Fedora 22 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Wed Jun 10 19:22:08 UTC 2015
The following Fedora 22 Security updates need testing:
Age URL
62 https://admin.fedoraproject.org/updates/FEDORA-2015-5878/echoping-6.1-0.beta.r434svn.1.fc22
61 https://admin.fedoraproject.org/updates/FEDORA-2015-5948/asterisk-13.3.2-1.fc22
40 https://admin.fedoraproject.org/updates/FEDORA-2015-7329/drupal7-views-3.11-1.fc22
39 https://admin.fedoraproject.org/updates/FEDORA-2015-7383/python-keystonemiddleware-1.3.1-1.fc22
26 https://admin.fedoraproject.org/updates/FEDORA-2015-8196/rawstudio-2.1-0.1.20150511git983bda1.fc22
11 https://admin.fedoraproject.org/updates/FEDORA-2015-9110/fossil-1.33-1.fc22
11 https://admin.fedoraproject.org/updates/FEDORA-2015-9185/ceph-deploy-1.5.25-1.fc22
4 https://admin.fedoraproject.org/updates/FEDORA-2015-9431/filezilla-3.11.0.2-1.fc22
4 https://admin.fedoraproject.org/updates/FEDORA-2015-9528/armacycles-ad-0.2.8.3.3-1.fc22
4 https://admin.fedoraproject.org/updates/FEDORA-2015-9456/xen-4.5.0-10.fc22
4 https://admin.fedoraproject.org/updates/FEDORA-2015-9498/redis-2.8.21-1.fc22
1 https://admin.fedoraproject.org/updates/FEDORA-2015-9663/libwmf-0.2.8.4-43.fc22
0 https://admin.fedoraproject.org/updates/FEDORA-2015-5279/strongswan-5.3.2-1.fc22
0 https://admin.fedoraproject.org/updates/FEDORA-2015-9692/squid-3.4.13-1.fc22
0 https://admin.fedoraproject.org/updates/FEDORA-2015-9726/cups-2.0.3-1.fc22
0 https://admin.fedoraproject.org/updates/FEDORA-2015-9712/kernel-4.0.5-300.fc22
The following Fedora 22 Critical Path updates have yet to be approved:
Age URL
11 https://admin.fedoraproject.org/updates/FEDORA-2015-9196/sendmail-8.15.1-5.fc22
11 https://admin.fedoraproject.org/updates/FEDORA-2015-9066/lorax-22.12-1.fc22
8 https://admin.fedoraproject.org/updates/FEDORA-2015-9342/perl-Curses-1.32-1.fc22
8 https://admin.fedoraproject.org/updates/FEDORA-2015-9341/openbox-3.6-1.fc22
4 https://admin.fedoraproject.org/updates/FEDORA-2015-9526/xorg-x11-drv-intel-2.99.917-11.20150603.fc22
1 https://admin.fedoraproject.org/updates/FEDORA-2015-9675/PackageKit-1.0.6-6.fc22
0 https://admin.fedoraproject.org/updates/FEDORA-2015-9721/wpa_supplicant-2.4-2.fc22
0 https://admin.fedoraproject.org/updates/FEDORA-2015-9726/cups-2.0.3-1.fc22
0 https://admin.fedoraproject.org/updates/FEDORA-2015-9711/sane-backends-1.0.24-14.fc22
0 https://admin.fedoraproject.org/updates/FEDORA-2015-9694/livecd-tools-22.2-1.fc22
The following builds have been pushed to Fedora 22 updates-testing
cups-2.0.3-1.fc22
darktable-1.6.7-1.fc22
fido-pi-0-0.1.20150209git281e4d.fc22
gecode-4.4.0-1.fc22
gnome-boxes-3.16.2-3.fc22
gnome-directory-thumbnailer-0.1.6-1.fc22
gnome-online-accounts-3.16.3-1.fc22
golang-github-garyburd-redigo-0-0.1.git3e4727f.fc22
golang-googlecode-goauth2-0-0.8.hgb5adcc2.fc22
kernel-4.0.5-300.fc22
kmod-21-1.fc22
libinput-0.17.0-2.fc22
libsedml-0.3.0-8.20150422git235bb5.fc22
livecd-tools-22.2-1.fc22
lziprecover-1.17-1.fc22
mongo-cxx-driver-1.0.2-1.fc22
mujs-0-2.20150202gitc1ad1ba.fc22
mutt-1.5.23-8.fc22
openvpn-2.3.7-1.fc22
pakiti-3.0.1-1.fc22
patchutils-0.3.4-2.fc22
python-social-auth-0.2.10-1.fc22
qt5-qtbase-5.4.2-2.fc22
qt5-qtdeclarative-5.4.2-2.fc22
salt-2015.5.2-3.fc22
sane-backends-1.0.24-14.fc22
selinux-policy-3.13.1-128.1.fc22
squid-3.4.13-1.fc22
strongswan-5.3.2-1.fc22
syncevolution-1.5.1-1.fc22
tunir-0.6-2.fc22
vdsm-4.16.20-2.fc22
whois-5.2.9-1.fc22
wpa_supplicant-2.4-2.fc22
Details about builds:
================================================================================
cups-2.0.3-1.fc22 (FEDORA-2015-9726)
CUPS printing system
--------------------------------------------------------------------------------
Update Information:
New upstream bug-fix release.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 9 2015 Jiri Popelka <jpopelka at redhat.com> - 1:2.0.3-1
- 2.0.3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1229979 - CVE-2015-1158 CVE-2015-1159 cups: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1229979
[ 2 ] Bug #1221641 - CVE-2015-1158 cups: incorrect string reference counting (VU#810572)
https://bugzilla.redhat.com/show_bug.cgi?id=1221641
[ 3 ] Bug #1221642 - CVE-2015-1159 cups: cross-site scripting flaw in CUPS web UI (VU#810572)
https://bugzilla.redhat.com/show_bug.cgi?id=1221642
--------------------------------------------------------------------------------
================================================================================
darktable-1.6.7-1.fc22 (FEDORA-2015-9728)
Utility to organize and develop raw images
--------------------------------------------------------------------------------
Update Information:
Minor update
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 9 2015 Germano Massullo <germano.massullo at gmail.com> - 1.6.7-1
- Corrected Darktable website in spec file
- Minor update
* Thu May 14 2015 Nils Philippsen <nils at redhat.com> - 1.6.6-2
- rebuild for lensfun-0.3.1
--------------------------------------------------------------------------------
================================================================================
fido-pi-0-0.1.20150209git281e4d.fc22 (FEDORA-2015-9731)
Protein identification in MS/MS proteomics
--------------------------------------------------------------------------------
Update Information:
- **New package**
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1226664 - Review Request: fido-pi - Protein identification in MS/MS proteomics
https://bugzilla.redhat.com/show_bug.cgi?id=1226664
--------------------------------------------------------------------------------
================================================================================
gecode-4.4.0-1.fc22 (FEDORA-2015-9741)
Generic constraint development environment
--------------------------------------------------------------------------------
Update Information:
Update gecode to 4.4.0.
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 2 2015 Kalev Lember <kalevlember at gmail.com> - 4.3.3-3
- Rebuilt for GCC 5 C++11 ABI change
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1228815 - upgrade gecode to 4.4.0
https://bugzilla.redhat.com/show_bug.cgi?id=1228815
--------------------------------------------------------------------------------
================================================================================
gnome-boxes-3.16.2-3.fc22 (FEDORA-2015-9715)
A simple GNOME 3 application to access remote or virtual systems
--------------------------------------------------------------------------------
Update Information:
Re-introduce libvirt-daemon-config-network dep (rhbz#1164492).
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 9 2015 Zeeshan Ali <zeenix at redhat.com> - 3.16.2-3
- Re-introduce libvirt-daemon-config-network dep (rhbz#1164492).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1164492 - Please drop libvirt 'default' network dependency for F21 GA
https://bugzilla.redhat.com/show_bug.cgi?id=1164492
--------------------------------------------------------------------------------
================================================================================
gnome-directory-thumbnailer-0.1.6-1.fc22 (FEDORA-2015-9745)
Thumbnailer for directories
--------------------------------------------------------------------------------
Update Information:
Update to 0.1.6
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 9 2015 Yanko Kaneti <yaneti at declera.com> - 0.1.6-1
- Update to 0.1.6
--------------------------------------------------------------------------------
================================================================================
gnome-online-accounts-3.16.3-1.fc22 (FEDORA-2015-9707)
Single sign-on framework for GNOME
--------------------------------------------------------------------------------
Update Information:
Bug fixes for GNOME 3.16:
- Avoid NULL pointer dereference when EWS autodiscover fails
- Refresh credentials at startup and network changes
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 9 2015 Debarshi Ray <rishi at fedoraproject.org> - 3.16.3-1
- Update to 3.16.3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #875128 - Refresh credentials at startup and network changes
https://bugzilla.redhat.com/show_bug.cgi?id=875128
[ 2 ] Bug #1225702 - Avoid NULL pointer dereference when EWS autodiscover fails
https://bugzilla.redhat.com/show_bug.cgi?id=1225702
--------------------------------------------------------------------------------
================================================================================
golang-github-garyburd-redigo-0-0.1.git3e4727f.fc22 (FEDORA-2015-9697)
Go client for Redis
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1228795 - Review Request: golang-github-garyburd-redigo - Go client for Redis
https://bugzilla.redhat.com/show_bug.cgi?id=1228795
--------------------------------------------------------------------------------
================================================================================
golang-googlecode-goauth2-0-0.8.hgb5adcc2.fc22 (FEDORA-2015-9748)
OAuth 2.0 for Go clients
--------------------------------------------------------------------------------
Update Information:
Add missing Provides
Bump to upstream b5adcc2dcdf009d0391547edc6ecbaff889f5bb9
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 9 2015 jchaloup <jchaloup at redhat.com> - 0-0.8.hgb5adcc2
- Add missing Provides
related: #1227273
* Tue Jun 2 2015 jchaloup <jchaloup at redhat.com> - 0-0.7.hgb5adcc2
- Bump to upstream b5adcc2dcdf009d0391547edc6ecbaff889f5bb9
resolves: #1227273
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1227273 - Tracker for golang-googlecode-goauth2
https://bugzilla.redhat.com/show_bug.cgi?id=1227273
--------------------------------------------------------------------------------
================================================================================
kernel-4.0.5-300.fc22 (FEDORA-2015-9712)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream stable release, Linux v4.0.5. Wide variety of fixes across the tree.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 8 2015 Josh Boyer <jwboyer at fedoraproject.org>
- Linux v4.0.5
* Thu Jun 4 2015 Josh Boyer <jwboyer at fedoraproject.org>
- Backport commit to fix block spew (rhbz 1226621)
- Add patch to fix SMT guests on POWER7 (rhbz 1227877)
- Add patch to turn of WC mmaps on i915 from airlied (rhbz 1226743)
* Wed Jun 3 2015 Laura Abbott <labbott at fedoraproject.org>
- Fix del_timer_sync in mwifiex
* Wed Jun 3 2015 Laura Abbott <labbott at fedoraproject.org>
- Drop that blasted firwmare warning until we get a real fix (rhbz 1133378)
* Wed Jun 3 2015 Laura Abbott <labbott at fedoraproject.org>
- Fix auditing of canonical mode (rhbz 1188695)
* Wed Jun 3 2015 Josh Boyer <jwboyer at fedoraproject.org>
- CVE-2015-1420 fhandle race condition (rhbz 1187534 1227417)
* Tue Jun 2 2015 Laura Abbott <labbott at fedoraproject.org>
- Fix fd_do_rw error (rhbz 1218882)
* Tue Jun 2 2015 Josh Boyer <jwboyer at fedoraproject.org>
- Fix middle button issues on external Lenovo keyboards (rhbz 1225563)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1187534 - CVE-2015-1420 kernel: fs/fhandle.c race condition
https://bugzilla.redhat.com/show_bug.cgi?id=1187534
--------------------------------------------------------------------------------
================================================================================
kmod-21-1.fc22 (FEDORA-2015-9700)
Linux kernel module management utilities
--------------------------------------------------------------------------------
Update Information:
Update to the latest upstream kmod release.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 9 2015 Josh Boyer <jwboyer at fedoraproject.org> - 21-1
- Update to verion 21
--------------------------------------------------------------------------------
================================================================================
libinput-0.17.0-2.fc22 (FEDORA-2015-9749)
Input device library
--------------------------------------------------------------------------------
Update Information:
Cap the minimum acceleration slowdown at 0.3 (#1227796)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 9 2015 Peter Hutterer <peter.hutterer at redhat.com> 0.17.0-2
- Cap the minimum acceleration slowdown at 0.3 (#1227796)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1227796 - No synaptics driver loaded
https://bugzilla.redhat.com/show_bug.cgi?id=1227796
--------------------------------------------------------------------------------
================================================================================
libsedml-0.3.0-8.20150422git235bb5.fc22 (FEDORA-2015-9735)
Library that fully supports SED-ML for SBML
--------------------------------------------------------------------------------
Update Information:
- **New package**
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1177857 - Review Request: libsedml - Library that fully supports SED-ML for SBML
https://bugzilla.redhat.com/show_bug.cgi?id=1177857
--------------------------------------------------------------------------------
================================================================================
livecd-tools-22.2-1.fc22 (FEDORA-2015-9694)
Tools for building live CDs
--------------------------------------------------------------------------------
Update Information:
litd: All parted calls should use -s mode (#1195478) (bcl)
litd: Make sure device nodes have time to appear (bcl)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 8 2015 Brian C. Lane <bcl at redhat.com> 22.2-1
- Version 22.2 (bcl)
- litd: All parted calls should use -s mode (#1195478) (bcl)
- litd: Make sure device nodes have time to appear (bcl)
--------------------------------------------------------------------------------
================================================================================
lziprecover-1.17-1.fc22 (FEDORA-2015-9739)
Data recovery tool and decompressor for files in the lzip compressed format
--------------------------------------------------------------------------------
Update Information:
2015-05-28 Antonio Diaz Diaz <antonio at gnu.org>
* Version 1.17 released.
* New block selection algorithm makes merge up to 100 times faster.
* repair.cc: Repair time has been reduced by 15%.
* Added new option '-y, --debug-delay'.
* Added new option '-z, --debug-repair'.
* Makefile.in: Added new targets 'install*-compress'.
* testsuite/unzcrash.cc: Moved to top directory.
* lziprecover.texi: Added chapter 'File names'.
2014-08-29 Antonio Diaz Diaz <antonio at gnu.org>
* Version 1.16 released.
* New class LZ_mtester makes repair up to 10 times faster.
* main.cc (close_and_set_permissions): Behave like 'cp -p'.
* lziprecover.texinfo: Renamed to lziprecover.texi.
* License changed to GPL version 2 or later.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 9 2015 Jon Ciesla <limburgher at gmail.com> - 1.17-1
- 1.17, BZ 1228902.
* Sat May 2 2015 Kalev Lember <kalevlember at gmail.com> - 1.15-4
- Rebuilt for GCC 5 C++11 ABI change
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1228902 - lziprecover-1.17 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1228902
--------------------------------------------------------------------------------
================================================================================
mongo-cxx-driver-1.0.2-1.fc22 (FEDORA-2015-9706)
A legacy C++ Driver for MongoDB
--------------------------------------------------------------------------------
Update Information:
Upgrade to latest minor version 1.0.2
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 26 2015 Marek Skalicky <mskalick at redhat.com> - 1.0.2-1
- Upgrade to version 1.0.2
--------------------------------------------------------------------------------
================================================================================
mujs-0-2.20150202gitc1ad1ba.fc22 (FEDORA-2015-9746)
An embeddable Javascript interpreter
--------------------------------------------------------------------------------
Update Information:
MuJS is a lightweight Javascript interpreter designed for embedding in other software to extend them with scripting capabilities.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1219422 - Review Request: mujs - An embeddable Javascript interpreter
https://bugzilla.redhat.com/show_bug.cgi?id=1219422
--------------------------------------------------------------------------------
================================================================================
mutt-1.5.23-8.fc22 (FEDORA-2015-9742)
A text mode mail user agent
--------------------------------------------------------------------------------
Update Information:
Resolves #1227288
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 2 2015 Matej Muzila <mmuzila at redhat.com> - 5:1.5.23-8
- Resolves #1227288
- Do not send "From" header without the host part (eg. <foo@>)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1227288 - mutt sends e-mail with broken "From" header, which has no host part like <foo@>
https://bugzilla.redhat.com/show_bug.cgi?id=1227288
--------------------------------------------------------------------------------
================================================================================
openvpn-2.3.7-1.fc22 (FEDORA-2015-9709)
A full-featured SSL VPN solution
--------------------------------------------------------------------------------
Update Information:
https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 9 2015 Jon Ciesla <limburgher at gmail.com> 2.3.7-1
- 2.3.7, BZ 1229504.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1229504 - openvpn-2.3.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1229504
--------------------------------------------------------------------------------
================================================================================
pakiti-3.0.1-1.fc22 (FEDORA-2015-9702)
Patching status monitoring tool
--------------------------------------------------------------------------------
Update Information:
Update to version 3.0.1 - bugzilla 1219337
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 8 2015 Adrien Devresse <adevress at cern.ch> - 3.0.1-1
- Update to version 3.0.1 - bugzilla 1219337
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1219337 - Upgrade to new upstream version
https://bugzilla.redhat.com/show_bug.cgi?id=1219337
--------------------------------------------------------------------------------
================================================================================
patchutils-0.3.4-2.fc22 (FEDORA-2015-9724)
A collection of programs for manipulating patch files
--------------------------------------------------------------------------------
Update Information:
This update fixes a problem handling git-format patches for deleted files.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 9 2015 Tim Waugh <twaugh at redhat.com> - 0.3.4-2
- Fixed handling of delete-file diffs from git (bug #1226985).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1226985 - filterdiff breaks delete chunks
https://bugzilla.redhat.com/show_bug.cgi?id=1226985
--------------------------------------------------------------------------------
================================================================================
python-social-auth-0.2.10-1.fc22 (FEDORA-2015-9705)
Social auth made simple
--------------------------------------------------------------------------------
Update Information:
rebase to 0.2.10
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 9 2015 Jakub Dorňák <jdornak at redhat.com> - 0.2.10-1
- rebase to 0.2.10
* Wed Apr 1 2015 Jakub Dorňák <jdornak at redhat.com> - 0.2.3-1
- rebase to 0.2.3
* Tue Feb 24 2015 Jakub Dorňák <jdornak at redhat.com> - 0.2.2-1
- rebase to 0.2.2
--------------------------------------------------------------------------------
================================================================================
qt5-qtbase-5.4.2-2.fc22 (FEDORA-2015-9734)
Qt5 - QtBase components
--------------------------------------------------------------------------------
Update Information:
Rebase to latest SM patches (QTBUG-45484, QTBUG-46310)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 8 2015 Rex Dieter <rdieter at fedoraproject.org> 5.4.2-2
- rebase to latest SM patches (QTBUG-45484, QTBUG-46310)
--------------------------------------------------------------------------------
================================================================================
qt5-qtdeclarative-5.4.2-2.fc22 (FEDORA-2015-9718)
Qt5 - QtDeclarative component
--------------------------------------------------------------------------------
Update Information:
Restore patch for QTBUG-45753/kde-345544 lost in 5.4.2 rebase.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 8 2015 Rex Dieter <rdieter at fedoraproject.org> 5.4.2-2
- restore fix for QTBUG-45753/kde-345544 lost in 5.4.2 rebase
--------------------------------------------------------------------------------
================================================================================
salt-2015.5.2-3.fc22 (FEDORA-2015-9719)
A parallel remote execution system
--------------------------------------------------------------------------------
Update Information:
Mark salt-ssh roster as a config file to prevent replacement
Update to bugfix release 2015.5.2
Add missing dependency on which (RH #1226636)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 4 2015 Erik Johnson <erik at saltstack.com> - 2015.5.2-3
- Mark salt-ssh roster as a config file to prevent replacement
* Thu Jun 4 2015 Erik Johnson <erik at saltstack.com> - 2015.5.2-2
- Update skipped tests
* Thu Jun 4 2015 Erik Johnson <erik at saltstack.com> - 2015.5.2-1
- Update to bugfix release 2015.5.2
* Mon Jun 1 2015 Erik Johnson <erik at saltstack.com> - 2015.5.1-2
- Add missing dependency on which (RH #1226636)
* Wed May 27 2015 Erik Johnson <erik at saltstack.com> - 2015.5.1-1
- Update to bugfix release 2015.5.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1226636 - salt-minion-2015.5.0 needs package 'which' installed
https://bugzilla.redhat.com/show_bug.cgi?id=1226636
--------------------------------------------------------------------------------
================================================================================
sane-backends-1.0.24-14.fc22 (FEDORA-2015-9711)
Scanner access software
--------------------------------------------------------------------------------
Update Information:
This update backports fixes for devices connected via USB3.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 9 2015 Nils Philippsen <nils at redhat.com> - 1.0.24-14
- reformat and rename snprintf-cleanroom patch
- backport USB3 xhci patch from upstream master (#1228954)
* Mon Jun 8 2015 Nils Philippsen <nils at redhat.com> - 1.0.24-14
- apply format-security patch, drop format-security2 patch
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1228954 - SnapScan 1212u: scanning is broken with I/O error.
https://bugzilla.redhat.com/show_bug.cgi?id=1228954
--------------------------------------------------------------------------------
================================================================================
selinux-policy-3.13.1-128.1.fc22 (FEDORA-2015-9714)
SELinux policy configuration
--------------------------------------------------------------------------------
Update Information:
Allow hypervkvp to read /dev/urandom and read addition states/config files.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 9 2015 Miroslav Grepl <mgrepl at redhat.com> 3.13.1-128
- Allow hypervkvp to read /dev/urandom and read addition states/config files.
- Add rpm_exec_t labeling for /usr/bin/dnf-automatic,/usr/bin/dnf-2 and /usr/bin/dnf-3.
- Allow puppetagent_t to transfer firewalld messages over dbus
- Add httpd_var_lib_t label for roundcubemail
- Allow mongod to work with configured SSSD.
- Allow sblim domain to read sysctls.
- Allow lsmd plugin to run with configured SSSD.
- Allow pkcs_slotd_t to communicate with sssd
- Allow rwho_t to communicate with sssd
- Allow isnsd_t to communicate with sssd
- Allow openvswitch_t to communicate with sssd
- Allow tmpreaper_t to manage ntp log content
- Allow cluster domain to dbus chat with systemd-logind.
- Allow pki-tomcat relabel pki_tomcat_etc_rw_t.
- Allow fowner capability for sssd because of selinux_child handling.
- ALlow bind to read/write inherited ipsec pipes.
- Allow radiusd to connect to radsec ports.
- Allow setuid/setgid for selinux_child.
- Allow lsmd plugin to connect to tcp/5988 by default.
- Allow lsmd plugin to connect to tcp/5989 by default.
- Allow ntlm_auth running in winbind_helper_t to access /dev/urandom.
- Add labeling for pacemaker.log.
- Allow hypervkvp to execute arping in own domain and make it as nsswitch domain.
- Use userdom_home_manager() for bacula_t.
- Add fixes to RHEL7 bacula policy
- Allow glusterd to have mknod capability. It creates a special file using mknod in a brick.
- Update rules related to glusterd_brick_t.
- Allow glusterd to execute lvm tools in the lvm_t target domain.
- Allow glusterd to execute xfs_growfs in the target domain.
- Allow sysctl to have running under hypervkvp_t domain.
- Allow smartdnotify to use user terminals.
- Allow pcp domains to create root.socket in /var/lip/pcp directroy.
- Allow NM to execute dnssec-trigger-script in dnssec_trigger_t domain.
- Allow rpcbind to create rpcbind.xdr as a temporary file.
- Allow dnssec-trigger connections to the system DBUS. It uses libnm-glib Python bindings.
- Allow hostapd net_admin capability. hostapd needs to able to set an interface flag.
- rsync server can be setup to send mail
- Make "ostree admin upgrade -r" command which suppose to upgrade the system and reboot working again. BZ(1225920)
- Fix samba_load_libgfapi decl in samba.te.
- Move ctdd_domtrans() from ctdbd to gluster.
- Allow smbd to access /var/lib/ctdb/persistent/secrets.tdb.0.
- Glusterd wants to manage samba config files if they are setup together.
- ALlow NM to do access check on /sys.
- Allow NetworkManager to keep RFCOMM connection for Bluetooth DUN open . Based on fixes from Lubomir Rintel.
- Allow NetworkManager nm-dispacher to read links.
- Allow gluster hooks scripts to transition to ctdbd_t.
- Allow glusterd to read/write samba config files.
- Update mysqld rules related to mysqld log files.
- Add fixes for hypervkvp realed to ifdown/ifup scripts.
- Update netlink_route_socket for ptp4l.
- Allow glusterd to connect to /var/run/dbus/system_bus_socket.
- ALlow glusterd to have sys_ptrace capability. Needed by gluster+samba configuration.
- Add new boolean samba_load_libgfapi to allow smbd load libgfapi from gluster. Allow smbd to read gluster config files by default.
- Allow gluster to transition to smbd. It is needed for smbd+gluster configuration.
- Allow glusterd to read /dev/random.
- Update nagios_run_sudo boolean to allow run chkpwd.
- Allow docker and container tools to control caps, don't rely on SELinux for now. Since there is no easy way for SELinux modification of policy as far as caps. docker run --cap-add will work now
- Allow sosreport to dbus chat with NM.
- Back port fixes for docker svirt_sandbox_domains
- Add ipsec_rw_inherited_pipes() interface.
- Allow ibus-x11 running as xdm_t to connect uder session buses. We already allow to connect to userdomains over unix_stream_socket.
- Label /usr/libexec/Xorg.wrap as xserver_exec_t.
- Allow systemd-networkd to bind dhcpc ports if DHCP=yes in *.network conf file.
- Allow systemd-networkd to bind dhcpc ports if DHCP=yes in *.network conf file.
- Fix labeling for /var/lib/glusterd/hooks.
- Add term_open_unallocated_ttys() interface.
- Add dev_access_check_sysfs() interface.
- Add sysnet_manage_dhcpc_pid() interface.
- Label all gluster hooks in /var/lib/gluster as bin_t. They are not created on the fly.
- Add sudo_manage_db() interface.
- Back port fixes for the docker types to be used by other domains
- Access required to run with unconfine.pp disabled
- Allow ABRT to read all proc types. It wants to read also dmesg_restrict. BZ(1227661)
* Tue May 19 2015 Lukas Vrabec <lvrabec at redhat.com> 3.13.1-127
- Allow docker dbus chat with firewalld. BZ(1221911)
- Allow anaconda to run iscsid in own domain. BZ(1220948).
- Add new iscsid_run() interface.
- Update nagios_run_sudo boolean.
- Allow rhsmcetd to use the ypbind service to access NIS services.
- Add nagios_run_pnp4nagios and nagios_run_sudo booleans to allow run sudo from NRPE utils scripts and allow run nagios in conjunction with PNP4Nagios.
- Allow ctdb to create rawip socket.
- Allow ctdbd to bind smbd port.
- Make ctdbd as userdom_home_reader.
- Dontaudit chrome-sandbox write access its parent process information. BZ(1220958)
- Fix missing bracket in apache.te.
- Fix httpd_use_openstack boolean related to keystone_read_pid.
- Allow net_admin cap for dnssec-trigger to make wifi reconnect working.
- Add support for /var/lib/ipsilon dir and label it as httpd_var_lib_t. BZ(1186046)
- Allow gluster rpm scripletto create glusterd socket with correct labeling. This is a workaround until we get fix in glusterd.
- Add glusterd_filetrans_named_pid() interface.
- Fix description for seutil_search_config() interface.
- make ssh-keygen as nsswitch domain to access SSSD.
- Label ctdb events scripts as bin_t.
- Add unconfined_dontaudit_write_state() interface.
- Add support for ~/.local/share/networkmanagement/certificates and update filename transitions rules. BZ(1215877)
- Fix selinux_search_fs() interface.
- Update selinux_search_fs(domain) rule to have ability to search /etc/selinuc/ to check if /etc/selinux/config exists. BZ(1219045)
- Add seutil_search_config() interface.
- Fix typo in systemd.te
- Add lvm_stream_connect() interface.
- Add support for /usr/sbin/lvmpolld.BZ(1220817)
- Allow gvfsd-fuse running as xdm_t to use /run/user/42/gvfs as mountpoint.BZ(1218137)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1225245 - SELinux is preventing hostapd from using the 'net_admin' capabilities.
https://bugzilla.redhat.com/show_bug.cgi?id=1225245
[ 2 ] Bug #1225920 - SELinux does not allow ostree to reboot after an upgrade
https://bugzilla.redhat.com/show_bug.cgi?id=1225920
[ 3 ] Bug #1227043 - SELinux is preventing pmdaroot from 'create' accesses on the sock_file root.socket.
https://bugzilla.redhat.com/show_bug.cgi?id=1227043
[ 4 ] Bug #1227110 - SELinux is preventing ibus-x11 from 'connectto' accesses on the unix_stream_socket @/tmp/dbus-xWGLPDBLvH.
https://bugzilla.redhat.com/show_bug.cgi?id=1227110
[ 5 ] Bug #1227128 - SELinux is preventing /usr/lib/systemd/systemd-networkd from name_bind access on the udp_socket port 68
https://bugzilla.redhat.com/show_bug.cgi?id=1227128
[ 6 ] Bug #1227239 - SELinux is preventing dnssec-trigger- from 'write' accesses on the sock_file system_bus_socket.
https://bugzilla.redhat.com/show_bug.cgi?id=1227239
[ 7 ] Bug #1227397 - SELinux is preventing NetworkManager from 'execute' accesses on the file dnssec-trigger-script.
https://bugzilla.redhat.com/show_bug.cgi?id=1227397
[ 8 ] Bug #1227399 - SELinux is preventing dnssec-trigger- from 'write' accesses on the sock_file private.
https://bugzilla.redhat.com/show_bug.cgi?id=1227399
[ 9 ] Bug #1227661 - please, allow abrtd to read /proc/sys/kernel/dmesg_restrict
https://bugzilla.redhat.com/show_bug.cgi?id=1227661
[ 10 ] Bug #1228489 - Fedora 22 net install sets /etc/passwd, /etc/group SELinux context to shadow_t
https://bugzilla.redhat.com/show_bug.cgi?id=1228489
[ 11 ] Bug #1226543 - SELinux AVCs with systemd-networkd
https://bugzilla.redhat.com/show_bug.cgi?id=1226543
--------------------------------------------------------------------------------
================================================================================
squid-3.4.13-1.fc22 (FEDORA-2015-9692)
The Squid proxy caching server
--------------------------------------------------------------------------------
Update Information:
Updated to version 3.4.13, which fixes CVE-2015-3455
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 9 2015 Luboš Uhliarik <luhliari at redhat.com> - 7:3.4.13-1
- new version 3.4.13
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1218118 - CVE-2015-3455 squid: incorrect X509 server certificate validation (SQUID-2015:1)
https://bugzilla.redhat.com/show_bug.cgi?id=1218118
--------------------------------------------------------------------------------
================================================================================
strongswan-5.3.2-1.fc22 (FEDORA-2015-5279)
An OpenSource IPsec-based VPN and TNC solution
--------------------------------------------------------------------------------
Update Information:
New upstream release 5.3.2. Fixes CVE-2014-9221 and CVE-2015-3991.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 9 2015 Pavel Šimerda <psimerda at redhat.com>
- new version 5.3.2
* Fri Jun 5 2015 Pavel Šimerda <psimerda at redhat.com>
- new version 5.3.1
* Tue Mar 31 2015 Pavel Šimerda <psimerda at redhat.com>
- new version 5.3.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1178956 - CVE-2014-9221 strongswan: denial-of-service vulnerability in libtls when processing crafted Key Exchange payload [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1178956
[ 2 ] Bug #1228819 - CVE-2015-3991 strongswan: incorrect payload processing for different IKE versions [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1228819
--------------------------------------------------------------------------------
================================================================================
syncevolution-1.5.1-1.fc22 (FEDORA-2015-9713)
SyncML client for evolution
--------------------------------------------------------------------------------
Update Information:
Update to 1.5.1 upstream release.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 9 2015 Milan Crha <mcrha at redhat.com> - 1:1.5.1-1
- Update to 1.5.1
--------------------------------------------------------------------------------
================================================================================
tunir-0.6-2.fc22 (FEDORA-2015-9736)
An ultra light CI system
--------------------------------------------------------------------------------
Update Information:
Bringing in the tunir project.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1184446 - Review Request: tunir - An ultra light CI system
https://bugzilla.redhat.com/show_bug.cgi?id=1184446
--------------------------------------------------------------------------------
================================================================================
vdsm-4.16.20-2.fc22 (FEDORA-2015-9725)
Virtual Desktop Server Manager
--------------------------------------------------------------------------------
Update Information:
Fix libvirt-daemon requirement and raise release
vdsm tag 4.16.20
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
whois-5.2.9-1.fc22 (FEDORA-2015-9708)
Improved WHOIS client
--------------------------------------------------------------------------------
Update Information:
This release updates client identifier. It adds records for new generic TLDs azure., bbva., bible., fyi., homedepot., jll., mba., men., montblanc., sandvik., sandvikcoromant., ski., sncf., thd., walter., xbox., and 餐厅. It updates records for cr., and bn. TLDs.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 9 2015 Petr Pisar <ppisar at redhat.com> - 5.2.9-1
- 5.2.9 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1229339 - whois-5.2.9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1229339
--------------------------------------------------------------------------------
================================================================================
wpa_supplicant-2.4-2.fc22 (FEDORA-2015-9721)
WPA/WPA2/IEEE 802.1X Supplicant
--------------------------------------------------------------------------------
Update Information:
This update rebases wpa_supplicant to version 2.4.
It fixes a problem with connecting to WEP Ad-Hoc networks.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1222539 - cannot connect to ad-hoc WEP wifi
https://bugzilla.redhat.com/show_bug.cgi?id=1222539
--------------------------------------------------------------------------------
More information about the test
mailing list