The following Fedora 22 Security updates need testing:
Age URL
390
https://bodhi.fedoraproject.org/updates/FEDORA-2015-5878
echoping-6.1-0.beta.r434svn.1.fc22
339
https://bodhi.fedoraproject.org/updates/FEDORA-2015-9185
ceph-deploy-1.5.25-1.fc22
272
https://bodhi.fedoraproject.org/updates/FEDORA-2015-12781
python-kdcproxy-0.3.2-1.fc22
226
https://bodhi.fedoraproject.org/updates/FEDORA-2015-16239 nagios-4.0.8-1.fc22
215
https://bodhi.fedoraproject.org/updates/FEDORA-2015-2d37e7dacf
openstack-swift-2.2.0-6.fc22
184
https://bodhi.fedoraproject.org/updates/FEDORA-2015-9039c25f1d
miniupnpc-1.9-6.fc22
166
https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4
libpng-1.6.16-4.fc22
166
https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6
libpng-1.6.16-5.fc22
148
https://bodhi.fedoraproject.org/updates/FEDORA-2015-3a5cebb105
ImageMagick-6.9.2.7-1.fc22
133
https://bodhi.fedoraproject.org/updates/FEDORA-2015-b9e4c97ff1 sos-3.2-2.fc22
107
https://bodhi.fedoraproject.org/updates/FEDORA-2015-f683150aa0
thttpd-2.25b-37.fc22
83
https://bodhi.fedoraproject.org/updates/FEDORA-2016-560802e52b
xdelta-3.0.7-7.fc22
72
https://bodhi.fedoraproject.org/updates/FEDORA-2016-24d134e494
mingw-nsis-2.50-1.fc22
64
https://bodhi.fedoraproject.org/updates/FEDORA-2016-338a7e9925
graphite2-1.3.6-1.fc22
60
https://bodhi.fedoraproject.org/updates/FEDORA-2016-3cbe9ad765
python-pygments-2.1.3-1.fc22
55
https://bodhi.fedoraproject.org/updates/FEDORA-2016-7b40eb9e29
libecap-1.0.0-1.fc22 squid-3.5.10-1.fc22
28
https://bodhi.fedoraproject.org/updates/FEDORA-2016-8d4b68e412
imlib2-1.4.8-1.fc22
26
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d19ed2f80d
squid-3.5.10-2.fc22
20
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a028331ebc
poppler-0.30.0-4.fc22
12
https://bodhi.fedoraproject.org/updates/FEDORA-2016-373c063e79
kernel-4.4.8-200.fc22
12
https://bodhi.fedoraproject.org/updates/FEDORA-2016-5a9313e4b4
perl-5.20.3-330.fc22
10
https://bodhi.fedoraproject.org/updates/FEDORA-2016-c1bad2b755
thunderbird-45.0-2.fc22
10
https://bodhi.fedoraproject.org/updates/FEDORA-2016-1aaf308de4
community-mysql-5.6.30-1.fc22
8
https://bodhi.fedoraproject.org/updates/FEDORA-2016-927aade89c
rpm-4.12.0.1-17.fc22
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-6fd7a31d36
pgpdump-0.30-1.fc22
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-0431acaa78
quassel-0.12.4-1.fc22
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-e205218629 php-5.6.21-1.fc22
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-7d6cbcadca gd-2.1.1-3.fc22
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-9851b69dbb
openvas-cli-1.4.4-1.fc22 openvas-gsa-6.0.10-3.fc22 openvas-libraries-8.0.7-2.fc22
openvas-manager-6.0.8-2.fc22 openvas-scanner-5.0.5-3.fc22
2
https://bodhi.fedoraproject.org/updates/FEDORA-2016-fe0d8f126a
botan-1.10.13-1.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-777d838c1b
ntp-4.2.6p5-40.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-3e64b32a91 dhcp-4.3.2-8.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-1e39d934ed
openssl-1.0.1k-15.fc22
The following Fedora 22 Critical Path updates have yet to be approved:
Age URL
265
https://bodhi.fedoraproject.org/updates/FEDORA-2015-13210 yum-3.4.3-508.fc22
184
https://bodhi.fedoraproject.org/updates/FEDORA-2015-2123de044f
libgphoto2-2.5.8-1.fc22
166
https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6
libpng-1.6.16-5.fc22
166
https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4
libpng-1.6.16-4.fc22
90
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d3fce30d64
mobile-broadband-provider-info-1.20151214-1.fc22
72
https://bodhi.fedoraproject.org/updates/FEDORA-2016-ce419c9cab
selinux-policy-3.13.1-128.28.fc22
61
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4d5434d82f parted-3.2-16.fc22
48
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d4e6e32c1c
upower-0.99.3-2.fc22
28
https://bodhi.fedoraproject.org/updates/FEDORA-2016-8d4b68e412
imlib2-1.4.8-1.fc22
20
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a028331ebc
poppler-0.30.0-4.fc22
17
https://bodhi.fedoraproject.org/updates/FEDORA-2016-027faabac4
libreport-2.6.4-2.fc22 abrt-2.6.1-11.fc22
16
https://bodhi.fedoraproject.org/updates/FEDORA-2016-af1f30412b
pygtk2-2.24.0-14.fc22
12
https://bodhi.fedoraproject.org/updates/FEDORA-2016-89e3334638
gnome-shell-3.16.4-2.fc22
12
https://bodhi.fedoraproject.org/updates/FEDORA-2016-5a9313e4b4
perl-5.20.3-330.fc22
12
https://bodhi.fedoraproject.org/updates/FEDORA-2016-83b47a28ce
wavpack-4.80.0-1.fc22
12
https://bodhi.fedoraproject.org/updates/FEDORA-2016-373c063e79
kernel-4.4.8-200.fc22
12
https://bodhi.fedoraproject.org/updates/FEDORA-2016-41df7ccbc8
lldpad-1.0.1-4.git036e314.fc22
12
https://bodhi.fedoraproject.org/updates/FEDORA-2016-476f32d4ec
evolution-ews-3.16.5-2.fc22 libsoup-2.50.0-2.fc22
10
https://bodhi.fedoraproject.org/updates/FEDORA-2016-c1bad2b755
thunderbird-45.0-2.fc22
8
https://bodhi.fedoraproject.org/updates/FEDORA-2016-927aade89c
rpm-4.12.0.1-17.fc22
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-7d6cbcadca gd-2.1.1-3.fc22
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-cc848e483a
xulrunner-44.0-6.fc22
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-ad6926a3c8
firefox-46.0-5.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-1e39d934ed
openssl-1.0.1k-15.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-828f77de70
samba-4.2.12-0.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-3e64b32a91 dhcp-4.3.2-8.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-e99389f35d
openssh-6.9p1-12.fc22
The following builds have been pushed to Fedora 22 updates-testing
gimagereader-3.1.91-1.fc22
lightdm-1.10.6-4.fc22
openssl-1.0.1k-15.fc22
pam_yubico-2.21-2.fc22
perl-Makefile-Parser-0.216-4.fc22
php-solarium-3.6.0-1.fc22
python-pysocks-1.5.6-2.fc22
python-requests-2.10.0-1.fc22
python-urllib3-1.15.1-1.fc22
samba-4.2.12-0.fc22
wine-1.9.9-1.fc22
ykclient-2.15-1.fc22
Details about builds:
================================================================================
gimagereader-3.1.91-1.fc22 (FEDORA-2016-5fd6c0c179)
A front-end to tesseract-ocr
--------------------------------------------------------------------------------
Update Information:
Update to version 3.1.91, see
https://github.com/manisandro/gImageReader/releases/tag/v3.1.91 for details.
---- Update to version 3.1.90, see
https://github.com/manisandro/gImageReader/releases/tag/v3.1.90 for details.
--------------------------------------------------------------------------------
================================================================================
lightdm-1.10.6-4.fc22 (FEDORA-2016-258f25d58f)
A cross-desktop Display Manager
--------------------------------------------------------------------------------
Update Information:
Backport upstream fix for errors connecting to XServer via ipv6
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1322775 - lightdm-1.10.6-2 breaks XDMCP: Error connecting to XServer via
ipv6
https://bugzilla.redhat.com/show_bug.cgi?id=1322775
--------------------------------------------------------------------------------
================================================================================
openssl-1.0.1k-15.fc22 (FEDORA-2016-1e39d934ed)
Utilities from the general purpose cryptography library with TLS implementation
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2016-2108, CVE-2016-2107, CVE-2016-2105, CVE-2016-2106
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1331536 - CVE-2016-2106 openssl: EVP_EncryptUpdate overflow
https://bugzilla.redhat.com/show_bug.cgi?id=1331536
[ 2 ] Bug #1331441 - CVE-2016-2105 openssl: EVP_EncodeUpdate overflow
https://bugzilla.redhat.com/show_bug.cgi?id=1331441
[ 3 ] Bug #1331426 - CVE-2016-2107 openssl: Padding oracle in AES-NI CBC MAC check
https://bugzilla.redhat.com/show_bug.cgi?id=1331426
[ 4 ] Bug #1331402 - CVE-2016-2108 openssl: Memory corruption in the ASN.1 encoder
https://bugzilla.redhat.com/show_bug.cgi?id=1331402
--------------------------------------------------------------------------------
================================================================================
pam_yubico-2.21-2.fc22 (FEDORA-2016-0361bf0584)
A Pluggable Authentication Module for yubikeys
--------------------------------------------------------------------------------
Update Information:
Update yubikey packages
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1265220 - pam_yubico-2.21 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1265220
[ 2 ] Bug #1312659 - pam_yubico upgrade also requires ykclient upgrade to 2.15
https://bugzilla.redhat.com/show_bug.cgi?id=1312659
--------------------------------------------------------------------------------
================================================================================
perl-Makefile-Parser-0.216-4.fc22 (FEDORA-2016-3a78ed4382)
Simple parser for Makefiles
--------------------------------------------------------------------------------
Update Information:
Update to 0.216
--------------------------------------------------------------------------------
================================================================================
php-solarium-3.6.0-1.fc22 (FEDORA-2016-b4a028df82)
Solarium PHP Solr client library
--------------------------------------------------------------------------------
Update Information:
**Version 3.6.0** - 2016-05-03 * improvement: no longer allow failures for
HHVM in continuous integration * improvement: added Symfony 3.x components to
CI tests for PHP 5.5+ * added: support for replicas in distributed search *
added: support for multiple boost queries in dismax * added: support for
additional stats values like percentiles * improvement: several typo / markup
fixes in documentation * improvement: several docblock fixes *
improvement: ClientInterface now also used for standard Client class
--------------------------------------------------------------------------------
================================================================================
python-pysocks-1.5.6-2.fc22 (FEDORA-2016-a5e7a7d75b)
A Python SOCKS client module
--------------------------------------------------------------------------------
Update Information:
Latest upstream of python-requests and python-urllib3. Includes new package,
python-pysocks. -
https://github.com/kennethreitz/requests/blob/master/HISTORY.rst -
https://github.com/shazow/urllib3/blob/master/CHANGES.rst
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1332206 - Review Request: python-pysocks - A Python SOCKS client module
https://bugzilla.redhat.com/show_bug.cgi?id=1332206
[ 2 ] Bug #1331001 - Hostname with IPv6 address returning status code 400 BAD request
https://bugzilla.redhat.com/show_bug.cgi?id=1331001
[ 3 ] Bug #1295402 - python-urllib3-1.14 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1295402
[ 4 ] Bug #1296769 - python-urllib3-1.15 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1296769
[ 5 ] Bug #1331907 - python-requests-2.10.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1331907
--------------------------------------------------------------------------------
================================================================================
python-requests-2.10.0-1.fc22 (FEDORA-2016-a5e7a7d75b)
HTTP library, written in Python, for human beings
--------------------------------------------------------------------------------
Update Information:
Latest upstream of python-requests and python-urllib3. Includes new package,
python-pysocks. -
https://github.com/kennethreitz/requests/blob/master/HISTORY.rst -
https://github.com/shazow/urllib3/blob/master/CHANGES.rst
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1332206 - Review Request: python-pysocks - A Python SOCKS client module
https://bugzilla.redhat.com/show_bug.cgi?id=1332206
[ 2 ] Bug #1331001 - Hostname with IPv6 address returning status code 400 BAD request
https://bugzilla.redhat.com/show_bug.cgi?id=1331001
[ 3 ] Bug #1295402 - python-urllib3-1.14 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1295402
[ 4 ] Bug #1296769 - python-urllib3-1.15 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1296769
[ 5 ] Bug #1331907 - python-requests-2.10.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1331907
--------------------------------------------------------------------------------
================================================================================
python-urllib3-1.15.1-1.fc22 (FEDORA-2016-a5e7a7d75b)
Python HTTP library with thread-safe connection pooling and file post
--------------------------------------------------------------------------------
Update Information:
Latest upstream of python-requests and python-urllib3. Includes new package,
python-pysocks. -
https://github.com/kennethreitz/requests/blob/master/HISTORY.rst -
https://github.com/shazow/urllib3/blob/master/CHANGES.rst
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1332206 - Review Request: python-pysocks - A Python SOCKS client module
https://bugzilla.redhat.com/show_bug.cgi?id=1332206
[ 2 ] Bug #1331001 - Hostname with IPv6 address returning status code 400 BAD request
https://bugzilla.redhat.com/show_bug.cgi?id=1331001
[ 3 ] Bug #1295402 - python-urllib3-1.14 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1295402
[ 4 ] Bug #1296769 - python-urllib3-1.15 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1296769
[ 5 ] Bug #1331907 - python-requests-2.10.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1331907
--------------------------------------------------------------------------------
================================================================================
samba-4.2.12-0.fc22 (FEDORA-2016-828f77de70)
Server and Client software to interoperate with Windows machines
--------------------------------------------------------------------------------
Update Information:
Update to Samba 4.2.12
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1327761 - Domain authentication broken after 4.2.11/4.3.8/4.4.2 security
update
https://bugzilla.redhat.com/show_bug.cgi?id=1327761
--------------------------------------------------------------------------------
================================================================================
wine-1.9.9-1.fc22 (FEDORA-2016-05dbe62bea)
A compatibility layer for windows applications
--------------------------------------------------------------------------------
Update Information:
- More work towards the WineD3D command stream. - Service proxies in
WebServices. - Query support in the builtin reg.exe utility. - Improved
support for long URLs in WinInet. - Various bug fixes.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1331910 - wine-1.9.9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1331910
--------------------------------------------------------------------------------
================================================================================
ykclient-2.15-1.fc22 (FEDORA-2016-0361bf0584)
Yubikey management library and client
--------------------------------------------------------------------------------
Update Information:
Update yubikey packages
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1265220 - pam_yubico-2.21 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1265220
[ 2 ] Bug #1312659 - pam_yubico upgrade also requires ykclient upgrade to 2.15
https://bugzilla.redhat.com/show_bug.cgi?id=1312659
--------------------------------------------------------------------------------