The following Fedora 22 Security updates need testing:
Age URL
341
https://bodhi.fedoraproject.org/updates/FEDORA-2015-5878
echoping-6.1-0.beta.r434svn.1.fc22
290
https://bodhi.fedoraproject.org/updates/FEDORA-2015-9185
ceph-deploy-1.5.25-1.fc22
223
https://bodhi.fedoraproject.org/updates/FEDORA-2015-12781
python-kdcproxy-0.3.2-1.fc22
177
https://bodhi.fedoraproject.org/updates/FEDORA-2015-16239 nagios-4.0.8-1.fc22
166
https://bodhi.fedoraproject.org/updates/FEDORA-2015-2d37e7dacf
openstack-swift-2.2.0-6.fc22
135
https://bodhi.fedoraproject.org/updates/FEDORA-2015-9039c25f1d
miniupnpc-1.9-6.fc22
118
https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4
libpng-1.6.16-4.fc22
118
https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6
libpng-1.6.16-5.fc22
99
https://bodhi.fedoraproject.org/updates/FEDORA-2015-3a5cebb105
ImageMagick-6.9.2.7-1.fc22
85
https://bodhi.fedoraproject.org/updates/FEDORA-2015-b9e4c97ff1 sos-3.2-2.fc22
58
https://bodhi.fedoraproject.org/updates/FEDORA-2015-f683150aa0
thttpd-2.25b-37.fc22
47
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4c57c232c0
xulrunner-44.0-1.fc22
35
https://bodhi.fedoraproject.org/updates/FEDORA-2016-560802e52b
xdelta-3.0.7-7.fc22
23
https://bodhi.fedoraproject.org/updates/FEDORA-2016-24d134e494
mingw-nsis-2.50-1.fc22
15
https://bodhi.fedoraproject.org/updates/FEDORA-2016-338a7e9925
graphite2-1.3.6-1.fc22
12
https://bodhi.fedoraproject.org/updates/FEDORA-2016-11537160e9
websvn-2.3.3-12.fc22
11
https://bodhi.fedoraproject.org/updates/FEDORA-2016-3cbe9ad765
python-pygments-2.1.3-1.fc22
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b004d6d8f7
python-django-1.8.11-1.fc22
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-3954061e32
rubygem-actionpack-4.2.0-4.fc22 rubygem-actionview-4.2.0-5.fc22
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-7b40eb9e29
libecap-1.0.0-1.fc22 squid-3.5.10-1.fc22
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-c71532c5e2 putty-0.67-1.fc22
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-bb7bdd7063
php-pecl-http-2.5.6-1.fc22
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-5f44e89fe0
python-tgcaptcha2-0.3.1-1.fc22
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-fde759f627
libotr-4.1.1-1.fc22
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-9f4012116e
drupal6-emfield-2.7-1.fc22
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-38b20aa50f xen-4.5.2-9.fc22
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d339d610c1
openssh-6.9p1-11.fc22
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-dc3740c56e
apache-commons-collections-3.2.2-1.fc22
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-e6651efbaf
tomcat-7.0.68-3.fc22
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-161b73fc2c
bind99-9.9.8-4.P4.fc22
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-f95d8ea3ad
proftpd-1.3.5b-1.fc22
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-364c0a9df4
bind-9.10.3-9.P4.fc22
2
https://bodhi.fedoraproject.org/updates/FEDORA-2016-40a657cee1
dropbear-2016.72-1.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-0429f34acd
torbrowser-launcher-0.2.4-1.fc22
The following Fedora 22 Critical Path updates have yet to be approved:
Age URL
217
https://bodhi.fedoraproject.org/updates/FEDORA-2015-13210 yum-3.4.3-508.fc22
135
https://bodhi.fedoraproject.org/updates/FEDORA-2015-2123de044f
libgphoto2-2.5.8-1.fc22
132
https://bodhi.fedoraproject.org/updates/FEDORA-2015-48f718ed1b vim-7.4.909-1.fc22
118
https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6
libpng-1.6.16-5.fc22
118
https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4
libpng-1.6.16-4.fc22
71
https://bodhi.fedoraproject.org/updates/FEDORA-2016-46b611abb8
httpd-2.4.18-1.fc22
47
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4c57c232c0
xulrunner-44.0-1.fc22
41
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d3fce30d64
mobile-broadband-provider-info-1.20151214-1.fc22
23
https://bodhi.fedoraproject.org/updates/FEDORA-2016-ce419c9cab
selinux-policy-3.13.1-128.28.fc22
20
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b37af739e7
spatialite-tools-4.2.0-20.fc22 sqlite-3.11.0-2.fc22
15
https://bodhi.fedoraproject.org/updates/FEDORA-2016-3b03252507
rpm-4.12.0.1-16.fc22
14
https://bodhi.fedoraproject.org/updates/FEDORA-2016-9f7a319b77
pcmanfm-1.2.4-1.fc22 libfm-1.2.4-1.fc22
13
https://bodhi.fedoraproject.org/updates/FEDORA-2016-f9789605ac
NetworkManager-1.0.10-3.fc22
13
https://bodhi.fedoraproject.org/updates/FEDORA-2016-706c28d619 koji-1.10.1-3.fc22
12
https://bodhi.fedoraproject.org/updates/FEDORA-2016-bf56b612e9
libbluray-0.9.2-1.fc22
12
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4d5434d82f parted-3.2-16.fc22
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-364c0a9df4
bind-9.10.3-9.P4.fc22
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-11b32d067d
gtk2-2.24.30-1.fc22
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-76aa957f67
gnutls-3.3.22-1.fc22
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a55a84a795
kernel-4.4.5-200.fc22
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d339d610c1
openssh-6.9p1-11.fc22
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4072c51267 dracut-041-15.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d4e6e32c1c
upower-0.99.3-2.fc22
The following builds have been pushed to Fedora 22 updates-testing
ansible1.9-1.9.4-2.fc22
armadillo-6.600.4-1.fc22
bugwarrior-1.4.0-1.fc22
distribution-gpg-keys-1.4-1.fc22
efl-1.17.0-4.fc22
fuse-zip-0.4.2-1.fc22
globus-common-16.2-1.fc22
globus-proxy-utils-6.15-1.fc22
gnome-abrt-1.2.0-5.fc22
hgsvn-0.3.15-1.fc22
libbson-1.3.4-1.fc22
libtranslate-0.99-100.fc22
lilypond-2.19.38-1.fc22
lilypond-doc-2.19.38-1.fc22
menulibre-2.1.2-4.fc22
myproxy-6.1.17-1.fc22
perl-Canary-Stability-2011-1.fc22
php-di-5.2.2-2.fc22
php-guzzlehttp-promises-1.1.0-1.fc22
php-paragonie-random-compat-1.2.2-1.fc22
php-phpunit-PHPUnit-4.8.24-1.fc22
python-babelfish-0.5.5-2.fc22
python-productmd-1.0-13.fc22
rubygem-domain_name-0.5.20160309-1.fc22
scummvm-1.8.0-1.fc22
scummvm-tools-1.8.0-1.fc22
sddm-0.13.0-6.fc22
svxlink-15.11-1.fc22
tilda-1.3.2-1.fc22
torbrowser-launcher-0.2.4-1.fc22
upower-0.99.3-2.fc22
xpad-4.7.0-1.fc22
Details about builds:
================================================================================
ansible1.9-1.9.4-2.fc22 (FEDORA-2016-e1ba0aa07d)
SSH-based configuration management, deployment, and task execution system
--------------------------------------------------------------------------------
Update Information:
New compat package to provide ansible 1.x for people transitioning from older
ansible to the ansible-2.0 package.
--------------------------------------------------------------------------------
================================================================================
armadillo-6.600.4-1.fc22 (FEDORA-2016-38162cfd1c)
Fast C++ matrix library with interfaces to LAPACK and ATLAS
--------------------------------------------------------------------------------
Update Information:
New stable armadillo release with the following changes: * fix for gmm_diag
when using Mahalanobis distance * expanded sum(), mean(), min(), max() to handle
cubes * expanded Cube class to handle arbitrarily sized empty cubes (eg. 0x5x2)
* added shift() for circular shifts of elements * added sqrtmat() for finding
the square root of a matrix.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1317870 - armadillo-6.600.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1317870
--------------------------------------------------------------------------------
================================================================================
bugwarrior-1.4.0-1.fc22 (FEDORA-2016-bb4adac898)
Sync github, bitbucket, and trac issues with taskwarrior
--------------------------------------------------------------------------------
Update Information:
Latest upstream.
https://github.com/ralphbean/bugwarrior/blob/develop/CHANGELOG.rst#140
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1317164 - bugwarrior-1.4.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1317164
--------------------------------------------------------------------------------
================================================================================
distribution-gpg-keys-1.4-1.fc22 (FEDORA-2016-d6964b173c)
Keys of various Linux distributions
--------------------------------------------------------------------------------
Update Information:
* updated Copr keys * added mageia keys
--------------------------------------------------------------------------------
================================================================================
efl-1.17.0-4.fc22 (FEDORA-2016-5e75c961ce)
Collection of Enlightenment libraries
--------------------------------------------------------------------------------
Update Information:
- Disable wayland for Fedora 22 and EPEL, as they do not have dependencies
--------------------------------------------------------------------------------
================================================================================
fuse-zip-0.4.2-1.fc22 (FEDORA-2016-be7996eccc)
Filesystem to navigate, extract, create and modify ZIP archives
--------------------------------------------------------------------------------
Update Information:
Update to 0.4.2.
--------------------------------------------------------------------------------
================================================================================
globus-common-16.2-1.fc22 (FEDORA-2016-e3321db2fd)
Globus Toolkit - Common Library
--------------------------------------------------------------------------------
Update Information:
globus-proxy-utils - Better support for checking cert names. globus-common -
Minor documentation fix. myproxy - Handle error returns from OCSP_parse_url.
--------------------------------------------------------------------------------
================================================================================
globus-proxy-utils-6.15-1.fc22 (FEDORA-2016-e3321db2fd)
Globus Toolkit - Globus GSI Proxy Utility Programs
--------------------------------------------------------------------------------
Update Information:
globus-proxy-utils - Better support for checking cert names. globus-common -
Minor documentation fix. myproxy - Handle error returns from OCSP_parse_url.
--------------------------------------------------------------------------------
================================================================================
gnome-abrt-1.2.0-5.fc22 (FEDORA-2016-fd679e0d84)
A utility for viewing problems that have occurred with the system
--------------------------------------------------------------------------------
Update Information:
- Show HiDPI icons on HiDPI screens - Fix a DeprecationWarning in Python 3.4 (a
runtime error in Python 3.5) - Fix a crash when displaying a problem without
'cmdline' item - More minor bugs fixed - Add kudos to the AppData file - Details
pane: new design - More minor UI improvements - Translation added: Khmer - Other
translation updates
--------------------------------------------------------------------------------
================================================================================
hgsvn-0.3.15-1.fc22 (FEDORA-2016-56f96fb959)
A set of scripts to work locally on subversion checkouts using mercurial
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release 0.3.15.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1314982 - hgsvn-0.3.15 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1314982
--------------------------------------------------------------------------------
================================================================================
libbson-1.3.4-1.fc22 (FEDORA-2016-1379c03ff0)
Building, parsing, and iterating BSON documents
--------------------------------------------------------------------------------
Update Information:
This release improves build script. We deliver it only to provide latest version
string.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1317713 - libbson-1.3.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1317713
--------------------------------------------------------------------------------
================================================================================
libtranslate-0.99-100.fc22 (FEDORA-2016-21ad411bd8)
Natural language translation library
--------------------------------------------------------------------------------
Update Information:
Update services.xml file
--------------------------------------------------------------------------------
================================================================================
lilypond-2.19.38-1.fc22 (FEDORA-2016-448973e3bf)
A typesetting system for music notation
--------------------------------------------------------------------------------
Update Information:
Latest upstream.
--------------------------------------------------------------------------------
================================================================================
lilypond-doc-2.19.38-1.fc22 (FEDORA-2016-448973e3bf)
HTML documentation for LilyPond
--------------------------------------------------------------------------------
Update Information:
Latest upstream.
--------------------------------------------------------------------------------
================================================================================
menulibre-2.1.2-4.fc22 (FEDORA-2016-0716991b47)
FreeDesktop.org compliant menu editor
--------------------------------------------------------------------------------
Update Information:
Fix a problem where adding a launcher and no directory was selected would emit a
type error
--------------------------------------------------------------------------------
================================================================================
myproxy-6.1.17-1.fc22 (FEDORA-2016-e3321db2fd)
Manage X.509 Public Key Infrastructure (PKI) security credentials
--------------------------------------------------------------------------------
Update Information:
globus-proxy-utils - Better support for checking cert names. globus-common -
Minor documentation fix. myproxy - Handle error returns from OCSP_parse_url.
--------------------------------------------------------------------------------
================================================================================
perl-Canary-Stability-2011-1.fc22 (FEDORA-2016-eea999568c)
Canary to check perl compatibility for Schmorp's modules
--------------------------------------------------------------------------------
Update Information:
This release fixes color printing. It also improves the message text.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1317254 - perl-Canary-Stability-2011 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1317254
--------------------------------------------------------------------------------
================================================================================
php-di-5.2.2-2.fc22 (FEDORA-2016-adb2640b55)
The dependency injection container for humans
--------------------------------------------------------------------------------
Update Information:
### 5.2.2 * Fix [#379](https://github.com/PHP-DI/PHP-DI/issues/379) Wrong match
when using wildcards (by @HexSource and @mnapoli) ### 5.2.1 * Fix
[#366](https://github.com/PHP-DI/PHP-DI/issues/366): Handle collisions between
identical parent and child private properties ([#367](https://github.com/PHP-DI
/PHP-DI/issues/367) by @mnapoli)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1298928 - php-di-5.2.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1298928
--------------------------------------------------------------------------------
================================================================================
php-guzzlehttp-promises-1.1.0-1.fc22 (FEDORA-2016-b137a03e79)
Guzzle promises library
--------------------------------------------------------------------------------
Update Information:
### 1.1.0 - 2016-03-07 * Update EachPromise to prevent recurring on a iterator
when advancing, as this could trigger fatal generator errors. * Update Promise
to allow recursive waiting without unwrapping exceptions.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1315685 - php-guzzlehttp-promises-1.1.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1315685
--------------------------------------------------------------------------------
================================================================================
php-paragonie-random-compat-1.2.2-1.fc22 (FEDORA-2016-58d4852999)
PHP 5.x polyfill for random_bytes() and random_int() from PHP 7
--------------------------------------------------------------------------------
Update Information:
### Version 1.2.2 - 2016-03-11 * To prevent applications from hanging, if
`/dev/urandom` is not accessible to PHP, skip mcrypt (which just fails before
giving OpenSSL a chance and was morally equivalent to not offering OpenSSL at
all). ### Version 1.2.1 - 2016-02-29 * PHP 5.6.10 - 5.6.12 will hang when
mcrypt is used on Unix-based operating systems ([PHP bug
69833](https://bugs.php.net/bug.php?id=69833)). If you are running one of
these versions, please upgrade (or make sure `/dev/urandom` is readable)
otherwise you're relying on OpenSSL. ### Version 1.2.0 - 2016-02-05 *
Whitespace and other cosmetic changes * Added a changelog. ### Version 1.1.6 -
2016-01-29 * Eliminate `open_basedir` warnings by detecting this configuration
setting. (Thanks [@oucil](https://github.com/oucil) for reporting this.) *
Added install instructions to the README. * Documentation cleanup (there is, in
fact, no `MCRYPT_CREATE_IV` constant, I meant to write `MCRYPT_DEV_URANDOM`)
### Version 1.1.5 - 2016-01-06 * Prevent fatal errors on platforms with older
versions of libsodium.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1296738 - php-paragonie-random-compat-1.2.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1296738
[ 2 ] Bug #1317102 - php-paragonie-random-compat-1.2.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1317102
--------------------------------------------------------------------------------
================================================================================
php-phpunit-PHPUnit-4.8.24-1.fc22 (FEDORA-2016-ca82972c1e)
The PHP Unit Testing framework
--------------------------------------------------------------------------------
Update Information:
**Version 4.8.24** - 2016-03-14 * Fixed #1959: Prophecy errors are not
handled correctly * Fixed #2039: TestDox does not handle snake_case test
methods properly * Fixed #2109: Process isolation leaks global variable
--------------------------------------------------------------------------------
================================================================================
python-babelfish-0.5.5-2.fc22 (FEDORA-2016-9943a37645)
Python library to work with countries and languages
--------------------------------------------------------------------------------
Update Information:
New package python-babelfish
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1298238 - Review Request: python-babelfish - Python library to work with
countries and languages
https://bugzilla.redhat.com/show_bug.cgi?id=1298238
--------------------------------------------------------------------------------
================================================================================
python-productmd-1.0-13.fc22 (FEDORA-2016-4e436e2043)
Library providing parsers for metadata related to OS installation
--------------------------------------------------------------------------------
Update Information:
add patch for supporting subvariant
--------------------------------------------------------------------------------
================================================================================
rubygem-domain_name-0.5.20160309-1.fc22 (FEDORA-2016-484410bf2f)
Domain Name manipulation library for Ruby
--------------------------------------------------------------------------------
Update Information:
New version 0.5.20160309 is released.
--------------------------------------------------------------------------------
================================================================================
scummvm-1.8.0-1.fc22 (FEDORA-2016-e1c6c3cd0f)
Interpreter for several adventure games
--------------------------------------------------------------------------------
Update Information:
Update to 1.8.0 release
--------------------------------------------------------------------------------
================================================================================
scummvm-tools-1.8.0-1.fc22 (FEDORA-2016-2186f3eb65)
Tools for scummVM / S.C.U.M.M scripting language
--------------------------------------------------------------------------------
Update Information:
Update to 1.8.0 release
--------------------------------------------------------------------------------
================================================================================
sddm-0.13.0-6.fc22 (FEDORA-2016-6a2445f5c8)
QML based X11 desktop manager
--------------------------------------------------------------------------------
Update Information:
Enable gnome-pam-keyring support.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1317066 - sddm: use pam_gnome_keyring
https://bugzilla.redhat.com/show_bug.cgi?id=1317066
--------------------------------------------------------------------------------
================================================================================
svxlink-15.11-1.fc22 (FEDORA-2016-5a5b30812d)
Repeater controller and EchoLink (simplex or repeater)
--------------------------------------------------------------------------------
Update Information:
Sync to 15.11 release ---- svxlink-14.08.1-3.fc21 - fix installed tmpfsfile
(#1266511) svxlink-14.08.1-3.fc22 - fix installed tmpfsfile (#1266511)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1266511 - Service file installed instead of the tmpfs configuration
https://bugzilla.redhat.com/show_bug.cgi?id=1266511
--------------------------------------------------------------------------------
================================================================================
tilda-1.3.2-1.fc22 (FEDORA-2016-1ff66ff94d)
A Gtk based drop down terminal for Linux and Unix
--------------------------------------------------------------------------------
Update Information:
- update to 1.3.2 - fixes bug #1317285
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1317285 - update 1.3.2
https://bugzilla.redhat.com/show_bug.cgi?id=1317285
--------------------------------------------------------------------------------
================================================================================
torbrowser-launcher-0.2.4-1.fc22 (FEDORA-2016-0429f34acd)
Tor Browser Bundle managing tool
--------------------------------------------------------------------------------
Update Information:
Fix signature verification bypass attack, reported by Jann Horn
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1317324 - torbrowser-launcher-v0.2.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1317324
--------------------------------------------------------------------------------
================================================================================
upower-0.99.3-2.fc22 (FEDORA-2016-d4e6e32c1c)
Power Management Service
--------------------------------------------------------------------------------
Update Information:
This update fixes a crash when an unpaired iPhone is plugged in. It should also
fix access to a number of UPS devices.
--------------------------------------------------------------------------------
================================================================================
xpad-4.7.0-1.fc22 (FEDORA-2016-17bac3cde2)
Sticky notepad for GTK
--------------------------------------------------------------------------------
Update Information:
Update to 4.7.0. Fixes bugs: #1317140 and #1299088
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1317140 - xpad-4.7.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1317140
[ 2 ] Bug #1299088 - XPad starts automatically at login (because it provides
/etc/xdg/autostart/xpad.desktop file)
https://bugzilla.redhat.com/show_bug.cgi?id=1299088
--------------------------------------------------------------------------------