The following Fedora 22 Security updates need testing:
Age URL
349
https://bodhi.fedoraproject.org/updates/FEDORA-2015-5878
echoping-6.1-0.beta.r434svn.1.fc22
298
https://bodhi.fedoraproject.org/updates/FEDORA-2015-9185
ceph-deploy-1.5.25-1.fc22
231
https://bodhi.fedoraproject.org/updates/FEDORA-2015-12781
python-kdcproxy-0.3.2-1.fc22
185
https://bodhi.fedoraproject.org/updates/FEDORA-2015-16239 nagios-4.0.8-1.fc22
173
https://bodhi.fedoraproject.org/updates/FEDORA-2015-2d37e7dacf
openstack-swift-2.2.0-6.fc22
143
https://bodhi.fedoraproject.org/updates/FEDORA-2015-9039c25f1d
miniupnpc-1.9-6.fc22
125
https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4
libpng-1.6.16-4.fc22
125
https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6
libpng-1.6.16-5.fc22
107
https://bodhi.fedoraproject.org/updates/FEDORA-2015-3a5cebb105
ImageMagick-6.9.2.7-1.fc22
92
https://bodhi.fedoraproject.org/updates/FEDORA-2015-b9e4c97ff1 sos-3.2-2.fc22
66
https://bodhi.fedoraproject.org/updates/FEDORA-2015-f683150aa0
thttpd-2.25b-37.fc22
54
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4c57c232c0
xulrunner-44.0-1.fc22
42
https://bodhi.fedoraproject.org/updates/FEDORA-2016-560802e52b
xdelta-3.0.7-7.fc22
31
https://bodhi.fedoraproject.org/updates/FEDORA-2016-24d134e494
mingw-nsis-2.50-1.fc22
23
https://bodhi.fedoraproject.org/updates/FEDORA-2016-338a7e9925
graphite2-1.3.6-1.fc22
18
https://bodhi.fedoraproject.org/updates/FEDORA-2016-3cbe9ad765
python-pygments-2.1.3-1.fc22
14
https://bodhi.fedoraproject.org/updates/FEDORA-2016-7b40eb9e29
libecap-1.0.0-1.fc22 squid-3.5.10-1.fc22
13
https://bodhi.fedoraproject.org/updates/FEDORA-2016-bb7bdd7063
php-pecl-http-2.5.6-1.fc22
13
https://bodhi.fedoraproject.org/updates/FEDORA-2016-5f44e89fe0
python-tgcaptcha2-0.3.1-1.fc22
11
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d339d610c1
openssh-6.9p1-11.fc22
11
https://bodhi.fedoraproject.org/updates/FEDORA-2016-e6651efbaf
tomcat-7.0.68-3.fc22
11
https://bodhi.fedoraproject.org/updates/FEDORA-2016-161b73fc2c
bind99-9.9.8-4.P4.fc22
11
https://bodhi.fedoraproject.org/updates/FEDORA-2016-364c0a9df4
bind-9.10.3-9.P4.fc22
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-ddc8c5c950
seamonkey-2.40-1.fc22
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-47c0adc816
webkitgtk3-2.4.10-1.fc22
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-9ec1850fff
webkitgtk-2.4.10-1.fc22
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-68b43a4e0d
webkitgtk4-2.10.9-1.fc22
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-bfaf6a133b qemu-2.3.1-13.fc22
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-cee7647200 git-2.4.11-1.fc22
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-ed99cb602e
krb5-1.13.2-14.fc22
2
https://bodhi.fedoraproject.org/updates/FEDORA-2016-665c11ed92
libmaxminddb-1.1.5-1.fc22
2
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b91d895e5a
moodle-2.8.11-1.fc22
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-06e4c327b7 vtun-3.0.3-15.fc22
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-dc3740c56e
apache-commons-collections-3.2.2-3.fc22
The following Fedora 22 Critical Path updates have yet to be approved:
Age URL
224
https://bodhi.fedoraproject.org/updates/FEDORA-2015-13210 yum-3.4.3-508.fc22
143
https://bodhi.fedoraproject.org/updates/FEDORA-2015-2123de044f
libgphoto2-2.5.8-1.fc22
139
https://bodhi.fedoraproject.org/updates/FEDORA-2015-48f718ed1b vim-7.4.909-1.fc22
125
https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6
libpng-1.6.16-5.fc22
125
https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4
libpng-1.6.16-4.fc22
54
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4c57c232c0
xulrunner-44.0-1.fc22
49
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d3fce30d64
mobile-broadband-provider-info-1.20151214-1.fc22
31
https://bodhi.fedoraproject.org/updates/FEDORA-2016-ce419c9cab
selinux-policy-3.13.1-128.28.fc22
23
https://bodhi.fedoraproject.org/updates/FEDORA-2016-3b03252507
rpm-4.12.0.1-16.fc22
20
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4d5434d82f parted-3.2-16.fc22
11
https://bodhi.fedoraproject.org/updates/FEDORA-2016-364c0a9df4
bind-9.10.3-9.P4.fc22
11
https://bodhi.fedoraproject.org/updates/FEDORA-2016-11b32d067d
gtk2-2.24.30-1.fc22
11
https://bodhi.fedoraproject.org/updates/FEDORA-2016-76aa957f67
gnutls-3.3.22-1.fc22
11
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d339d610c1
openssh-6.9p1-11.fc22
11
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4072c51267 dracut-041-15.fc22
7
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d4e6e32c1c
upower-0.99.3-2.fc22
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-dbc09943ac
ca-certificates-2016.2.7-1.0.fc22
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4e719508d2 pcre-8.38-4.fc22
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-47c0adc816
webkitgtk3-2.4.10-1.fc22
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-ed99cb602e
krb5-1.13.2-14.fc22
2
https://bodhi.fedoraproject.org/updates/FEDORA-2016-33be675c57
firefox-45.0.1-2.fc22
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-fe22f37fba
hwdata-0.287-1.fc22
The following builds have been pushed to Fedora 22 updates-testing
apache-commons-collections-3.2.2-3.fc22
fedpkg-1.22-3.fc22
golang-github-coreos-pkg-0-0.6.git2c77715.fc22
golang-github-grpc-grpc-go-0-0.6.gitb88c12e.fc22
golang-github-olekukonko-tablewriter-0-0.2.gitcca8bbc.fc22
golang-github-russross-blackfriday-1.2-14.fc22
golang-github-shurcooL-sanitized_anchor_name-0-0.9.git10ef21a.fc22
golang-googlecode-goprotobuf-0-0.21.git6aaa8d4.fc22
golang-googlecode-net-0-0.31.git6acef71.fc22
kscreenlocker-5.5.5-2.fc22
libreoffice-4.4.7.2-5.fc22
man-pages-3.81-5.fc22
perl-DBD-SQLite-1.46-4.fc22
perl-Qt-0.96.0-14.fc22
php-horde-ingo-3.2.9-1.fc22
php-horde-turba-4.2.13-1.fc22
php-horde-wicked-2.0.5-1.fc22
php-sabre-xml-1.4.0-1.fc22
phpMyAdmin-4.6.0-1.fc22
plasma-systemsettings-5.5.5-2.fc22
python-aiohttp-0.21.5-1.fc22
python-behave-1.2.5-11.fc22
rpkg-1.43-1.fc22
tweak-3.02-1.fc22
uid_wrapper-1.2.1-1.fc22
Details about builds:
================================================================================
apache-commons-collections-3.2.2-3.fc22 (FEDORA-2016-dc3740c56e)
Provides new interfaces, implementations and utilities for Java Collections
--------------------------------------------------------------------------------
Update Information:
Update to upstream version 3.2.2 which fixes serialization vulnerability
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1316430 - Version 3.2.1 has a CVSS 10.0 vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=1316430
--------------------------------------------------------------------------------
================================================================================
fedpkg-1.22-3.fc22 (FEDORA-2016-afd32f1ad8)
Fedora utility for working with dist-git
--------------------------------------------------------------------------------
Update Information:
* new support for dist git namespacing * adds copr-build command
--------------------------------------------------------------------------------
================================================================================
golang-github-coreos-pkg-0-0.6.git2c77715.fc22 (FEDORA-2016-6a7ef7cf22)
A collection of go utility packages
--------------------------------------------------------------------------------
Update Information:
Update ---- Bump to upstream 42a8c3b1a6f917bb8346ef738f32712a7ca0ede7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1250457 - Tracker for golang-github-coreos-pkg
https://bugzilla.redhat.com/show_bug.cgi?id=1250457
[ 2 ] Bug #1245958 - Review Request: golang-github-coreos-pkg - A collection of go
utility packages
https://bugzilla.redhat.com/show_bug.cgi?id=1245958
--------------------------------------------------------------------------------
================================================================================
golang-github-grpc-grpc-go-0-0.6.gitb88c12e.fc22 (FEDORA-2016-24e7c79eaa)
The Go language implementation of gRPC. HTTP/2 based RPC
--------------------------------------------------------------------------------
Update Information:
Update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1250461 - Tracker for golang-github-grpc-grpc-go
https://bugzilla.redhat.com/show_bug.cgi?id=1250461
--------------------------------------------------------------------------------
================================================================================
golang-github-olekukonko-tablewriter-0-0.2.gitcca8bbc.fc22 (FEDORA-2016-a1902abcf8)
ASCII table in golang
--------------------------------------------------------------------------------
Update Information:
Update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1320304 - Tracker for golang-github-olekukonko-tablewriter
https://bugzilla.redhat.com/show_bug.cgi?id=1320304
--------------------------------------------------------------------------------
================================================================================
golang-github-russross-blackfriday-1.2-14.fc22 (FEDORA-2016-e8f66ea6e4)
Markdown processor implemented in Go
--------------------------------------------------------------------------------
Update Information:
Update ---- Update spec file to spec-2.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1222338 - Tracker for golang-github-russross-blackfriday
https://bugzilla.redhat.com/show_bug.cgi?id=1222338
--------------------------------------------------------------------------------
================================================================================
golang-github-shurcooL-sanitized_anchor_name-0-0.9.git10ef21a.fc22
(FEDORA-2016-bafa882af5)
Package sanitized_anchor_name provides a func to create sanitized anchor names
--------------------------------------------------------------------------------
Update Information:
Update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1222336 - Tracker for golang-github-shurcooL-sanitized_anchor_name
https://bugzilla.redhat.com/show_bug.cgi?id=1222336
--------------------------------------------------------------------------------
================================================================================
golang-googlecode-goprotobuf-0-0.21.git6aaa8d4.fc22 (FEDORA-2016-d7088441b5)
Go support for Google protocol buffers
--------------------------------------------------------------------------------
Update Information:
Update ---- Bump to upstream 0f7a9caded1fb3c9cc5a9b4bcf2ff633cc8ae644
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1246113 - Tracker for golang-googlecode-goprotobuf
https://bugzilla.redhat.com/show_bug.cgi?id=1246113
--------------------------------------------------------------------------------
================================================================================
golang-googlecode-net-0-0.31.git6acef71.fc22 (FEDORA-2016-7b02da028e)
Supplementary Go networking libraries
--------------------------------------------------------------------------------
Update Information:
Update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1230677 - Tracker for golang-googlecode-net
https://bugzilla.redhat.com/show_bug.cgi?id=1230677
--------------------------------------------------------------------------------
================================================================================
kscreenlocker-5.5.5-2.fc22 (FEDORA-2016-93f6f1ba20)
Library and components for secure lock screen architecture
--------------------------------------------------------------------------------
Update Information:
Add Conflicts: plasma-workspace < 5.5
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1320499 - dnf upgrade from Fedora 21 to 22 fails due to conflicts between
plasma-workspace and kscreenlocker
https://bugzilla.redhat.com/show_bug.cgi?id=1320499
--------------------------------------------------------------------------------
================================================================================
libreoffice-4.4.7.2-5.fc22 (FEDORA-2016-42b5d8ffe7)
Free Software Productivity Suite
--------------------------------------------------------------------------------
Update Information:
Resolves: rhbz#1318333 can't open xlsx document
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1318333 - can't open xlsx document
https://bugzilla.redhat.com/show_bug.cgi?id=1318333
--------------------------------------------------------------------------------
================================================================================
man-pages-3.81-5.fc22 (FEDORA-2016-2bab047f46)
Linux kernel and C library user-space interface documentation
--------------------------------------------------------------------------------
Update Information:
* backport changes in FTM requirements from version 4.05 * strftime.3: Note
which 'tm' fields are used to calculate each output string
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1162218 - strftime(3) manpage should specify struct tm elements used/ignored
https://bugzilla.redhat.com/show_bug.cgi?id=1162218
[ 2 ] Bug #1083071 - manual pages document _BSD_SOURCE and _SVID_SOURCE feature macros
despite that they are deprecated
https://bugzilla.redhat.com/show_bug.cgi?id=1083071
--------------------------------------------------------------------------------
================================================================================
perl-DBD-SQLite-1.46-4.fc22 (FEDORA-2016-4deb64b3c1)
SQLite DBI Driver
--------------------------------------------------------------------------------
Update Information:
This release adapts to disabled FTS3 tokenizer in sqlite-3.11.0.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1309675 - perl-DBD-SQLite-1.50-1.fc24 FTBFS: t/43_fts3.t test fails
https://bugzilla.redhat.com/show_bug.cgi?id=1309675
--------------------------------------------------------------------------------
================================================================================
perl-Qt-0.96.0-14.fc22 (FEDORA-2016-27bf0fbc49)
Perl bindings for Qt
--------------------------------------------------------------------------------
Update Information:
This release fixes code generation with "puic4 -x" command.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1118240 - puic4 is broken: fix provided
https://bugzilla.redhat.com/show_bug.cgi?id=1118240
--------------------------------------------------------------------------------
================================================================================
php-horde-ingo-3.2.9-1.fc22 (FEDORA-2016-a448d08f33)
An email filter rules manager
--------------------------------------------------------------------------------
Update Information:
**ingo 3.2.9** * [mjr] Fix PHP deprecated warnings in unit test (PR #176,
Mathieu Parent). * [mjr] Honor 'date', 'echo', and 'ls' path
overrides (Bug
#14284). * [jan] Update Greek translation (Limperis Antonis). * [jan] Fix Oracle
compatibility (Bug #14262).
--------------------------------------------------------------------------------
================================================================================
php-horde-turba-4.2.13-1.fc22 (FEDORA-2016-18ac25d29a)
A web based address book
--------------------------------------------------------------------------------
Update Information:
**turba 4.2.13** * [mjr] Honor alternative_name mapping (Bug #14280). * [mjr]
Fix dealing with orphaned virtual address books. * [jan] Update Greek
translation (Limperis Antonis).
--------------------------------------------------------------------------------
================================================================================
php-horde-wicked-2.0.5-1.fc22 (FEDORA-2016-78ead7ca0f)
Wiki application
--------------------------------------------------------------------------------
Update Information:
**wicked 2.0.5** * [jan] Use access rules compatible with both Apache 2.2 and
2.4.
--------------------------------------------------------------------------------
================================================================================
php-sabre-xml-1.4.0-1.fc22 (FEDORA-2016-c8e6c54297)
XML library that you may not hate
--------------------------------------------------------------------------------
Update Information:
he sabre/xml library is a specialized XML reader and writer. Autoloader:
/usr/share/php/Sabre/Xml/autoload.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1316912 - Review Request: php-sabre-xml - XML library that you may not hate
https://bugzilla.redhat.com/show_bug.cgi?id=1316912
--------------------------------------------------------------------------------
================================================================================
phpMyAdmin-4.6.0-1.fc22 (FEDORA-2016-282e0086b4)
Handle the administration of MySQL over the World Wide Web
--------------------------------------------------------------------------------
Update Information:
From upstream [Release
Notes](https://www.phpmyadmin.net/files/4.6.0/): Welcome
to phpMyAdmin 4.6.0, a regular maintenance release including over 60 new
features and bug fixes. Please note that this release ends support for old
versions of Microsoft Internet Explorer, which are no longer supported by
Microsoft. There is a new configuration directive,
$cfg['Servers'][$i]['ssl_verify'] which is useful in some cases with
self-signed
certificates. The ForceSSL and PmaAbsoluteUri configuration directives have been
removed (the functions of both of these should better be handled by the
webserver than the application). A complete list of new features and bugs that
have been fixed is available in the ChangeLog file or changelog.php included
with this release. A few highlights: * Allow setting routine-wise privileges *
UI for defining partitioning in create table window * Support JSON data type *
Editing partitions in table Structure * Copy results to clipboard * Reactivate
cut&paste possibility in print view * Display binary strings as text if they are
valid UTF-8 * Copy multiple tables to database * Show MySQL error messages in
user language * Add new configuration directive 'ssl_verify' for self-signed
certificates with mysqlnd and PHP >=5.6 * Remove ForceSSL and PmaAbsoluteUri
configuration directives (these are better handled by proper webserver
configuration) * Fixed several bugs relating to exporting, particularly with
DEFAULT and COMMENT fields There are many more improvements; please refer to
the ChangeLog for full details.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1320352 - phpMyAdmin-4.6.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1320352
--------------------------------------------------------------------------------
================================================================================
plasma-systemsettings-5.5.5-2.fc22 (FEDORA-2016-69f0123658)
KDE System Settings application
--------------------------------------------------------------------------------
Update Information:
Add Conflicts: kde-workspace < 5.0 to give extra depsolver hints on upgrades
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1268493 - dnf system upgrade fails due to conflict between
plasma-systemsettings.f22 kde-workspace.f21
https://bugzilla.redhat.com/show_bug.cgi?id=1268493
--------------------------------------------------------------------------------
================================================================================
python-aiohttp-0.21.5-1.fc22 (FEDORA-2016-83393afd92)
A Python HTTP client/server for asyncio
--------------------------------------------------------------------------------
Update Information:
Update to new upstream version 0.21.5
--------------------------------------------------------------------------------
================================================================================
python-behave-1.2.5-11.fc22 (FEDORA-2016-9f2f951cca)
Tools for the behavior-driven development, Python style
--------------------------------------------------------------------------------
Update Information:
/usr/bin/behave belongs to python2 package still (#1319632)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1319632 - No executable with python-behave
https://bugzilla.redhat.com/show_bug.cgi?id=1319632
--------------------------------------------------------------------------------
================================================================================
rpkg-1.43-1.fc22 (FEDORA-2016-afd32f1ad8)
Utility for interacting with rpm+git packaging systems
--------------------------------------------------------------------------------
Update Information:
* new support for dist git namespacing * adds copr-build command
--------------------------------------------------------------------------------
================================================================================
tweak-3.02-1.fc22 (FEDORA-2016-354afa4ef5)
An efficient hex editor
--------------------------------------------------------------------------------
Update Information:
New version 3.02
--------------------------------------------------------------------------------
================================================================================
uid_wrapper-1.2.1-1.fc22 (FEDORA-2016-dfeafdcb7f)
A wrapper for privilege separation
--------------------------------------------------------------------------------
Update Information:
Update to version 1.2.1
--------------------------------------------------------------------------------