The following Fedora 22 Security updates need testing:
Age URL
324
https://bodhi.fedoraproject.org/updates/FEDORA-2015-5878
echoping-6.1-0.beta.r434svn.1.fc22
273
https://bodhi.fedoraproject.org/updates/FEDORA-2015-9185
ceph-deploy-1.5.25-1.fc22
206
https://bodhi.fedoraproject.org/updates/FEDORA-2015-12781
python-kdcproxy-0.3.2-1.fc22
160
https://bodhi.fedoraproject.org/updates/FEDORA-2015-16239 nagios-4.0.8-1.fc22
154
https://bodhi.fedoraproject.org/updates/FEDORA-2015-05490fc42d
squid-3.4.13-3.fc22
149
https://bodhi.fedoraproject.org/updates/FEDORA-2015-2d37e7dacf
openstack-swift-2.2.0-6.fc22
118
https://bodhi.fedoraproject.org/updates/FEDORA-2015-0552500cd7
python-pygments-2.0.2-3.fc22
118
https://bodhi.fedoraproject.org/updates/FEDORA-2015-9039c25f1d
miniupnpc-1.9-6.fc22
101
https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4
libpng-1.6.16-4.fc22
101
https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6
libpng-1.6.16-5.fc22
82
https://bodhi.fedoraproject.org/updates/FEDORA-2015-3a5cebb105
ImageMagick-6.9.2.7-1.fc22
73
https://bodhi.fedoraproject.org/updates/FEDORA-2015-6efa349a85
subversion-1.8.15-1.fc22
67
https://bodhi.fedoraproject.org/updates/FEDORA-2015-b9e4c97ff1 sos-3.2-2.fc22
41
https://bodhi.fedoraproject.org/updates/FEDORA-2015-f683150aa0
thttpd-2.25b-37.fc22
30
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4c57c232c0
xulrunner-44.0-1.fc22
18
https://bodhi.fedoraproject.org/updates/FEDORA-2016-560802e52b
xdelta-3.0.7-7.fc22
13
https://bodhi.fedoraproject.org/updates/FEDORA-2016-0609474cf6
389-ds-base-1.3.4.8-1.fc22
13
https://bodhi.fedoraproject.org/updates/FEDORA-2016-5cb344dd7e
community-mysql-5.6.29-1.fc22
13
https://bodhi.fedoraproject.org/updates/FEDORA-2016-e21be93421 gummi-0.6.6-1.fc22
11
https://bodhi.fedoraproject.org/updates/FEDORA-2016-868c170507
mariadb-10.0.23-1.fc22
11
https://bodhi.fedoraproject.org/updates/FEDORA-2016-1c08d77b96
qt-creator-3.6.0-6.fc22 qca-2.1.1-4.fc22 code-editor-2.8.1-13.fc22 monotone-1.1-13.fc22
botan-1.10.12-1.fc22
10
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a25ee90150
graphite2-1.3.5-1.fc22
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-24d134e494
mingw-nsis-2.50-1.fc22
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-3b20c4ec9d pcs-0.9.149-2.fc22
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-7942ee2cc5
libssh2-1.5.0-2.fc22
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-dc9e8da03c
libssh-0.7.3-1.fc22
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-266406ab92
drupal6-6.38-1.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-45d4920315
drupal7-7.43-1.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-ffffab2aa9
libmodbus-3.0.6-1.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-f8121efdac xen-4.5.2-8.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a5ac00e07c
kernel-4.4.3-200.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b19c75d748
tomcat-7.0.68-2.fc22
The following Fedora 22 Critical Path updates have yet to be approved:
Age URL
200
https://bodhi.fedoraproject.org/updates/FEDORA-2015-13210 yum-3.4.3-508.fc22
118
https://bodhi.fedoraproject.org/updates/FEDORA-2015-2123de044f
libgphoto2-2.5.8-1.fc22
114
https://bodhi.fedoraproject.org/updates/FEDORA-2015-48f718ed1b vim-7.4.909-1.fc22
101
https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6
libpng-1.6.16-5.fc22
101
https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4
libpng-1.6.16-4.fc22
54
https://bodhi.fedoraproject.org/updates/FEDORA-2016-46b611abb8
httpd-2.4.18-1.fc22
30
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4c57c232c0
xulrunner-44.0-1.fc22
24
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d3fce30d64
mobile-broadband-provider-info-1.20151214-1.fc22
11
https://bodhi.fedoraproject.org/updates/FEDORA-2016-bdc07e5732
kde-runtime-15.12.2-1.fc22 kdelibs-4.14.17-1.fc22
11
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d25f4327b1
kdepim-4.14.10-10.fc22 kdepim-runtime-4.14.10-6.fc22 kdepimlibs-4.14.10-8.fc22
11
https://bodhi.fedoraproject.org/updates/FEDORA-2016-c865c44c3d
breeze-icon-theme-5.19.0-1.fc22 extra-cmake-modules-5.19.0-1.fc22 kf5-5.19.0-1.fc22
kf5-attica-5.19.0-1.fc22 kf5-baloo-5.19.0-1.fc22 kf5-bluez-qt-5.19.0-1.fc22
kf5-frameworkintegration-5.19.0-1.fc22 kf5-kactivities-5.19.0-1.fc22
kf5-kapidox-5.19.0-1.fc22 kf5-karchive-5.19.0-1.fc22 kf5-kauth-5.19.0-1.fc22
kf5-kbookmarks-5.19.0-1.fc22 kf5-kcmutils-5.19.0-1.fc22 kf5-kcodecs-5.19.0-1.fc22
kf5-kcompletion-5.19.0-1.fc22 kf5-kconfig-5.19.0-1.fc22 kf5-kconfigwidgets-5.19.0-1.fc22
kf5-kcoreaddons-5.19.0-1.fc22 kf5-kcrash-5.19.0-1.fc22 kf5-kdbusaddons-5.19.0-1.fc22
kf5-kdeclarative-5.19.0-2.fc22 kf5-kded-5.19.0-1.fc22 kf5-kdelibs4support-5.19.0-1.fc22
kf5-kdesignerplugin-5.19.0-1.fc22 kf5-kdesu-5.19.0-1.fc22 kf5-kdewebkit-5.19.0-1.fc22
kf5-kdnssd-5.19.0-1.fc22 kf5-kdoctools-5.19.0-1.fc22 kf5-kemoticons-5.19.0-1.fc22
kf5-kfilemetadata-5.19.0-1.fc22 kf5-kglobalaccel-5.19.0-1.fc22
kf5-kguiaddons-5.19.0-1.fc22 kf5-khtml
-5.19.0-
1.fc22 kf5-ki18n-5.19.0-1.fc22 kf5-kiconthemes-5.19.0-1.fc22 kf5-kidletime-5.19.0-1.fc22
kf5-kimageformats-5.19.0-1.fc22 kf5-kinit-5.19.0-1.fc22 kf5-kio-5.19.0-1.fc22
kf5-kitemmodels-5.19.0-1.fc22 kf5-kitemviews-5.19.0-1.fc22 kf5-kjobwidgets-5.19.0-1.fc22
kf5-kjs-5.19.0-1.fc22 kf5-kjsembed-5.19.0-1.fc22 kf5-kmediaplayer-5.19.0-1.fc22
kf5-knewstuff-5.19.0-1.fc22 kf5-knotifications-5.19.0-1.fc22
kf5-knotifyconfig-5.19.0-1.fc22 kf5-kpackage-5.19.0-1.fc22 kf5-kparts-5.19.0-1.fc22
kf5-kpeople-5.19.0-1.fc22 kf5-kplotting-5.19.0-1.fc22 kf5-kpty-5.19.0-1.fc22
kf5-kross-5.19.0-1.fc22 kf5-krunner-5.19.0-1.fc22 kf5-kservice-5.19.0-1.fc22
kf5-ktexteditor-5.19.0-1.fc22 kf5-ktextwidgets-5.19.0-1.fc22
kf5-kunitconversion-5.19.0-1.fc22 kf5-kwallet-5.19.0-1.fc22
kf5-kwidgetsaddons-5.19.0-1.fc22 kf5-kwindowsystem-5.19.0-1.fc22 kf5-kxmlgui-5.19.0-1.fc22
kf5-kxmlrpcclient-5.19.0-1.fc22 kf5-modemmanager-qt-5.19.0-1.fc22
kf5-networkmanager-qt-5.19.0-1.fc22 kf5-plasma-5.19.0-2.fc22 kf5-solid-5.19.
0-1.fc22
kf5-sonnet-5.19.0-1.fc22 kf5-threadweaver-5.19.0-1.fc22 oxygen-icon-theme-5.19.0-3.fc22
10
https://bodhi.fedoraproject.org/updates/FEDORA-2016-2e3261008b
htdig-3.2.0-0.21.b6.fc22
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-ed3e59d122
gnutls-3.3.21-2.fc22
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-c4618aa80c
hwdata-0.286-1.fc22
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-ce419c9cab
selinux-policy-3.13.1-128.28.fc22
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-0ac4553914 gvfs-1.24.3-1.fc22
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-7942ee2cc5
libssh2-1.5.0-2.fc22
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-636c7a6056
gamin-0.1.10-22.fc22
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-dc9e8da03c
libssh-0.7.3-1.fc22
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a5317e8cfe
thunderbird-38.6.0-3.fc22
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b37af739e7
spatialite-tools-4.2.0-20.fc22 sqlite-3.11.0-2.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a5ac00e07c
kernel-4.4.3-200.fc22
The following builds have been pushed to Fedora 22 updates-testing
drupal7-7.43-1.fc22
fish-2.2.0-11.fc22
kernel-4.4.3-200.fc22
libmodbus-3.0.6-1.fc22
perl-File-Edit-Portable-1.20-1.fc22
perl-Starlet-0.29-1.fc22
perl-Text-Diff-1.44-1.fc22
python-productmd-1.0-12.fc22
python-urllib3-1.13.1-3.fc22
tomcat-7.0.68-2.fc22
workrave-1.10.10-1.fc22
xen-4.5.2-8.fc22
Details about builds:
================================================================================
drupal7-7.43-1.fc22 (FEDORA-2016-45d4920315)
An open-source content-management platform
--------------------------------------------------------------------------------
Update Information:
https://www.drupal.org/SA-CORE-2016-001
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1312394 - drupal7: drupal: several issues fixed in 7.43 and 6.38
(SA-CORE-2016-001) [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1312394
[ 2 ] Bug #1312391 - drupal7: drupal: several issues fixed in 7.43 and 6.38
(SA-CORE-2016-001) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1312391
--------------------------------------------------------------------------------
================================================================================
fish-2.2.0-11.fc22 (FEDORA-2016-cdbbc3e2c3)
A friendly interactive shell
--------------------------------------------------------------------------------
Update Information:
Backport the vendor config snippet feature.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1189036 - RFE: ccache should get applied via profile in other shells than
bash
https://bugzilla.redhat.com/show_bug.cgi?id=1189036
--------------------------------------------------------------------------------
================================================================================
kernel-4.4.3-200.fc22 (FEDORA-2016-a5ac00e07c)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
The 4.4.3 update contains a number of important fixes across the tree
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1305803 - CVE-2016-0617 kernel: hugetlbfs: fix bugs in
hugetlb_vmtruncate_list()
https://bugzilla.redhat.com/show_bug.cgi?id=1305803
[ 2 ] Bug #1308444 - CVE-2016-2384 kernel: double-free in usb-audio triggered by invalid
USB descriptor
https://bugzilla.redhat.com/show_bug.cgi?id=1308444
[ 3 ] Bug #1308452 - CVE-2016-2383 kernel: incorrect branch fixups for eBPG allow
arbitrary read
https://bugzilla.redhat.com/show_bug.cgi?id=1308452
[ 4 ] Bug #1303532 - CVE-2015-8812 kernel: CXGB3: Logic bug in return code handling
prematurely frees key structures causing Use after free or kernel panic.
https://bugzilla.redhat.com/show_bug.cgi?id=1303532
--------------------------------------------------------------------------------
================================================================================
libmodbus-3.0.6-1.fc22 (FEDORA-2016-ffffab2aa9)
A Modbus library
--------------------------------------------------------------------------------
Update Information:
fix remote buffer overflow vulnerability on write requests
--------------------------------------------------------------------------------
================================================================================
perl-File-Edit-Portable-1.20-1.fc22 (FEDORA-2016-ef36fc2b88)
Read and write files while keeping the original line-endings intact
--------------------------------------------------------------------------------
Update Information:
1.20 2016-02-26 - no functional changes - code cleanup, slight refactoring -
changed from croak() to confess() for better diagnostics 1.19 2016-02-20 -
is_read check in write() is now performed before $copy assignment to $file, so
that the proper original file's recsep is used (fixes #19)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1310275 - perl-File-Edit-Portable-1.20 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1310275
--------------------------------------------------------------------------------
================================================================================
perl-Starlet-0.29-1.fc22 (FEDORA-2016-731cf6f00b)
Simple, high-performance PSGI/Plack HTTP server
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
================================================================================
perl-Text-Diff-1.44-1.fc22 (FEDORA-2016-be582ec14d)
Perform diffs on files and record sets
--------------------------------------------------------------------------------
Update Information:
A new version of Text-Diff is available. This release handles lines without
trailing newlines better and in line with the traditional diff utility.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1312568 - perl-Text-Diff-1.44 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1312568
--------------------------------------------------------------------------------
================================================================================
python-productmd-1.0-12.fc22 (FEDORA-2016-6b43405ff9)
Library providing parsers for metadata related to OS installation
--------------------------------------------------------------------------------
Update Information:
add a patch to make rawhide as a version consistently an option
--------------------------------------------------------------------------------
================================================================================
python-urllib3-1.13.1-3.fc22 (FEDORA-2016-5a4bd1bc58)
Python HTTP library with thread-safe connection pooling and file post
--------------------------------------------------------------------------------
Update Information:
Apply patch from upstream to fix ipv6.
https://github.com/shazow/urllib3/pull/801
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1312070 - IPv6 broken due to urllib3 duplicating brackets in request header
https://bugzilla.redhat.com/show_bug.cgi?id=1312070
[ 2 ] Bug #1312347 - IPv6 broken due to urllib3 duplicating brackets in request header
https://bugzilla.redhat.com/show_bug.cgi?id=1312347
--------------------------------------------------------------------------------
================================================================================
tomcat-7.0.68-2.fc22 (FEDORA-2016-b19c75d748)
Apache Servlet/JSP Engine, RI for Servlet 3.0/JSP 2.2 API
--------------------------------------------------------------------------------
Update Information:
- Load sysconfig from tomcat.conf, resolves: rhbz#1311771, rhbz#1311905 - Set
default javax.sql.DataSource factory to apache commons one, resolves
rhbz#1214381 ---- - Updated to 7.0.68 - Fix symlinks from $CATALINA_HOME/lib
perspective, resolves: rhbz#1308685 - Fix tomcat user shell, resolves
rhbz#1302718 - Remove log4j support. It has never been working actually. See
rhbz#1236297 - Move shipped config to /etc/sysconfig/tomcat.
/etc/tomcat/tomcat.conf can now be used to override it with shell expansion,
resolves rhbz#1293636 - Security fix for CVE-2016-0763
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1311093 - CVE-2016-0763 tomcat: security manager bypass via
setGlobalContext()
https://bugzilla.redhat.com/show_bug.cgi?id=1311093
--------------------------------------------------------------------------------
================================================================================
workrave-1.10.10-1.fc22 (FEDORA-2016-5a5ec37671)
Program that assists in the recovery and prevention of RSI
--------------------------------------------------------------------------------
Update Information:
new version; add Cinnamon, Indicator, MATE, and Xfce applets
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #990546 - 'Lock' button unavailable in rest break prompt
https://bugzilla.redhat.com/show_bug.cgi?id=990546
[ 2 ] Bug #1047808 - [abrt] workrave: workrave killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1047808
[ 3 ] Bug #1048462 - workrave-v1_10_10 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1048462
[ 4 ] Bug #1297716 - Workrave segfaults on startup
https://bugzilla.redhat.com/show_bug.cgi?id=1297716
[ 5 ] Bug #1294323 - [abrt] workrave: Gtk::Widget::get_allocation() const(): workrave
killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1294323
[ 6 ] Bug #1285442 - workrave crashes, related to gtkmm
https://bugzilla.redhat.com/show_bug.cgi?id=1285442
[ 7 ] Bug #1267729 - [abrt] workrave: Gtk::Widget::gobj(): workrave killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1267729
[ 8 ] Bug #1263389 - no sound in workrave
https://bugzilla.redhat.com/show_bug.cgi?id=1263389
[ 9 ] Bug #1252497 - [abrt] workrave: operator new(unsigned long)(): workrave killed by
SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1252497
[ 10 ] Bug #1207669 - [abrt] workrave: g_thread_join(): workrave killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1207669
--------------------------------------------------------------------------------
================================================================================
xen-4.5.2-8.fc22 (FEDORA-2016-f8121efdac)
Xen is a virtual machine monitor
--------------------------------------------------------------------------------
Update Information:
x86: inconsistent cachability flags on guest mappings [XSA-154, CVE-2016-2270]
(#1309324) VMX: guest user mode may crash guest with non-canonical RIP [XSA-170,
CVE-2016-2271] (#1309323)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1304627 - CVE-2016-2270 xsa154 xen: inconsistent cachability flags on guest
mappings (XSA-154)
https://bugzilla.redhat.com/show_bug.cgi?id=1304627
[ 2 ] Bug #1304628 - CVE-2016-2271 xsa170 xen: guest user mode may crash guest with
non-canonical RIP (XSA-170)
https://bugzilla.redhat.com/show_bug.cgi?id=1304628
--------------------------------------------------------------------------------