The following Fedora 22 Security updates need testing:
Age URL
250
https://bodhi.fedoraproject.org/updates/FEDORA-2015-5878
echoping-6.1-0.beta.r434svn.1.fc22
199
https://bodhi.fedoraproject.org/updates/FEDORA-2015-9185
ceph-deploy-1.5.25-1.fc22
132
https://bodhi.fedoraproject.org/updates/FEDORA-2015-12781
python-kdcproxy-0.3.2-1.fc22
116
https://bodhi.fedoraproject.org/updates/FEDORA-2015-1aee5e6f0b
conntrack-tools-1.4.2-9.fc22
86
https://bodhi.fedoraproject.org/updates/FEDORA-2015-16239 nagios-4.0.8-1.fc22
80
https://bodhi.fedoraproject.org/updates/FEDORA-2015-05490fc42d
squid-3.4.13-3.fc22
80
https://bodhi.fedoraproject.org/updates/FEDORA-2015-be2c11d456
subversion-1.8.14-1.fc22
75
https://bodhi.fedoraproject.org/updates/FEDORA-2015-2d37e7dacf
openstack-swift-2.2.0-6.fc22
73
https://bodhi.fedoraproject.org/updates/FEDORA-2015-3e4043f088
python-pymongo-3.0.3-1.fc22
50
https://bodhi.fedoraproject.org/updates/FEDORA-2015-de44abca87
ntp-4.2.6p5-34.fc22
44
https://bodhi.fedoraproject.org/updates/FEDORA-2015-0552500cd7
python-pygments-2.0.2-3.fc22
44
https://bodhi.fedoraproject.org/updates/FEDORA-2015-9039c25f1d
miniupnpc-1.9-6.fc22
27
https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4
libpng-1.6.16-4.fc22
27
https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6
libpng-1.6.16-5.fc22
20
https://bodhi.fedoraproject.org/updates/FEDORA-2015-8413bdd343 abrt-2.6.1-7.fc22
18
https://bodhi.fedoraproject.org/updates/FEDORA-2015-89468612f5
jenkins-1.609.3-4.fc22
16
https://bodhi.fedoraproject.org/updates/FEDORA-2015-f683150aa0
thttpd-2.25b-36.fc22
12
https://bodhi.fedoraproject.org/updates/FEDORA-2015-6d64c257cf
thunderbird-38.4.0-1.fc22
11
https://bodhi.fedoraproject.org/updates/FEDORA-2015-3461e976cb
libpng10-1.0.65-1.fc22
8
https://bodhi.fedoraproject.org/updates/FEDORA-2015-d5cc306730 p7zip-15.09-4.fc22
8
https://bodhi.fedoraproject.org/updates/FEDORA-2015-3a5cebb105
ImageMagick-6.9.2.7-1.fc22
8
https://bodhi.fedoraproject.org/updates/FEDORA-2015-39522bb8c9
php-PHPMailer-5.2.14-1.fc22
8
https://bodhi.fedoraproject.org/updates/FEDORA-2015-020f4b9400
xsupplicant-2.2.0-13.fc22
7
https://bodhi.fedoraproject.org/updates/FEDORA-2015-686f289aa5 qemu-2.3.1-8.fc22
7
https://bodhi.fedoraproject.org/updates/FEDORA-2015-233750b6ab
libpng15-1.5.25-1.fc22
6
https://bodhi.fedoraproject.org/updates/FEDORA-2015-b406a8e4f2 qemu-2.3.1-9.fc22
4
https://bodhi.fedoraproject.org/updates/FEDORA-2015-8dd01b09a9
arts-1.5.10-30.fc22
4
https://bodhi.fedoraproject.org/updates/FEDORA-2015-2f4b92ed2e
kdelibs3-3.5.10-71.fc22
4
https://bodhi.fedoraproject.org/updates/FEDORA-2015-08e4af5a20 xen-4.5.2-5.fc22
4
https://bodhi.fedoraproject.org/updates/FEDORA-2015-90c27b6e91
grub2-2.02-0.18.fc22
4
https://bodhi.fedoraproject.org/updates/FEDORA-2015-463143720f
shellinabox-2.19-1.fc22
3
https://bodhi.fedoraproject.org/updates/FEDORA-2015-20df66892b
gwenhywfar-4.13.1-5.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2015-7ca4368b0c
activemq-5.6.0-14.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2015-998911cf3f
cups-filters-1.4.0-1.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2015-8b6882339c
nodejs-handlebars-4.0.5-1.fc22
The following Fedora 22 Critical Path updates have yet to be approved:
Age URL
126
https://bodhi.fedoraproject.org/updates/FEDORA-2015-13210 yum-3.4.3-508.fc22
111
https://bodhi.fedoraproject.org/updates/FEDORA-2015-14218 xulrunner-40.0-1.fc22
44
https://bodhi.fedoraproject.org/updates/FEDORA-2015-2123de044f
libgphoto2-2.5.8-1.fc22
41
https://bodhi.fedoraproject.org/updates/FEDORA-2015-48f718ed1b vim-7.4.909-1.fc22
38
https://bodhi.fedoraproject.org/updates/FEDORA-2015-069fea7e6b
livecd-tools-22.3-1.fc22
27
https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6
libpng-1.6.16-5.fc22
27
https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4
libpng-1.6.16-4.fc22
27
https://bodhi.fedoraproject.org/updates/FEDORA-2015-82b7665427 koji-1.10.1-1.fc22
20
https://bodhi.fedoraproject.org/updates/FEDORA-2015-efc06edc85
NetworkManager-vpnc-1.0.8-1.fc22 NetworkManager-openconnect-1.0.8-1.fc22
NetworkManager-openvpn-1.0.8-1.fc22 NetworkManager-openswan-1.0.8-1.fc22
NetworkManager-fortisslvpn-1.0.8-1.fc22 NetworkManager-1.0.8-1.fc22
12
https://bodhi.fedoraproject.org/updates/FEDORA-2015-f194dc9900
librsvg2-2.40.12-1.fc22
12
https://bodhi.fedoraproject.org/updates/FEDORA-2015-6d64c257cf
thunderbird-38.4.0-1.fc22
10
https://bodhi.fedoraproject.org/updates/FEDORA-2015-4daef06c07
nautilus-3.16.3-1.fc22
8
https://bodhi.fedoraproject.org/updates/FEDORA-2015-f03bcc3731
perl-libwww-perl-6.15-1.fc22
7
https://bodhi.fedoraproject.org/updates/FEDORA-2015-1b2b67ac30
gnome-online-accounts-3.16.5-1.fc22
6
https://bodhi.fedoraproject.org/updates/FEDORA-2015-3c934e07c3
kdelibs-4.14.14-4.fc22
6
https://bodhi.fedoraproject.org/updates/FEDORA-2015-8083abc683
selinux-policy-3.13.1-128.22.fc22
4
https://bodhi.fedoraproject.org/updates/FEDORA-2015-d68f8a1cba lua-5.3.2-2.fc22
4
https://bodhi.fedoraproject.org/updates/FEDORA-2015-c2041fe5a6
gtk2-2.24.29-1.fc22
4
https://bodhi.fedoraproject.org/updates/FEDORA-2015-1c93bbd1a7
sqlite-3.9.0-2.fc22
4
https://bodhi.fedoraproject.org/updates/FEDORA-2015-473007accf
util-linux-2.26.2-4.fc22
The following builds have been pushed to Fedora 22 updates-testing
activemq-5.6.0-14.fc22
cups-filters-1.4.0-1.fc22
emerald-0.8.9-2.fc22
gambas3-3.8.4-1.fc22
jpnevulator-2.3.1-1.fc22
libinput-1.1.3-1.fc22
lis-1.5.59-1.fc22
nodejs-base64-url-1.2.1-2.fc22
nodejs-builtin-modules-1.1.0-1.fc22
nodejs-dashdash-1.10.1-1.fc22
nodejs-escape-string-regexp-1.0.3-2.fc22
nodejs-fd-0.0.2-1.fc22
nodejs-fd-0.0.2-2.fc22
nodejs-graceful-readlink-1.0.1-1.fc22
nodejs-handlebars-4.0.5-1.fc22
nodejs-has-ansi-2.0.0-1.fc22
nodejs-inherit-2.2.2-2.fc22
nodejs-rndm-1.2.0-1.fc22
perl-App-FatPacker-0.010005-1.fc22
perl-CPAN-2.05-310.fc22
perl-File-BOM-0.15-1.fc22
php-solarium-3.5.0-1.fc22
python-parse_type-0.3.4-5.fc22
rabbitmq-server-3.5.7-1.fc22
skylable-sx-2.0-1.fc22
sysreporter-3.0.0-0.1.alpha3.fc22
tintin-2.01.1-3.fc22
uwsgi-2.0.11.2-7.fc22
vagrant-registration-1.1.0-2.fc22
wine-1.8-0.2.fc22
Details about builds:
================================================================================
activemq-5.6.0-14.fc22 (FEDORA-2015-7ca4368b0c)
Open source messaging and Integration Patterns server
--------------------------------------------------------------------------------
Update Information:
fix for CVE-2015-5254 (rhbz#1291292,1291293)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1291292 - CVE-2015-5254 activemq: unsafe deserialization
https://bugzilla.redhat.com/show_bug.cgi?id=1291292
--------------------------------------------------------------------------------
================================================================================
cups-filters-1.4.0-1.fc22 (FEDORA-2015-998911cf3f)
OpenPrinting CUPS filters and backends
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2015-8560
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1291227 - CVE-2015-8560 cups-filters: foomatic-rip did not consider semicolon
as illegal shell escape character
https://bugzilla.redhat.com/show_bug.cgi?id=1291227
--------------------------------------------------------------------------------
================================================================================
emerald-0.8.9-2.fc22 (FEDORA-2015-a0553d3989)
Themeable window decorator and compositing manager for Compiz
--------------------------------------------------------------------------------
Update Information:
- fix rhbz (#1291897)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1291897 - install of compiz-xfce conflicts with emerald
https://bugzilla.redhat.com/show_bug.cgi?id=1291897
--------------------------------------------------------------------------------
================================================================================
gambas3-3.8.4-1.fc22 (FEDORA-2015-9fe0467f18)
IDE based on a basic interpreter with object extensions
--------------------------------------------------------------------------------
Update Information:
Update to 3.8.4
--------------------------------------------------------------------------------
================================================================================
jpnevulator-2.3.1-1.fc22 (FEDORA-2015-cc110e5be4)
Serial line sniffer including very simple terminal emulator
--------------------------------------------------------------------------------
Update Information:
This is new version of jpnevulator. For details see upstream news:
https://jpnevulator.snarl.nl/
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1291672 - jpnevulator-2.3.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1291672
--------------------------------------------------------------------------------
================================================================================
libinput-1.1.3-1.fc22 (FEDORA-2015-b8f71b31d1)
Input device library
--------------------------------------------------------------------------------
Update Information:
libinput 1.1.3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1264453 - Thinkpad X220 touchpad movement is jumpy and extremely imprecise
https://bugzilla.redhat.com/show_bug.cgi?id=1264453
--------------------------------------------------------------------------------
================================================================================
lis-1.5.59-1.fc22 (FEDORA-2015-a7a4006f27)
A library for solving linear equations and eigenvalue problems
--------------------------------------------------------------------------------
Update Information:
Update to 1.5.59
--------------------------------------------------------------------------------
================================================================================
nodejs-base64-url-1.2.1-2.fc22 (FEDORA-2015-ac036635fe)
Base64 encode, decode, escape and unescape for URL applications
--------------------------------------------------------------------------------
Update Information:
Use versioned test instead of hash, and remove test.js from installed files
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1278152 - Review Request: nodejs-base64-url - Base64 utilities for url
applications
https://bugzilla.redhat.com/show_bug.cgi?id=1278152
--------------------------------------------------------------------------------
================================================================================
nodejs-builtin-modules-1.1.0-1.fc22 (FEDORA-2015-790bd52db0)
List of the Node.js builtin modules
--------------------------------------------------------------------------------
Update Information:
Initial packaging
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1291353 - Review Request: nodejs-builtin-modules - List of the Node.js
builtin modules
https://bugzilla.redhat.com/show_bug.cgi?id=1291353
--------------------------------------------------------------------------------
================================================================================
nodejs-dashdash-1.10.1-1.fc22 (FEDORA-2015-04da2c30bd)
A light, featureful and explicit option parsing library for node.js
--------------------------------------------------------------------------------
Update Information:
Initial package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1291076 - Review Request: nodejs-dashdash - A light, featureful and explicit
option parsing library for node.js
https://bugzilla.redhat.com/show_bug.cgi?id=1291076
--------------------------------------------------------------------------------
================================================================================
nodejs-escape-string-regexp-1.0.3-2.fc22 (FEDORA-2015-7bf11a2625)
Escape RegExp special characters
--------------------------------------------------------------------------------
Update Information:
Initial packaging
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1291364 - Review Request: nodejs-escape-string-regexp - Escape RegExp special
characters
https://bugzilla.redhat.com/show_bug.cgi?id=1291364
--------------------------------------------------------------------------------
================================================================================
nodejs-fd-0.0.2-1.fc22 (FEDORA-2015-25950482e7)
File descriptor manager for Node.js
--------------------------------------------------------------------------------
Update Information:
Initial package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1258222 - Review Request: nodejs-fd - File descriptor manager for Node.js
https://bugzilla.redhat.com/show_bug.cgi?id=1258222
--------------------------------------------------------------------------------
================================================================================
nodejs-fd-0.0.2-2.fc22 (FEDORA-2015-6b847c09fb)
File descriptor manager for Node.js
--------------------------------------------------------------------------------
Update Information:
Increase timeout in check for slow arm builders
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1258222 - Review Request: nodejs-fd - File descriptor manager for Node.js
https://bugzilla.redhat.com/show_bug.cgi?id=1258222
--------------------------------------------------------------------------------
================================================================================
nodejs-graceful-readlink-1.0.1-1.fc22 (FEDORA-2015-857ef4239e)
The graceful fs.readlink functionality
--------------------------------------------------------------------------------
Update Information:
Initial packaging
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1291390 - Review Request: nodejs-graceful-readlink - The graceful fs.readlink
functionality
https://bugzilla.redhat.com/show_bug.cgi?id=1291390
--------------------------------------------------------------------------------
================================================================================
nodejs-handlebars-4.0.5-1.fc22 (FEDORA-2015-8b6882339c)
Mustache extension for Node.js
--------------------------------------------------------------------------------
Update Information:
Security fix for nodejs-handlebars: mustache: handlebars: Quoteless Attributes
in Templates can lead to Content Injection ---- New upstream release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1291742 - mustache: handlebars: Quoteless Attributes in Templates can lead to
Content Injection
https://bugzilla.redhat.com/show_bug.cgi?id=1291742
--------------------------------------------------------------------------------
================================================================================
nodejs-has-ansi-2.0.0-1.fc22 (FEDORA-2015-556e5184f4)
Check if a string has ANSI escape codes
--------------------------------------------------------------------------------
Update Information:
Initial packaging
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1291391 - Review Request: nodejs-has-ansi - Check if a string has ANSI escape
codes
https://bugzilla.redhat.com/show_bug.cgi?id=1291391
--------------------------------------------------------------------------------
================================================================================
nodejs-inherit-2.2.2-2.fc22 (FEDORA-2015-d52974f4af)
Inheritance module for Node.js and browsers
--------------------------------------------------------------------------------
Update Information:
Initial packaging
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1291400 - Review Request: nodejs-inherit - Inheritance module for Node.js and
browsers
https://bugzilla.redhat.com/show_bug.cgi?id=1291400
--------------------------------------------------------------------------------
================================================================================
nodejs-rndm-1.2.0-1.fc22 (FEDORA-2015-5cc7bb191b)
Random string generator
--------------------------------------------------------------------------------
Update Information:
Initial packaging
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1278150 - Review Request: nodejs-rndm - Random string generator
https://bugzilla.redhat.com/show_bug.cgi?id=1278150
--------------------------------------------------------------------------------
================================================================================
perl-App-FatPacker-0.010005-1.fc22 (FEDORA-2015-80d197d4e6)
Pack dependencies onto a script file
--------------------------------------------------------------------------------
Update Information:
This release fixes compatibility with Perl 5.6 and corrects build metadata.
--------------------------------------------------------------------------------
================================================================================
perl-CPAN-2.05-310.fc22 (FEDORA-2015-63a85875e6)
Query, download and build perl modules from CPAN sites
--------------------------------------------------------------------------------
Update Information:
This release adds dependency on make because it's needed when building ExtUtils
::MakeMaker-driven distributions.
--------------------------------------------------------------------------------
================================================================================
perl-File-BOM-0.15-1.fc22 (FEDORA-2015-4d36da9e50)
Utilities for handling Byte Order Marks
--------------------------------------------------------------------------------
Update Information:
A new version of File::BOM is available. This release fixes documentation
spelling errors.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1291662 - perl-File-BOM-0.15 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1291662
--------------------------------------------------------------------------------
================================================================================
php-solarium-3.5.0-1.fc22 (FEDORA-2015-12caf0baa0)
Solarium PHP Solr client library
--------------------------------------------------------------------------------
Update Information:
**Version 3.5.0** - 2015-12-09 - improvement: lots of code style fixes -
improvement: refactored 'base' plugin class to AbstractPlugin - improvement:
removed old PHP environments for Travis, added PHP7 - improvement: set license
to a valid SPDX license identifier - bugfix: PHAR generator updated to support
namespacing - bugfix: Collations broken for Solr 5 data format - added: Make it
possible to bypass (system-wide) proxy setting in Curl adapter - improvement:
Added SensioLabs Insight (including lots of fixed in the code based on report) -
added: ClientInterface - improvement: Set hard paths in .gitignore to prevent
tree lookups - added: Support for facet.contains settings - improvement: updated
Symfony event dispatcher dependency to a maintained version - added: docs in
repository (markdown format)
--------------------------------------------------------------------------------
================================================================================
python-parse_type-0.3.4-5.fc22 (FEDORA-2015-f373c3f64c)
Simplifies to build parse types based on the parse module
--------------------------------------------------------------------------------
Update Information:
Remove unnecessary dependency on python-enum34 for python3 (#1286457)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1286457 - python3-parse_type requires python3-enum34, but enum is built into
python3
https://bugzilla.redhat.com/show_bug.cgi?id=1286457
--------------------------------------------------------------------------------
================================================================================
rabbitmq-server-3.5.7-1.fc22 (FEDORA-2015-ed8f063e6f)
The RabbitMQ server
--------------------------------------------------------------------------------
Update Information:
* Ver. 3.5.7
--------------------------------------------------------------------------------
================================================================================
skylable-sx-2.0-1.fc22 (FEDORA-2015-11751c65a9)
A reliable and scalable storage cluster
--------------------------------------------------------------------------------
Update Information:
new upstream release SX 2.0
--------------------------------------------------------------------------------
================================================================================
sysreporter-3.0.0-0.1.alpha3.fc22 (FEDORA-2015-fdc485236d)
Basic system reporter with emailing
--------------------------------------------------------------------------------
Update Information:
Initial build of sysreporter
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1291459 - Review Request: sysreporter - Basic system reporter with emailing
https://bugzilla.redhat.com/show_bug.cgi?id=1291459
--------------------------------------------------------------------------------
================================================================================
tintin-2.01.1-3.fc22 (FEDORA-2015-e1eb4ca217)
TinTin++, aka tt++, is a free MUD client
--------------------------------------------------------------------------------
Update Information:
This update enables GnuTLS support in Fedora's tintin++.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1291508 - tintin is not compiled with gnutls.
https://bugzilla.redhat.com/show_bug.cgi?id=1291508
--------------------------------------------------------------------------------
================================================================================
uwsgi-2.0.11.2-7.fc22 (FEDORA-2015-2fdab81a7a)
Fast, self-healing, application container server
--------------------------------------------------------------------------------
Update Information:
Adding source to -devel package ---- Latest stable
--------------------------------------------------------------------------------
================================================================================
vagrant-registration-1.1.0-2.fc22 (FEDORA-2015-c98e2f7c62)
Automatic guest registration for Vagrant
--------------------------------------------------------------------------------
Update Information:
Update to 1.1.0
--------------------------------------------------------------------------------
================================================================================
wine-1.8-0.2.fc22 (FEDORA-2015-6306d811b5)
A compatibility layer for windows applications
--------------------------------------------------------------------------------
Update Information:
**Wine 1.8-rc4** Enabled compiler optimizations since GCC 5.3 claims to fix the
issues introduced in GCC 5.0. Please test every app you can to verify that
compiler optimizations have not broken anything. **Wine 1.8-rc3** Bug fixes.
Code freeze, working towards 1.8 release.
--------------------------------------------------------------------------------