The following Fedora 22 Security updates need testing: Age URL 448 https://bodhi.fedoraproject.org/updates/FEDORA-2015-5878 echoping-6.1-0.beta.r434svn.1.fc22 397 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9185 ceph-deploy-1.5.25-1.fc22 329 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12781 python-kdcproxy-0.3.2-1.fc22 284 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16239 nagios-4.0.8-1.fc22 272 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2d37e7dacf openstack-swift-2.2.0-6.fc22 241 https://bodhi.fedoraproject.org/updates/FEDORA-2015-9039c25f1d miniupnpc-1.9-6.fc22 224 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4 libpng-1.6.16-4.fc22 224 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6 libpng-1.6.16-5.fc22 191 https://bodhi.fedoraproject.org/updates/FEDORA-2015-b9e4c97ff1 sos-3.2-2.fc22 165 https://bodhi.fedoraproject.org/updates/FEDORA-2015-f683150aa0 thttpd-2.25b-37.fc22 141 https://bodhi.fedoraproject.org/updates/FEDORA-2016-560802e52b xdelta-3.0.7-7.fc22 130 https://bodhi.fedoraproject.org/updates/FEDORA-2016-24d134e494 mingw-nsis-2.50-1.fc22 117 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3cbe9ad765 python-pygments-2.1.3-1.fc22 78 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a028331ebc poppler-0.30.0-4.fc22 49 https://bodhi.fedoraproject.org/updates/FEDORA-2016-73a5867050 squid-3.5.10-4.fc22 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0fd6ca526a expat-2.1.1-2.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5c52dcfe47 python3-3.4.2-8.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e37f15a5f4 python-2.7.10-10.fc22 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-99fbdc5c34 php-5.6.23-1.fc22 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b08d0b00fc php-pecl-zip-1.12.5-2.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-56ee5cb8b6 phpMyAdmin-4.6.3-1.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d18f993ab6 krb5-1.13.2-15.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-63ee0999e4 kernel-4.4.14-200.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-84373c5f4f xerces-c-3.1.4-1.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7615febbd6 mingw-xerces-c-3.1.4-1.fc22
The following Fedora 22 Critical Path updates have yet to be approved: Age URL 323 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13210 yum-3.4.3-508.fc22 241 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2123de044f libgphoto2-2.5.8-1.fc22 224 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6c07ab1fa6 libpng-1.6.16-5.fc22 224 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7dfbe09bb4 libpng-1.6.16-4.fc22 78 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a028331ebc poppler-0.30.0-4.fc22 75 https://bodhi.fedoraproject.org/updates/FEDORA-2016-027faabac4 libreport-2.6.4-2.fc22 abrt-2.6.1-11.fc22 73 https://bodhi.fedoraproject.org/updates/FEDORA-2016-af1f30412b pygtk2-2.24.0-14.fc22 25 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2cdb5d5a7c vim-7.4.1868-1.fc22 20 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f4a2bc1983 mdadm-3.3.4-3.fc22 17 https://bodhi.fedoraproject.org/updates/FEDORA-2016-babda1429a thunderbird-45.1.1-2.fc22 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3b1495a847 samba-4.2.12-1.fc22 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0fd6ca526a expat-2.1.1-2.fc22 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-18212502a4 pcre-8.39-2.fc22 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e37f15a5f4 python-2.7.10-10.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4204f66082 findutils-4.5.14-7.fc22 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d18f993ab6 krb5-1.13.2-15.fc22 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-63ee0999e4 kernel-4.4.14-200.fc22 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9311371c46 dmidecode-3.0-4.fc22 The following builds have been pushed to Fedora 22 updates-testing btrfs-sxbackup-0.6.9-1.fc22 dmidecode-3.0-4.fc22 fldigi-3.23.12-1.fc22 mingw-xerces-c-3.1.4-1.fc22 nfdump-1.6.15-2.fc22 perl-generators-1.06-2.fc22 xerces-c-3.1.4-1.fc22 Details about builds: ================================================================================ btrfs-sxbackup-0.6.9-1.fc22 (FEDORA-2016-1a1e1b66d1) Incremental btrfs snapshot backups with push/pull support via SSH -------------------------------------------------------------------------------- Update Information: Update to 0.6.9 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1347484 - btrfs-sxbackup-0.6.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=1347484 [ 2 ] Bug #1350287 - btrfs-sxbackup-0.6.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1350287 -------------------------------------------------------------------------------- ================================================================================ dmidecode-3.0-4.fc22 (FEDORA-2016-9311371c46) Tool to analyse BIOS DMI data -------------------------------------------------------------------------------- Update Information: Package has been updated to the newest upstream one + off-a-tree patch -------------------------------------------------------------------------------- ================================================================================ fldigi-3.23.12-1.fc22 (FEDORA-2016-2e0c2b541e) Digital modem program for Linux -------------------------------------------------------------------------------- Update Information: Update to latest upstream release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1346520 - fldigi-3.23.12 is available https://bugzilla.redhat.com/show_bug.cgi?id=1346520 -------------------------------------------------------------------------------- ================================================================================ mingw-xerces-c-3.1.4-1.fc22 (FEDORA-2016-7615febbd6) MingGW Windows validating XML parser -------------------------------------------------------------------------------- Update Information: MinGW cross compiled xerces-c 3.1.4, fixing CVE-2016-0729, CVE-2016-2099 and CVE-2016-4463 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1348845 - CVE-2016-4463 xerces-c: Stack overflow when parsing deeply nested DTD https://bugzilla.redhat.com/show_bug.cgi?id=1348845 [ 2 ] Bug #1310699 - CVE-2016-2099 xerces-c: Use-after-free in heap on specially crafted XML input https://bugzilla.redhat.com/show_bug.cgi?id=1310699 [ 3 ] Bug #1312231 - CVE-2016-0729 xerces-c: parser crashes on malformed input https://bugzilla.redhat.com/show_bug.cgi?id=1312231 -------------------------------------------------------------------------------- ================================================================================ nfdump-1.6.15-2.fc22 (FEDORA-2016-dd5a8e5948) NetFlow collecting and processing tools -------------------------------------------------------------------------------- Update Information: Remove superfluous debug output. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1350764 - nfdump built with debug output enabled https://bugzilla.redhat.com/show_bug.cgi?id=1350764 -------------------------------------------------------------------------------- ================================================================================ perl-generators-1.06-2.fc22 (FEDORA-2016-c345d41682) RPM Perl dependencies generators -------------------------------------------------------------------------------- Update Information: Fixed regression in parsing of heredoc -------------------------------------------------------------------------------- References: [ 1 ] Bug #1351172 - perl.req gets exponentially slow in a certain scenario https://bugzilla.redhat.com/show_bug.cgi?id=1351172 -------------------------------------------------------------------------------- ================================================================================ xerces-c-3.1.4-1.fc22 (FEDORA-2016-84373c5f4f) Validating XML Parser -------------------------------------------------------------------------------- Update Information: Update to xerces-c 3.1.4, fixing CVE-2016-2099 and CVE-2016-4463 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1348845 - CVE-2016-4463 xerces-c: Stack overflow when parsing deeply nested DTD https://bugzilla.redhat.com/show_bug.cgi?id=1348845 [ 2 ] Bug #1310699 - CVE-2016-2099 xerces-c: Use-after-free in heap on specially crafted XML input https://bugzilla.redhat.com/show_bug.cgi?id=1310699 -------------------------------------------------------------------------------- -- test mailing list test@lists.fedoraproject.org To unsubscribe: https://lists.fedoraproject.org/admin/lists/test@lists.fedoraproject.org
