The following Fedora 22 Security updates need testing:
Age URL
388
https://bodhi.fedoraproject.org/updates/FEDORA-2015-5878
echoping-6.1-0.beta.r434svn.1.fc22
337
https://bodhi.fedoraproject.org/updates/FEDORA-2015-9185
ceph-deploy-1.5.25-1.fc22
270
https://bodhi.fedoraproject.org/updates/FEDORA-2015-12781
python-kdcproxy-0.3.2-1.fc22
224
https://bodhi.fedoraproject.org/updates/FEDORA-2015-16239 nagios-4.0.8-1.fc22
212
https://bodhi.fedoraproject.org/updates/FEDORA-2015-2d37e7dacf
openstack-swift-2.2.0-6.fc22
182
https://bodhi.fedoraproject.org/updates/FEDORA-2015-9039c25f1d
miniupnpc-1.9-6.fc22
164
https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4
libpng-1.6.16-4.fc22
164
https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6
libpng-1.6.16-5.fc22
146
https://bodhi.fedoraproject.org/updates/FEDORA-2015-3a5cebb105
ImageMagick-6.9.2.7-1.fc22
131
https://bodhi.fedoraproject.org/updates/FEDORA-2015-b9e4c97ff1 sos-3.2-2.fc22
105
https://bodhi.fedoraproject.org/updates/FEDORA-2015-f683150aa0
thttpd-2.25b-37.fc22
81
https://bodhi.fedoraproject.org/updates/FEDORA-2016-560802e52b
xdelta-3.0.7-7.fc22
70
https://bodhi.fedoraproject.org/updates/FEDORA-2016-24d134e494
mingw-nsis-2.50-1.fc22
62
https://bodhi.fedoraproject.org/updates/FEDORA-2016-338a7e9925
graphite2-1.3.6-1.fc22
57
https://bodhi.fedoraproject.org/updates/FEDORA-2016-3cbe9ad765
python-pygments-2.1.3-1.fc22
53
https://bodhi.fedoraproject.org/updates/FEDORA-2016-7b40eb9e29
libecap-1.0.0-1.fc22 squid-3.5.10-1.fc22
26
https://bodhi.fedoraproject.org/updates/FEDORA-2016-8d4b68e412
imlib2-1.4.8-1.fc22
24
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d19ed2f80d
squid-3.5.10-2.fc22
18
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a028331ebc
poppler-0.30.0-4.fc22
9
https://bodhi.fedoraproject.org/updates/FEDORA-2016-373c063e79
kernel-4.4.8-200.fc22
9
https://bodhi.fedoraproject.org/updates/FEDORA-2016-5a9313e4b4
perl-5.20.3-330.fc22
7
https://bodhi.fedoraproject.org/updates/FEDORA-2016-c1bad2b755
thunderbird-45.0-2.fc22
7
https://bodhi.fedoraproject.org/updates/FEDORA-2016-1aaf308de4
community-mysql-5.6.30-1.fc22
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4a5ce6a6c0
cacti-0.8.8g-1.fc22
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-927aade89c
rpm-4.12.0.1-17.fc22
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-6fd7a31d36
pgpdump-0.30-1.fc22
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-e205218629 php-5.6.21-1.fc22
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-7d6cbcadca gd-2.1.1-3.fc22
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-9851b69dbb
openvas-cli-1.4.4-1.fc22 openvas-gsa-6.0.10-3.fc22 openvas-libraries-8.0.7-2.fc22
openvas-manager-6.0.8-2.fc22 openvas-scanner-5.0.5-3.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-fe0d8f126a
botan-1.10.13-1.fc22
The following Fedora 22 Critical Path updates have yet to be approved:
Age URL
263
https://bodhi.fedoraproject.org/updates/FEDORA-2015-13210 yum-3.4.3-508.fc22
182
https://bodhi.fedoraproject.org/updates/FEDORA-2015-2123de044f
libgphoto2-2.5.8-1.fc22
164
https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6
libpng-1.6.16-5.fc22
164
https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4
libpng-1.6.16-4.fc22
88
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d3fce30d64
mobile-broadband-provider-info-1.20151214-1.fc22
70
https://bodhi.fedoraproject.org/updates/FEDORA-2016-ce419c9cab
selinux-policy-3.13.1-128.28.fc22
59
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4d5434d82f parted-3.2-16.fc22
46
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d4e6e32c1c
upower-0.99.3-2.fc22
26
https://bodhi.fedoraproject.org/updates/FEDORA-2016-8d4b68e412
imlib2-1.4.8-1.fc22
22
https://bodhi.fedoraproject.org/updates/FEDORA-2016-1576899f4e
gnome-settings-daemon-3.16.5-1.fc22
18
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a028331ebc
poppler-0.30.0-4.fc22
18
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a18dc43d88
control-center-3.16.4-1.fc22
15
https://bodhi.fedoraproject.org/updates/FEDORA-2016-027faabac4
libreport-2.6.4-2.fc22 abrt-2.6.1-11.fc22
13
https://bodhi.fedoraproject.org/updates/FEDORA-2016-af1f30412b
pygtk2-2.24.0-14.fc22
12
https://bodhi.fedoraproject.org/updates/FEDORA-2016-695843b69a
hwdata-0.288-1.fc22
12
https://bodhi.fedoraproject.org/updates/FEDORA-2016-1122e53c5a expat-2.1.1-1.fc22
9
https://bodhi.fedoraproject.org/updates/FEDORA-2016-89e3334638
gnome-shell-3.16.4-2.fc22
9
https://bodhi.fedoraproject.org/updates/FEDORA-2016-5a9313e4b4
perl-5.20.3-330.fc22
9
https://bodhi.fedoraproject.org/updates/FEDORA-2016-83b47a28ce
wavpack-4.80.0-1.fc22
9
https://bodhi.fedoraproject.org/updates/FEDORA-2016-373c063e79
kernel-4.4.8-200.fc22
9
https://bodhi.fedoraproject.org/updates/FEDORA-2016-41df7ccbc8
lldpad-1.0.1-4.git036e314.fc22
9
https://bodhi.fedoraproject.org/updates/FEDORA-2016-476f32d4ec
evolution-ews-3.16.5-2.fc22 libsoup-2.50.0-2.fc22
7
https://bodhi.fedoraproject.org/updates/FEDORA-2016-c1bad2b755
thunderbird-45.0-2.fc22
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-927aade89c
rpm-4.12.0.1-17.fc22
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-7d6cbcadca gd-2.1.1-3.fc22
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-cc848e483a
xulrunner-44.0-6.fc22
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-ad6926a3c8
firefox-46.0-5.fc22
The following builds have been pushed to Fedora 22 updates-testing
botan-1.10.13-1.fc22
libraqm-0.1.1-1.fc22
libxmp-4.3.13-1.fc22
pbuilder-0.224-1.fc22
perl-Monotone-AutomateStdio-1.10-1.fc22
php-ZendFramework-1.12.18-1.fc22
pyliblo-0.10.0-1.fc22
python-rpi-gpio-0.6.1-1.fc22
python-xmltodict-0.10.1-1.fc22
texworks-0.6.1-1.fc22
tinc-1.0.28-1.fc22
yad-0.36.2-1.fc22
Details about builds:
================================================================================
botan-1.10.13-1.fc22 (FEDORA-2016-fe0d8f126a)
Crypto library written in C++
--------------------------------------------------------------------------------
Update Information:
From the upstream release notes: Botan 1.10.13 has been released backporting
some side channel protections for ECDSA signatures (CVE-2016-2849) and PKCS #1
RSA decryption (CVE-2015-7827).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1311989 - CVE-2015-7827 botan: PKCS #1 decoding not in constant time
https://bugzilla.redhat.com/show_bug.cgi?id=1311989
[ 2 ] Bug #1330875 - CVE-2016-2849 CVE-2016-2850 botan: two issues fixed in 1.11.29
https://bugzilla.redhat.com/show_bug.cgi?id=1330875
--------------------------------------------------------------------------------
================================================================================
libraqm-0.1.1-1.fc22 (FEDORA-2016-7987fa6183)
Complex Textlayout Library
--------------------------------------------------------------------------------
Update Information:
Raqm is a small library that encapsulates the logic for complex text layout
and provide a convenient API. It currently provides bidirectional text support
(using FriBiDi), shaping (using HarfBuzz), and proper script itemization. As a
result, Raqm can support most writing systems covered by Unicode. The
documentation can be accessed on the web at:
http://host-
oman.github.io/libraqm/ Raqm (Arabic: ����������) is writing, also number or digit
and the Arabic word for digital (����������������) shares the same root, so it is a play
on ���digital writing���.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1329807 - Review Request: libraqm - Complex Textlayout Library
https://bugzilla.redhat.com/show_bug.cgi?id=1329807
--------------------------------------------------------------------------------
================================================================================
libxmp-4.3.13-1.fc22 (FEDORA-2016-c7a5c34075)
A multi-format module playback library
--------------------------------------------------------------------------------
Update Information:
Fix bugs caught in the OpenMPT test cases: * fix IT volume column fine volume
slide with row delay Other changes: * fix MOD vs XM set finetune effect * fix
IT old instrument volume * fix IT panbrello speed * fix IT random pan variation
left bias * fix IT default pan in sample mode (reported by Hai Shalom) * fix S3M
set pan effect (reported by Hai Shalom and Johannes Schultz) * code refactoring
and cleanup
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1328288 - libxmp-4.3.13 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1328288
--------------------------------------------------------------------------------
================================================================================
pbuilder-0.224-1.fc22 (FEDORA-2016-e12ba933c5)
Personal package builder for Debian packages
--------------------------------------------------------------------------------
Update Information:
Update to version 0.224, see
http://metadata.ftp-
master.debian.org/changelogs//main/p/pbuilder/pbuilder_0.224_changelog for
details.
--------------------------------------------------------------------------------
================================================================================
perl-Monotone-AutomateStdio-1.10-1.fc22 (FEDORA-2016-a0be9aaacb)
Perl interface to Monotone via automate stdio
--------------------------------------------------------------------------------
Update Information:
Update to the latest released version. From the upstream changelog: - Changes
made for Monotone version 1.10: - Added an erase_descendants() method. -
The get_attributes() method now accepts an additional revision id when working
outside of a workspace. - Updated documentation. - The mtn_aif_version field
inside the Monotone object now contains the full floating point version number
of the automate stdio interface version.
--------------------------------------------------------------------------------
================================================================================
php-ZendFramework-1.12.18-1.fc22 (FEDORA-2016-9391da5d87)
Leading open-source PHP framework
--------------------------------------------------------------------------------
Update Information:
Zend Framework 1.12.18 (2016-04-13) =================================== *
Please Remove YouTube Zend GData Page * PHP7 debug_backtrace BC break *
Solve problem with subqueries in SELECT block * List-separator attribute is
not being unset for MultiCheckboxes due to a typo. * Wrong regex pattern in
Zend_Validate_Iban class * VERSION constant incorrect for 1.12.17 release tag.
* ZF2015-09: The Zend_Crypt_MathTest should run on PHP 5.2/5.3 * Update
Vagrantfile to use Rasmus' php7 box * ZF2015-08 breaks binary data *
zf1-extra is missing in release-1.12.17 * Fix for 655 issue * Wrong PHPDoc
in Zend_Mail * Non-existing method getRequired() in Zend_Form-Elements docs
* Zend_Form_Element_Button::isChecked has wrong documentation Zend Framework
1.12.17 (2015-11-23) =================================== * Fixes null byte
tests in `Zend_Db_Adapter_Pdo` * Updates the TLD list for
`Zend_Validate_Hostname` to version 2015102801.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1328032 - ZF2015-08 breaks binary data
https://bugzilla.redhat.com/show_bug.cgi?id=1328032
--------------------------------------------------------------------------------
================================================================================
pyliblo-0.10.0-1.fc22 (FEDORA-2016-982cd945cf)
Python bindings for the liblo OSC library
--------------------------------------------------------------------------------
Update Information:
py3 support (rhbz#1322496)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1322496 - pyliblo: Provide a Python 3 subpackage
https://bugzilla.redhat.com/show_bug.cgi?id=1322496
--------------------------------------------------------------------------------
================================================================================
python-rpi-gpio-0.6.1-1.fc22 (FEDORA-2016-b63d88fc5b)
A class to control the GPIO on a Raspberry Pi
--------------------------------------------------------------------------------
Update Information:
Add py3 support
--------------------------------------------------------------------------------
================================================================================
python-xmltodict-0.10.1-1.fc22 (FEDORA-2016-bf5141b4f3)
A Python to transform XML to JSON
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream reelase 0.10.1
--------------------------------------------------------------------------------
================================================================================
texworks-0.6.1-1.fc22 (FEDORA-2016-baffd8f1c1)
A simple IDE for authoring TeX documents
--------------------------------------------------------------------------------
Update Information:
- Fix "Jump to Source" from PDF context menu - Fix fine-sync'ing close
to
PDF line boundaries - Fix loading of Qt-global translations - Fix pixel-
alignment after zoomFitWindow in continuous mode - Fix handling of changing
scroll bar visibilities in zoomFitWidth and zoomFitWindo - Allow horizontal
scrolling by Shift+MouseWheel - Update translations
--------------------------------------------------------------------------------
================================================================================
tinc-1.0.28-1.fc22 (FEDORA-2016-248e8a74c5)
A virtual private network daemon
--------------------------------------------------------------------------------
Update Information:
Use upstream service units
--------------------------------------------------------------------------------
================================================================================
yad-0.36.2-1.fc22 (FEDORA-2016-16dd8d5550)
Display graphical dialogs from shell scripts or command line
--------------------------------------------------------------------------------
Update Information:
update to 0.36.2 ---- Yad update to 0.36.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1331995 - yad-0.36.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1331995
[ 2 ] Bug #1330795 - yad-0.36.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1330795
--------------------------------------------------------------------------------