The following Fedora 22 Security updates need testing:
Age URL
276
https://bodhi.fedoraproject.org/updates/FEDORA-2015-5878
echoping-6.1-0.beta.r434svn.1.fc22
225
https://bodhi.fedoraproject.org/updates/FEDORA-2015-9185
ceph-deploy-1.5.25-1.fc22
157
https://bodhi.fedoraproject.org/updates/FEDORA-2015-12781
python-kdcproxy-0.3.2-1.fc22
112
https://bodhi.fedoraproject.org/updates/FEDORA-2015-16239 nagios-4.0.8-1.fc22
105
https://bodhi.fedoraproject.org/updates/FEDORA-2015-05490fc42d
squid-3.4.13-3.fc22
100
https://bodhi.fedoraproject.org/updates/FEDORA-2015-2d37e7dacf
openstack-swift-2.2.0-6.fc22
98
https://bodhi.fedoraproject.org/updates/FEDORA-2015-3e4043f088
python-pymongo-3.0.3-1.fc22
76
https://bodhi.fedoraproject.org/updates/FEDORA-2015-de44abca87
ntp-4.2.6p5-34.fc22
69
https://bodhi.fedoraproject.org/updates/FEDORA-2015-0552500cd7
python-pygments-2.0.2-3.fc22
69
https://bodhi.fedoraproject.org/updates/FEDORA-2015-9039c25f1d
miniupnpc-1.9-6.fc22
52
https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4
libpng-1.6.16-4.fc22
52
https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6
libpng-1.6.16-5.fc22
45
https://bodhi.fedoraproject.org/updates/FEDORA-2015-8413bdd343 abrt-2.6.1-7.fc22
41
https://bodhi.fedoraproject.org/updates/FEDORA-2015-f683150aa0
thttpd-2.25b-36.fc22
33
https://bodhi.fedoraproject.org/updates/FEDORA-2015-3a5cebb105
ImageMagick-6.9.2.7-1.fc22
33
https://bodhi.fedoraproject.org/updates/FEDORA-2015-39522bb8c9
php-PHPMailer-5.2.14-1.fc22
24
https://bodhi.fedoraproject.org/updates/FEDORA-2015-6efa349a85
subversion-1.8.15-1.fc22
23
https://bodhi.fedoraproject.org/updates/FEDORA-2015-0be7a2e1b8
libsndfile-1.0.25-18.fc22
19
https://bodhi.fedoraproject.org/updates/FEDORA-2015-b9e4c97ff1 sos-3.2-2.fc22
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-f59b94c349
lighttpd-1.4.39-1.fc22
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-8e13ac5754
nghttp2-1.6.0-1.fc22
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-51195e6b92
openvpn-2.3.10-1.fc22
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-cbb76d0e3a pitivi-0.94-5.fc22
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-838200213e
gajim-0.16.5-1.fc22
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-8f950932c1
libxmp-4.3.10-1.fc22
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a6f02951a2
nodejs-ws-1.0.1-1.fc22
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-191ff70357
shotwell-0.23.0-0.1.20160105gitf2fb1f7.fc22
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-5207e0c1a1 php-5.6.17-1.fc22
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4c8956da04
wordpress-4.4.1-1.fc22
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-2ac04ea72f
wireshark-1.12.9-1.fc22
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4a21ce89d3 rsync-3.1.1-7.fc22
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-e289f41b76
prosody-0.9.9-1.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-cf9e2429b5
radicale-1.1.1-1.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-890e612f52 qemu-2.3.1-10.fc22
The following Fedora 22 Critical Path updates have yet to be approved:
Age URL
151
https://bodhi.fedoraproject.org/updates/FEDORA-2015-13210 yum-3.4.3-508.fc22
137
https://bodhi.fedoraproject.org/updates/FEDORA-2015-14218 xulrunner-40.0-1.fc22
69
https://bodhi.fedoraproject.org/updates/FEDORA-2015-2123de044f
libgphoto2-2.5.8-1.fc22
66
https://bodhi.fedoraproject.org/updates/FEDORA-2015-48f718ed1b vim-7.4.909-1.fc22
63
https://bodhi.fedoraproject.org/updates/FEDORA-2015-069fea7e6b
livecd-tools-22.3-1.fc22
52
https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6
libpng-1.6.16-5.fc22
52
https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4
libpng-1.6.16-4.fc22
31
https://bodhi.fedoraproject.org/updates/FEDORA-2015-8083abc683
selinux-policy-3.13.1-128.22.fc22
23
https://bodhi.fedoraproject.org/updates/FEDORA-2015-0be7a2e1b8
libsndfile-1.0.25-18.fc22
14
https://bodhi.fedoraproject.org/updates/FEDORA-2015-95d1b16c34
libassuan-2.4.2-1.fc22
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-5249975cd3
tigervnc-1.6.0-1.fc22
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-46b611abb8
httpd-2.4.18-1.fc22
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-ff7a46f05f
thunderbird-38.5.0-1.fc22
4
https://bodhi.fedoraproject.org/updates/FEDORA-2015-efc06edc85
NetworkManager-1.0.10-2.fc22 NetworkManager-fortisslvpn-1.0.8-1.fc22
NetworkManager-openconnect-1.0.8-1.fc22 NetworkManager-openswan-1.0.8-1.fc22
NetworkManager-openvpn-1.0.8-1.fc22 NetworkManager-vpnc-1.0.8-1.fc22
network-manager-applet-1.0.10-1.fc22
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d41031d2d0 grep-2.21-8.fc22
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-8cde92e12a file-5.22-5.fc22
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-91d16b7dc4
krb5-1.13.2-11.fc22
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-46c1b30b79
librsvg2-2.40.13-1.fc22
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-7365dd5df4
systemd-219-27.fc22
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d77e88459e
breeze-icon-theme-5.18.0-1.fc22 extra-cmake-modules-5.18.0-1.fc22 kf5-5.18.0-1.fc22
kf5-attica-5.18.0-1.fc22 kf5-baloo-5.18.0-1.fc22 kf5-bluez-qt-5.18.0-1.fc22
kf5-frameworkintegration-5.18.0-1.fc22 kf5-kactivities-5.18.0-1.fc22
kf5-kapidox-5.18.0-1.fc22 kf5-karchive-5.18.0-1.fc22 kf5-kauth-5.18.0-1.fc22
kf5-kbookmarks-5.18.0-1.fc22 kf5-kcmutils-5.18.0-1.fc22 kf5-kcodecs-5.18.0-1.fc22
kf5-kcompletion-5.18.0-1.fc22 kf5-kconfig-5.18.0-1.fc22 kf5-kconfigwidgets-5.18.0-1.fc22
kf5-kcoreaddons-5.18.0-1.fc22 kf5-kcrash-5.18.0-1.fc22 kf5-kdbusaddons-5.18.0-1.fc22
kf5-kdeclarative-5.18.0-1.fc22 kf5-kded-5.18.0-1.fc22 kf5-kdelibs4support-5.18.0-1.fc22
kf5-kdesignerplugin-5.18.0-1.fc22 kf5-kdesu-5.18.0-1.fc22 kf5-kdewebkit-5.18.0-1.fc22
kf5-kdnssd-5.18.0-1.fc22 kf5-kdoctools-5.18.0-1.fc22 kf5-kemoticons-5.18.0-1.fc22
kf5-kfilemetadata-5.18.0-1.fc22 kf5-kglobalaccel-5.18.0-1.fc22
kf5-kguiaddons-5.18.0-1.fc22 kf5-khtml
-5.18.0-
1.fc22 kf5-ki18n-5.18.0-1.fc22 kf5-kiconthemes-5.18.0-1.fc22 kf5-kidletime-5.18.0-1.fc22
kf5-kimageformats-5.18.0-1.fc22 kf5-kinit-5.18.0-1.fc22 kf5-kio-5.18.0-1.fc22
kf5-kitemmodels-5.18.0-1.fc22 kf5-kitemviews-5.18.0-1.fc22 kf5-kjobwidgets-5.18.0-1.fc22
kf5-kjs-5.18.0-1.fc22 kf5-kjsembed-5.18.0-1.fc22 kf5-kmediaplayer-5.18.0-1.fc22
kf5-knewstuff-5.18.0-1.fc22 kf5-knotifications-5.18.0-1.fc22
kf5-knotifyconfig-5.18.0-1.fc22 kf5-kpackage-5.18.0-1.fc22 kf5-kparts-5.18.0-1.fc22
kf5-kpeople-5.18.0-1.fc22 kf5-kplotting-5.18.0-1.fc22 kf5-kpty-5.18.0-1.fc22
kf5-kross-5.18.0-1.fc22 kf5-krunner-5.18.0-1.fc22 kf5-kservice-5.18.0-1.fc22
kf5-ktexteditor-5.18.0-1.fc22 kf5-ktextwidgets-5.18.0-1.fc22
kf5-kunitconversion-5.18.0-1.fc22 kf5-kwallet-5.18.0-2.fc22
kf5-kwidgetsaddons-5.18.0-1.fc22 kf5-kwindowsystem-5.18.0-1.fc22 kf5-kxmlgui-5.18.0-1.fc22
kf5-kxmlrpcclient-5.18.0-1.fc22 kf5-modemmanager-qt-5.18.0-1.fc22
kf5-networkmanager-qt-5.18.0-2.fc22 kf5-plasma-5.18.0-1.fc22 kf5-solid-5.18.
0-1.fc22
kf5-sonnet-5.18.0-1.fc22 kf5-threadweaver-5.18.0-1.fc22 oxygen-icon-theme-5.18.0-1.fc22
The following builds have been pushed to Fedora 22 updates-testing
awscli-1.9.16-1.fc22
enki-15.11.0-2.fc22
kanatest-0.4.8-16.fc22
kde-connect-0.9-4.fc22
marsshooter-0.7.6-1.fc22
mbedtls-1.3.16-1.fc22
perl-WWW-Shorten-3.08-1.fc22
php-JsonSchema-1.6.0-1.fc22
php-pear-HTTP-OAuth-0.3.2-1.fc22
qemu-2.3.1-10.fc22
radicale-1.1.1-1.fc22
xflr5-6.12-1.fc22
yash-2.40-1.fc22
Details about builds:
================================================================================
awscli-1.9.16-1.fc22 (FEDORA-2016-4acc3fd114)
Universal Command Line Environment for AWS
--------------------------------------------------------------------------------
Update Information:
First version
--------------------------------------------------------------------------------
================================================================================
enki-15.11.0-2.fc22 (FEDORA-2016-f154dc4371)
Text editor for programmers
--------------------------------------------------------------------------------
Update Information:
obsoletes plugins subpackage, fixes functionality of menu
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1292724 - Enki not usable without plugins
https://bugzilla.redhat.com/show_bug.cgi?id=1292724
[ 2 ] Bug #1281876 - Review Request: enki - Extensible text editor for programmers
https://bugzilla.redhat.com/show_bug.cgi?id=1281876
--------------------------------------------------------------------------------
================================================================================
kanatest-0.4.8-16.fc22 (FEDORA-2016-387e0a9b41)
Hiragana and Katakana drill tool
--------------------------------------------------------------------------------
Update Information:
Build kanatest on F-22, also backport some fixes from F-23
--------------------------------------------------------------------------------
================================================================================
kde-connect-0.9-4.fc22 (FEDORA-2016-543ab1ad88)
KDE Connect client for communication with smartphones
--------------------------------------------------------------------------------
Update Information:
New kdeconnect-0.9g release
--------------------------------------------------------------------------------
================================================================================
marsshooter-0.7.6-1.fc22 (FEDORA-2016-14e3287fc2)
M.A.R.S. - A Ridiculous Shooter
--------------------------------------------------------------------------------
Update Information:
- Switch to new upstream:
https://github.com/jwrdegoede/M.A.R.S. - Update to
0.7.6 release: - Replace a few non-free fonts and sound files which accidentally
slipped in with free alternatives - Add appdata
--------------------------------------------------------------------------------
================================================================================
mbedtls-1.3.16-1.fc22 (FEDORA-2016-11cca392ff)
Light-weight cryptographic and SSL/TLS library
--------------------------------------------------------------------------------
Update Information:
- Update to 1.3.16 Release notes:
https://tls.mbed.org/tech-
updates/releases/mbedtls-2.2.1-2.1.4-1.3.16-and-polarssl.1.2.19-released
--------------------------------------------------------------------------------
================================================================================
perl-WWW-Shorten-3.08-1.fc22 (FEDORA-2016-89f95689d6)
Interface to URL shortening sites
--------------------------------------------------------------------------------
Update Information:
Upgrade to 3.08 (bz#1296197)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1296197 - Upgrade perl-WWW-Shorten to 3.08
https://bugzilla.redhat.com/show_bug.cgi?id=1296197
--------------------------------------------------------------------------------
================================================================================
php-JsonSchema-1.6.0-1.fc22 (FEDORA-2016-d1f51e40fc)
PHP implementation of JSON schema
--------------------------------------------------------------------------------
Update Information:
**Version1.6.0** * 142 Optional extra arguments for custom error messages * 143
Add constraint factory * 192 Create .gitattributes * 194 bugfix:
patternProperties raised errors when the pattern has slashes * 202 Fix
CollectionConstraint to allow uniqueItems to be false * 204 Fix path output for
required properties * 206 An email is a string, not much else. * 207 Fix non-6
digit microsecond date time formats * 209 RefResolver::$depth restoration after
JsonDecodingException **Version1.5.0** * 182 Fix #93 ($ref to local definition
not working)
--------------------------------------------------------------------------------
================================================================================
php-pear-HTTP-OAuth-0.3.2-1.fc22 (FEDORA-2016-65fd7a172e)
Implementation of the OAuth spec
--------------------------------------------------------------------------------
Update Information:
**Version 0.3.2** * Fixed PEAR#20426. Authorization header values parsed
incorrectly * Added composer support.
--------------------------------------------------------------------------------
================================================================================
qemu-2.3.1-10.fc22 (FEDORA-2016-890e612f52)
QEMU is a FAST! processor emulator
--------------------------------------------------------------------------------
Update Information:
* CVE-2015-7549: pci: null pointer dereference issue (bz #1291138) *
CVE-2015-8558: DoS by infinite loop in ehci_advance_state (bz #1291309) *
CVE-2015-8666: Heap-based buffer overrun during VM migration (bz #1294027) *
CVE-2015-8744: vmxnet3: fix crash with short packets (bz #1295440) *
CVE-2015-8745: vmxnet3: don't assert reading registers in bar0 (bz #1295442)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1291137 - CVE-2015-7549 Qemu: pci: null pointer dereference issue
https://bugzilla.redhat.com/show_bug.cgi?id=1291137
[ 2 ] Bug #1277983 - CVE-2015-8558 Qemu: usb: infinite loop in ehci_advance_state
results in DoS
https://bugzilla.redhat.com/show_bug.cgi?id=1277983
[ 3 ] Bug #1283722 - CVE-2015-8666 Qemu: acpi: heap based buffer overrun during VM
migration
https://bugzilla.redhat.com/show_bug.cgi?id=1283722
[ 4 ] Bug #1270871 - CVE-2015-8744 Qemu: net: vmxnet3: incorrect l2 header validation
leads to a crash via assert(2) call
https://bugzilla.redhat.com/show_bug.cgi?id=1270871
[ 5 ] Bug #1270876 - CVE-2015-8745 Qemu: net: vmxnet3: reading IMR registers leads to a
crash via assert(2) call
https://bugzilla.redhat.com/show_bug.cgi?id=1270876
--------------------------------------------------------------------------------
================================================================================
radicale-1.1.1-1.fc22 (FEDORA-2016-cf9e2429b5)
A simple CalDAV (calendar) and CardDAV (contact) server
--------------------------------------------------------------------------------
Update Information:
Version 1.1.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1295836 - CVE-2015-8747 CVE-2015-8748 radicale: Multiple security issues
fixed in 1.1
https://bugzilla.redhat.com/show_bug.cgi?id=1295836
--------------------------------------------------------------------------------
================================================================================
xflr5-6.12-1.fc22 (FEDORA-2016-720dec2f42)
Analysis tool for airfoils, wings and planes
--------------------------------------------------------------------------------
Update Information:
Update to version 6.12, see
http://sourceforge.net/projects/xflr5/files/6.12/ReleaseNotes.txt for details.
--------------------------------------------------------------------------------
================================================================================
yash-2.40-1.fc22 (FEDORA-2016-dafb6f6776)
Yet Another SHell
--------------------------------------------------------------------------------
Update Information:
New version 2.40 is released.
--------------------------------------------------------------------------------