types with parameters (Ener-Getick) * bug #18272 [Bridge\PhpUnit]
Workaround old phpunit bug, no colors in weak mode, add tests (nicolas-grekas)
* bug #18259 [PropertyAccess] Backport fixes from 2.7 (nicolas-grekas) * bug
#18261 [PropertyAccess] Fix isPropertyWritable not using the reflection cache
(nicolas-grekas) * bug #18224 [PropertyAccess] Remove most ref mismatches to
improve perf (nicolas-grekas) * bug #18210 [PropertyAccess] Throw an
UnexpectedTypeException when the type do not match (dunglas, nicolas-grekas) *
bug #18216 [Intl] Fix invalid numeric literal on PHP 7 (nicolas-grekas) * bug
#18147 [Validator] EmailValidator cannot extract hostname if email contains
multiple @ symbols (natechicago) * bug #18023 [Process] getIncrementalOutput
should work without calling getOutput (romainneutron) * bug #18175
[Translation] Add support for fuzzy tags in PoFileLoader (nud) * bug #18179
[Form] Fix NumberToLocalizedStringTransformer::reverseTransform with big
integers (ovrflo, nicolas-grekas) * bug #18164 [HttpKernel] set s-maxage only
if all responses are cacheable (xabbuh) * bug #18150 [Process] Wait a bit less
on Windows (nicolas-grekas) * bug #18130 [Debug] Replaced logic for detecting
filesystem case sensitivity (Dan Blows) * bug #18080 [HttpFoundation] Set the
Content-Range header if the requested Range is unsatisfied (jakzal) * bug
#18084 [HttpFoundation] Avoid warnings when checking malicious IPs (jakzal) *
bug #18066 [Process] Fix pipes handling (nicolas-grekas) * bug #18078 [Console]
Fix an autocompletion question helper issue with non-sequentially indexed
choices (jakzal) * bug #18048 [HttpKernel] Fix mem usage when stripping the
prod container (nicolas-grekas) * bug #18065 [Finder] Partially revert #17134
to fix a regression (jakzal) * bug #18018 [HttpFoundation] exception when
registering bags for started sessions (xabbuh) * bug #18054 [Filesystem] Fix
false positive in ->remove() (nicolas-grekas) * bug #18049 [Validator] Fix the
locale validator so it treats a locale alias as a valid locale (jakzal) * bug
#18019 [Intl] Update ICU to version 55 (jakzal) * bug #18015 [Process] Fix
memory issue when using large input streams (romainneutron) * bug #16656
[HttpFoundation] automatically generate safe fallback filename (xabbuh) * bug
#15794 [Console] default to stderr in the console helpers (alcohol) * bug
#17984 Allow to normalize \Traversable when serializing xml (Ener-Getick) * bug
#17434 Improved the error message when a template is not found (rvanginneken,
javiereguiluz) * bug #17687 Improved the error message when using "@" in a
decorated service (javiereguiluz) * bug #17744 Improve error reporting in
router panel of web profiler (javiereguiluz) * bug #17894 [FrameworkBundle] Fix
a regression in handling absolute template paths (jakzal) * bug #17990
[DoctrineBridge][Form] Fix performance regression in EntityType (kimlai) * bug
#17595 [HttpKernel] Remove _path from query parameters when fragment is a
subrequest (cmenning) * bug #17986 [DomCrawler] Dont use LIBXML_PARSEHUGE by
default (nicolas-grekas) * bug #17668 add 'guid' to list of exception to filter
out (garak) * bug #17615 Ensure backend slashes for symlinks on Windows systems
(cpsitgmbh) * bug #17626 Try to delete broken symlinks (IchHabRecht) * bug
#17978 [Yaml] ensure dump indentation to be greather than zero (xabbuh) * bug
#16886 [Form] [ChoiceType] Prefer placeholder to empty_value (boite) * bug
#17976 [WebProfilerBundle] fix debug toolbar rendering by removing inadvertently
added links (craue) * bug #17971 Variadic controller params (NiR-, fabpot) *
bug #17568 Improved Bootstrap form theme for hidden fields (javiereguiluz) *
bug #17925 [Bridge] The WebProcessor now forwards the client IP (magnetik)
--------------------------------------------------------------------------------
================================================================================
python-breathe-4.2.0-1.fc22 (FEDORA-2016-9eabd21ea8)
Adds support for Doxygen xml output to reStructuredText and Sphinx
--------------------------------------------------------------------------------
Update Information:
Rename of
[
breathe](https://admin.fedoraproject.org/pkgdb/package/rpms/breathe/).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1321438 - Review Request: python-breathe - Doxygen xml output to
reStructuredText
https://bugzilla.redhat.com/show_bug.cgi?id=1321438
--------------------------------------------------------------------------------
================================================================================
squid-3.5.10-2.fc22 (FEDORA-2016-d19ed2f80d)
The Squid proxy caching server
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2016-3947 and CVE-2016-3948
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1323594 - CVE-2016-3948 squid: denial of service issue in HTTP response
processing
https://bugzilla.redhat.com/show_bug.cgi?id=1323594
[ 2 ] Bug #1323590 - CVE-2016-3947 squid: buffer overrun in Squid proxy pinger
https://bugzilla.redhat.com/show_bug.cgi?id=1323590
--------------------------------------------------------------------------------
================================================================================
sysreporter-3.0.3-1.fc22 (FEDORA-2016-e73e4ca126)
Basic system reporter with emailing
--------------------------------------------------------------------------------
Update Information:
Update to 3.0.3
--------------------------------------------------------------------------------
================================================================================
wavpack-4.75.2-1.fc22 (FEDORA-2016-50cc0dbbde)
A completely open audiocodec
--------------------------------------------------------------------------------
Update Information:
Update to 4.75.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1218453 - wavpack-4.80.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1218453
--------------------------------------------------------------------------------
================================================================================
webkitgtk-2.4.10-2.fc22 (FEDORA-2016-3fd3e8bb3f)
GTK+ Web content engine library
--------------------------------------------------------------------------------
Update Information:
This update fixes a regression causing various crashes in various WebKitGTK+
consumers.
--------------------------------------------------------------------------------
================================================================================
webkitgtk3-2.4.10-2.fc22 (FEDORA-2016-060be75c14)
GTK+ Web content engine library
--------------------------------------------------------------------------------
Update Information:
This update fixes a regression causing various crashes in Evolution and other
WebKitGTK+ consumers. ---- This update addresses the following
vulnerabilities: * [
CVE-2015-1120](https://cve.mitre.org/cgi-
bin/cvename.cgi?name=CVE-2015-1120) * [
CVE-2015-1076](https://cve.mitre.org
/cgi-bin/cvename.cgi?name=CVE-2015-1076) *
[
CVE-2015-1071](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1071) *
[
CVE-2015-1081](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1081) *
[
CVE-2015-1122](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1122) *
[
CVE-2015-1155](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1155) *
[
CVE-2014-1748](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1748) *
[
CVE-2015-3752](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3752) *
[
CVE-2015-5809](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5809) *
[
CVE-2015-5928](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5928) *
[
CVE-2015-3749](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3749) *
[
CVE-2015-3659](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3659) *
[
CVE-2015-3748](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3748) *
[
CVE-2015-3743](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3743) *
[
CVE-2015-3731](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3731) *
[
CVE-2015-3745](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3745) *
[
CVE-2015-5822](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5822) *
[
CVE-2015-3658](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3658) *
[
CVE-2015-3741](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3741) *
[
CVE-2015-3727](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3727) *
[
CVE-2015-5801](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5801) *
[
CVE-2015-5788](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5788) *
[
CVE-2015-3747](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3747) *
[
CVE-2015-5794](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5794) *
[
CVE-2015-1127](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1127) *
[
CVE-2015-1153](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1153) *
[
CVE-2015-1083](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1083)
Additional fixes: * Fix rendering of form controls and scrollbars with GTK+ >=
3.19 * Fix crashes on PowerPC 64. * Fix the build on PowerPC 32. * Add ARM64
build support. Translation updates * German * Spanish * French * Italian
* Korean * Brazilian Portuguese * Russian * Chinese.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1321722 - [abrt] evolution: WTF::StringImpl::startsWith(): SIGSEGV with
webkitgtk3-2.4.10
https://bugzilla.redhat.com/show_bug.cgi?id=1321722
--------------------------------------------------------------------------------
================================================================================
znc-1.6.3-1.fc22 (FEDORA-2016-937d5e68d3)
An advanced IRC bouncer
--------------------------------------------------------------------------------
Update Information:
Update to 1.6.3
--------------------------------------------------------------------------------