The following Fedora 36 Security updates need testing: Age URL 18 https://bodhi.fedoraproject.org/updates/FEDORA-2022-6d2b6ad1a6 golang-1.18.9-1.fc36 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-ce7369b9ec GitPython-3.1.30-1.fc36 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-e37f239f2e emacs-28.2-1.fc36
The following Fedora 36 Critical Path updates have yet to be approved: Age URL 51 https://bodhi.fedoraproject.org/updates/FEDORA-2022-beaae40a8f python-rpmautospec-0.3.1-1.fc36 49 https://bodhi.fedoraproject.org/updates/FEDORA-2022-ca291a78cf glibc-2.35-21.fc36 26 https://bodhi.fedoraproject.org/updates/FEDORA-2022-df7e4caec9 gnome-shell-42.7-1.fc36 mutter-42.7-1.fc36 14 https://bodhi.fedoraproject.org/updates/FEDORA-2022-fabaf54050 gdb-12.1-3.fc36 13 https://bodhi.fedoraproject.org/updates/FEDORA-2022-a31f25c6a1 samba-4.16.8-1.fc36 13 https://bodhi.fedoraproject.org/updates/FEDORA-2022-9b30518993 linux-firmware-20221214-145.fc36 12 https://bodhi.fedoraproject.org/updates/FEDORA-2022-b6c29072a3 thunderbird-102.6.0-2.fc36 12 https://bodhi.fedoraproject.org/updates/FEDORA-2022-e7408b527a libksba-1.6.3-1.fc36 9 https://bodhi.fedoraproject.org/updates/FEDORA-2022-2a77cf04a0 libretls-3.7.0-1.fc36 netcat-1.219-2.fc36 rpki-client-8.2-3.fc36 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-e37f239f2e emacs-28.2-1.fc36 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-df33e5ce57 kernel-6.0.16-200.fc36 0 https://bodhi.fedoraproject.org/updates/FEDORA-2023-319963375c edk2-20221117gitfff6d81270b5-9.fc36 0 https://bodhi.fedoraproject.org/updates/FEDORA-2023-0f7d9581f0 bash-5.2.15-1.fc36
The following builds have been pushed to Fedora 36 updates-testing
ags-3.6.0.39-1.fc36 alerque-libertinus-fonts-7.040-1.fc36 atop-2.8.0-1.fc36 btrfs-progs-6.1.1-1.fc36 cockpit-machines-280-1.fc36 crun-1.7.2-3.fc36 dkms-3.0.10-1.fc36 fotoxx-23.0-1.fc36 golang-github-task-3.19.1-1.fc36 imagej-1.53v-1.fc36 kbrickbuster-22.12.0-2.fc36 libpcap-1.10.2-1.fc36 lprint-1.2.0-1.fc36 mingw-binutils-2.37-6.fc36 mkvtoolnix-73.0.0-1.fc36 nmh-1.8RC1-1.fc36 perl-Alien-ProtoBuf-0.09-17.fc36 php-cs-fixer-3.13.2-1.fc36 php-doctrine-datafixtures-1.5.4-1.fc36 php-phpseclib-2.0.41-1.fc36 php-twig2-2.15.4-1.fc36 protobuf-3.19.6-1.fc36 pypy-7.3.11-1.fc36 pypy3.8-7.3.11-1.3.8.fc36 python-dunamai-1.15.0-2.fc36 python-geotiler-0.14.7-1.fc36 python-poetry-dynamic-versioning-0.21.3-2.fc36 python-sklearn-nature-inspired-algorithms-0.11.0-3.fc36 qemu-6.2.0-17.fc36 rxvt-unicode-9.31-1.fc36 stratisd-3.4.4-1.fc36 tcpdump-4.99.2-1.fc36 usbrelay-1.1.2-1.fc36 whois-5.5.15-1.fc36 yarnpkg-1.22.19-2.fc36
Details about builds:
================================================================================ ags-3.6.0.39-1.fc36 (FEDORA-2023-653b94e9fb) Engine for creating and running videogames of adventure (quest) genre -------------------------------------------------------------------------------- Update Information:
* Various performance optimizations for both raw drawing and texture updates (Direct3D/OpenGL). (This will be mostly noticeable in high-resolution games.) * Fixed software renderer may have an unpainted black line at the bottom, if there's a GUI or Overlay positioned partially offscreen. * Fixed Parser.Said() could lead to a program crash in case there are space-separated words following the comma (e.g. "climb,get in bed"). -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 3 2023 Dominik Mierzejewski dominik@greysector.net - 3.6.0.39-1 - update to 3.6.0.39 (#2156072) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2156072 - ags-3.6.0.39 is available https://bugzilla.redhat.com/show_bug.cgi?id=2156072 --------------------------------------------------------------------------------
================================================================================ alerque-libertinus-fonts-7.040-1.fc36 (FEDORA-2023-ae17210666) The Libertinus Fonts project -------------------------------------------------------------------------------- Update Information:
Initial package -------------------------------------------------------------------------------- ChangeLog:
* Wed Nov 30 2022 Jonny Heggheim hegjon@gmail.com - 7.040-1 - Initial package -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2149626 - Review Request: alerque-libertinus-fonts - The Libertinus Fonts project https://bugzilla.redhat.com/show_bug.cgi?id=2149626 --------------------------------------------------------------------------------
================================================================================ atop-2.8.0-1.fc36 (FEDORA-2023-95ae5a6266) An advanced interactive monitor to view the load on system and process level -------------------------------------------------------------------------------- Update Information:
2.8.0 -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 3 2023 Gwyn Ciesla gwync@protonmail.com - 2.8.0-1 - 2.8.0 * Wed Dec 7 2022 Gwyn Ciesla gwync@protonmail.com - 2.7.1-4 - Include atopacctd man page * Wed Jul 20 2022 Fedora Release Engineering releng@fedoraproject.org - 2.7.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2156973 - atop-2.8.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2156973 --------------------------------------------------------------------------------
================================================================================ btrfs-progs-6.1.1-1.fc36 (FEDORA-2023-fcfcd41adf) Userspace programs for btrfs -------------------------------------------------------------------------------- Update Information:
Update to revert breakage for consumers of libbtrfs headers and include merged fix for `btrfs subvolume list -u`. -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 3 2023 Neal Gompa ngompa@fedoraproject.org - 6.1.1-1 - Update to 6.1.1 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2157606 - update btrfs-progs to 6.1 breaks some builds https://bugzilla.redhat.com/show_bug.cgi?id=2157606 --------------------------------------------------------------------------------
================================================================================ cockpit-machines-280-1.fc36 (FEDORA-2023-50aba75526) Cockpit user interface for virtual machines -------------------------------------------------------------------------------- Update Information:
Automatic update for cockpit-machines-280-1.fc36. ##### **Changelog for cockpit-machines** ``` * Tue Jan 03 2023 Packit hello@packit.dev - 280-1 - Start using tabular fonts - Other UI fixes and improvements ``` -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 3 2023 Packit hello@packit.dev - 280-1 - Start using tabular fonts - Other UI fixes and improvements --------------------------------------------------------------------------------
================================================================================ crun-1.7.2-3.fc36 (FEDORA-2023-29cbac304f) OCI runtime written in C -------------------------------------------------------------------------------- Update Information:
crun: add gcrypt dependency -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 3 2023 Giuseppe Scrivano gscrivan@redhat.com 1.7.2-3 - crun: add gcrypt dependency --------------------------------------------------------------------------------
================================================================================ dkms-3.0.10-1.fc36 (FEDORA-2023-2dad1e2208) Dynamic Kernel Module Support Framework -------------------------------------------------------------------------------- Update Information:
Bugfixes. -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 3 2023 Simone Caronni negativo17@gmail.com - 3.0.10-1 - Update to 3.0.10. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2153850 - there is no "version" field of modinfo nvidia-uvm, and the condition for judging whether the installed module is different from the tree is refer to the "version" https://bugzilla.redhat.com/show_bug.cgi?id=2153850 --------------------------------------------------------------------------------
================================================================================ fotoxx-23.0-1.fc36 (FEDORA-2023-32a6bc8f6b) Photo editor -------------------------------------------------------------------------------- Update Information:
23.0 -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 3 2023 Gwyn Ciesla gwync@protonmail.com - 23.0-1 - 23.0 * Thu Nov 3 2022 Gwyn Ciesla gwync@protonmail.com - 22.41-1 - 22.41 * Tue Nov 1 2022 Gwyn Ciesla gwync@protonmail.com - 22.40-1 - 22.40 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2148613 - fotoxx-23.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2148613 --------------------------------------------------------------------------------
================================================================================ golang-github-task-3.19.1-1.fc36 (FEDORA-2023-6d7532194b) A task runner / simpler Make alternative written in Go -------------------------------------------------------------------------------- Update Information:
v3.19.1 -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 3 2023 Mark E. Fuller mark.e.fuller@gmx.de 3.19.1-1 - v3.19.1 * Tue Dec 6 2022 Mark E. Fuller mark.e.fuller@gmx.de 3.19.0-1 - upgrade to v3.19.0, close rhbz#2151069 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2157306 - golang-github-task-3.19.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2157306 --------------------------------------------------------------------------------
================================================================================ imagej-1.53v-1.fc36 (FEDORA-2023-0f79749ac6) Image Processing and Analysis in Java -------------------------------------------------------------------------------- Update Information:
Update to 1.53v -------------------------------------------------------------------------------- ChangeLog:
* Thu Dec 29 2022 Benjamin A. Beasley code@musicinmybrain.net - 1.53v-1 - Update to 1.53v (close RHBZ#2121261) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2121261 - imagej-1.53.v is available https://bugzilla.redhat.com/show_bug.cgi?id=2121261 --------------------------------------------------------------------------------
================================================================================ kbrickbuster-22.12.0-2.fc36 (FEDORA-2023-d6668a5b6a) Destroy bricks with a ball -------------------------------------------------------------------------------- Update Information:
Update to 22.12.0 -------------------------------------------------------------------------------- ChangeLog:
* Mon Jan 2 2023 Marc Deop marcdeop@fedoraproject.org - 22.12.0-2 - Bring back patch.sh (and modify it) - Use proper sources ( modified upstream with patch.sh) * Mon Jan 2 2023 Marc Deop marcdeop@fedoraproject.org - 22.12.0-1 - 22.12.0 * Thu Jul 21 2022 Fedora Release Engineering releng@fedoraproject.org - 18.08.3-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ libpcap-1.10.2-1.fc36 (FEDORA-2023-4095af1560) A system-independent interface for user-level packet capture -------------------------------------------------------------------------------- Update Information:
New versions of libpcap and tcpdump -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 3 2023 Michal Ruprich mruprich@redhat.com - 14:1.10.2-1 - New version 1.10.2 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2157180 - tcpdump-4.99.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2157180 [ 2 ] Bug #2157185 - libpcap-1.10.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2157185 --------------------------------------------------------------------------------
================================================================================ lprint-1.2.0-1.fc36 (FEDORA-2023-9f9068ee9b) A Label Printer Application -------------------------------------------------------------------------------- Update Information:
2157610 - lprint-1.2.0 is available -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 3 2023 Zdenek Dohnal zdohnal@redhat.com - 1.2.0-1 - 2157610 - lprint-1.2.0 is available * Thu Jul 21 2022 Fedora Release Engineering releng@fedoraproject.org - 1.1.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2157610 - lprint-1.2.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2157610 --------------------------------------------------------------------------------
================================================================================ mingw-binutils-2.37-6.fc36 (FEDORA-2023-11256597a8) Cross-compiled version of binutils for Win32 and Win64 environments -------------------------------------------------------------------------------- Update Information:
Backport fix for CVE-2022-4285. -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 3 2023 Sandro Mani manisandro@gmail.com - 2.37-6 - Backport patch for CVE-2022-4285 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2152945 - CVE-2022-4285 mingw-binutils: binutils: NULL pointer dereference in _bfd_elf_get_symbol_version_string leads to segfault [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2152945 --------------------------------------------------------------------------------
================================================================================ mkvtoolnix-73.0.0-1.fc36 (FEDORA-2023-30f93830fc) Matroska container manipulation utilities -------------------------------------------------------------------------------- Update Information:
# Version 73.0.0 "25 or 6 to 4" 2023-01-02 ## New features and enhancements * mkvmerge: greatly enhanced the speed of Base64 decoding which is used used e.g. when reading pictures embedded in Ogg or FLAC files or for binary data inside XML chapter & tag files. Even small blocks of data could take unreasonably long. * mkvmerge: added support for reading HEVC/H.265 video from FLV containers. Implements #3466. ## Bug fixes * mkvmerge: splitting: fixed a typo in the string output in GUI mode regarding the timestamps before which splitting was done. See #3421. * MKVToolNix GUI: job output: after having run multiple jobs the "Clear output" functionality only reset the visible parts. However, using the "save output" function would also save the output generated before the user used "clear output". Now only the output after the last use of "clear output" is saved. Fixes #3438. * build system: when probing for the FLAC library the Ogg libraries will be linked with the compiled test program as well. This fixes detection if the `pkg-config` settings for FLAC don't list Ogg & the linker doesn't find the library automatically. Fixes #3439. -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 3 2023 Dominik Mierzejewski dominik@greysector.net - 73.0.0-1 - update to 73.0.0 (#2157794) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2157794 - mkvtoolnix-73.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2157794 --------------------------------------------------------------------------------
================================================================================ nmh-1.8RC1-1.fc36 (FEDORA-2023-78e60a2423) A capable MIME-email-handling system with a command-line interface -------------------------------------------------------------------------------- Update Information:
With upstream 1.8-RC1. -------------------------------------------------------------------------------- ChangeLog:
* Sun Jan 1 2023 David Levine par.packager@gmail.com - 1.8RC1-1 - With upstream 1.8-RC1. * Wed Dec 7 2022 Florian Weimer fweimer@redhat.com - 1.7.1-19 - Backport patch from upstream to fix detection of _GNU_SOURCE * Fri Jul 22 2022 Fedora Release Engineering releng@fedoraproject.org - 1.7.1-18 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ perl-Alien-ProtoBuf-0.09-17.fc36 (FEDORA-2022-15729fa33d) Find Protocol Buffers library -------------------------------------------------------------------------------- Update Information:
Selected notes from packaging changes and improvements: * 3.19.6 fixes CVE-2022-3171 * 3.19.5 fixes CVE-2022-1941 * License updated to SPDX * Unnecessary dependency on python3-six removed * Python extension is now the compiled C++ version, improving performance * All subpackages now have the license file or depend on something that does * The -vim subpackage now depends on vim-filesystem, no longer on vim-enhanced * Added a man page for protoc See [PR](https://src.fedoraproject.org/rpms/protobuf/pull-request/16) for more details. -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 3 2023 Petr Pisar ppisar@redhat.com - 0.09-17 - Rebuild aginst protobuf-3.19.6 (bug #2152754) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1831350 - protobuf-21.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=1831350 [ 2 ] Bug #2152754 - FailsToInstall perl-Alien-ProtoBuf: nothing provides pkgconfig(protobuf) = 3.19.4 after rebasing protobuf to 3.19.6 https://bugzilla.redhat.com/show_bug.cgi?id=2152754 --------------------------------------------------------------------------------
================================================================================ php-cs-fixer-3.13.2-1.fc36 (FEDORA-2023-afc7150346) PHP Coding Standards Fixer -------------------------------------------------------------------------------- Update Information:
**Version 3.13.2** * bug: Fix type error when using paths intersection mode (#6734) -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 3 2023 Remi Collet remi@remirepo.net - 3.13.2-1 - update to 3.13.2 --------------------------------------------------------------------------------
================================================================================ php-doctrine-datafixtures-1.5.4-1.fc36 (FEDORA-2023-18f8395138) Data Fixtures for all Doctrine Object Managers -------------------------------------------------------------------------------- Update Information:
**Version 1.5.4** Static Analysis * 399: Fix doc blocks of nullable constructor parameters thanks to @derrabus * 389: Improve phpdoc types thanks to @BafS -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 3 2023 Remi Collet remi@remirepo.net - 1.5.4-1 - update to 1.5.4 --------------------------------------------------------------------------------
================================================================================ php-phpseclib-2.0.41-1.fc36 (FEDORA-2023-e30c8c9e62) PHP Secure Communications Library -------------------------------------------------------------------------------- Update Information:
**Version 2.0.41** - 2022-12-23 - fix for more PHP 8.2 deprecations (#1875) -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 3 2023 Remi Collet remi@remirepo.net - 2.0.41-1 - update to 2.0.41 --------------------------------------------------------------------------------
================================================================================ php-twig2-2.15.4-1.fc36 (FEDORA-2023-23ba7fa2b7) The flexible, fast, and secure template engine for PHP -------------------------------------------------------------------------------- Update Information:
**Version 2.15.4** (2022-12-27) * Fix optimizing closures callbacks * Add a better exception when getting an undefined constant via `constant` * Fix `if` nodes when outside of a block and with an empty body -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 3 2023 Remi Collet remi@remirepo.net - 2.15.4-1 - update to 2.15.4 --------------------------------------------------------------------------------
================================================================================ protobuf-3.19.6-1.fc36 (FEDORA-2022-15729fa33d) Protocol Buffers - Google's data interchange format -------------------------------------------------------------------------------- Update Information:
Selected notes from packaging changes and improvements: * 3.19.6 fixes CVE-2022-3171 * 3.19.5 fixes CVE-2022-1941 * License updated to SPDX * Unnecessary dependency on python3-six removed * Python extension is now the compiled C++ version, improving performance * All subpackages now have the license file or depend on something that does * The -vim subpackage now depends on vim-filesystem, no longer on vim-enhanced * Added a man page for protoc See [PR](https://src.fedoraproject.org/rpms/protobuf/pull-request/16) for more details. -------------------------------------------------------------------------------- ChangeLog:
* Wed Dec 7 2022 Benjamin A. Beasley code@musicinmybrain.net - 3.19.6-1 - Update to 3.19.6; fix CVE-2022-3171 * Wed Dec 7 2022 Benjamin A. Beasley code@musicinmybrain.net - 3.19.5-1 - Update to 3.19.5; fix CVE-2022-1941 * Sun Dec 4 2022 Benjamin A. Beasley code@musicinmybrain.net - 3.19.4-7 - Update License to SPDX - Improved handling of gtest sources - Update/correct gtest commit hash to match upstream - Simplify the Source0 URL with a macro - Drop manual dependency on python3-six, no longer needed - Drop obsolete python_provide macro - Drop python3_pkgversion macro - Update summary and description to refer to ���Python��� instead of ���Python 3��� - Re-enable compiled Python extension on Python 3.11 - Ensure all subpackages always have LICENSE, or depend on something that does - Remove obsolete ldconfig_scriptlets macros - The -vim subpackage now depends on vim-filesystem, no longer on vim-enhanced - Add a man page for protoc - Use a macro to avoid repeating the .so version, and improve .so globs -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1831350 - protobuf-21.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=1831350 [ 2 ] Bug #2152754 - FailsToInstall perl-Alien-ProtoBuf: nothing provides pkgconfig(protobuf) = 3.19.4 after rebasing protobuf to 3.19.6 https://bugzilla.redhat.com/show_bug.cgi?id=2152754 --------------------------------------------------------------------------------
================================================================================ pypy-7.3.11-1.fc36 (FEDORA-2023-521864ae79) Python implementation with a Just-In-Time compiler -------------------------------------------------------------------------------- Update Information:
Update to 7.3.11. See https://doc.pypy.org/en/latest/release-v7.3.11.html -------------------------------------------------------------------------------- ChangeLog:
* Fri Dec 30 2022 Miro Hron��ok mhroncok@redhat.com - 7.3.11-1 - Update to 7.3.11 - Fixes: rhbz#2147521 * Fri Jul 22 2022 Fedora Release Engineering releng@fedoraproject.org - 7.3.9-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ pypy3.8-7.3.11-1.3.8.fc36 (FEDORA-2023-78b4ce2f23) Python 3.8 implementation with a Just-In-Time compiler -------------------------------------------------------------------------------- Update Information:
Update to 7.3.11. See https://doc.pypy.org/en/latest/release-v7.3.11.html Security fix for CVE-2022-37454, CVE-2022-45061. -------------------------------------------------------------------------------- ChangeLog:
* Fri Dec 30 2022 Miro Hron��ok mhroncok@redhat.com - 7.3.11-1.3.8 - Update to 7.3.11 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2140200 - CVE-2022-37454 XKCP: buffer overflow in the SHA-3 reference implementation https://bugzilla.redhat.com/show_bug.cgi?id=2140200 [ 2 ] Bug #2144072 - CVE-2022-45061 Python: CPU denial of service via inefficient IDNA decoder https://bugzilla.redhat.com/show_bug.cgi?id=2144072 --------------------------------------------------------------------------------
================================================================================ python-dunamai-1.15.0-2.fc36 (FEDORA-2023-a82781022d) Dynamic version generation -------------------------------------------------------------------------------- Update Information:
update to latest releases -------------------------------------------------------------------------------- ChangeLog:
* Mon Dec 26 2022 Benjamin A. Beasley code@musicinmybrain.net 1.15.0-2 - Add man pages * Sun Dec 25 2022 Benjamin A. Beasley code@musicinmybrain.net 1.15.0-1 - Update to 1.15.0 (close RHBZ#2140491) * Sun Dec 25 2022 Benjamin A. Beasley code@musicinmybrain.net 1.13.2-6 - Run tests in parallel * Sun Dec 25 2022 Benjamin A. Beasley code@musicinmybrain.net 1.13.2-5 - Add missing BR on setuptools * Sun Dec 25 2022 Benjamin A. Beasley code@musicinmybrain.net 1.13.2-4 - Confirm License is SPDX MIT --------------------------------------------------------------------------------
================================================================================ python-geotiler-0.14.7-1.fc36 (FEDORA-2023-740ea5ae55) GeoTiler is a library to create map using tiles from a map provider -------------------------------------------------------------------------------- Update Information:
Upgrade to 0.14.7 -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 3 2023 Iztok Fister Jr. <iztokf AT fedoraproject DOT org> - 0.14.7-1 - Update to the latest upstream's release - Remove patch * Fri Jul 22 2022 Fedora Release Engineering releng@fedoraproject.org - 0.14.5-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Mon Jun 20 2022 Python Maint python-maint@redhat.com - 0.14.5-4 - Rebuilt for Python 3.11 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2156929 - python-geotiler-0.14.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=2156929 --------------------------------------------------------------------------------
================================================================================ python-poetry-dynamic-versioning-0.21.3-2.fc36 (FEDORA-2023-a82781022d) Plugin for Poetry to enable dynamic versioning based on VCS tags -------------------------------------------------------------------------------- Update Information:
update to latest releases -------------------------------------------------------------------------------- ChangeLog:
* Mon Dec 26 2022 Benjamin A. Beasley code@musicinmybrain.net 0.21.3-2 - Add a trivial man page * Sun Dec 25 2022 Benjamin A. Beasley code@musicinmybrain.net 0.21.3-1 - Update to 0.21.3 * Sun Dec 25 2022 Benjamin A. Beasley code@musicinmybrain.net 0.20.0-4 - Confirm License is SPDX MIT --------------------------------------------------------------------------------
================================================================================ python-sklearn-nature-inspired-algorithms-0.11.0-3.fc36 (FEDORA-2023-860c31a2da) Nature-inspired algorithms for scikit-learn -------------------------------------------------------------------------------- Update Information:
Upgrade to 0.11.0 -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 3 2023 Iztok Fister Jr. <iztokf AT fedoraproject DOT org> - 0.11.0-3 - Enable tests * Tue Jan 3 2023 Iztok Fister Jr. <iztokf AT fedoraproject DOT org> - 0.11.0-2 - Remove obsolete macro * Tue Jan 3 2023 Iztok Fister Jr. <iztokf AT fedoraproject DOT org> - 0.11.0-1 - Update to the latest upstream's release * Fri Jul 22 2022 Fedora Release Engineering releng@fedoraproject.org - 0.9.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Mon Jul 4 2022 Python Maint python-maint@redhat.com - 0.9.0-2 - Rebuilt for Python 3.11 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2157945 - python-sklearn-nature-inspired-algorithms-0.10.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2157945 --------------------------------------------------------------------------------
================================================================================ qemu-6.2.0-17.fc36 (FEDORA-2023-c8a60f6f80) QEMU is a FAST! processor emulator -------------------------------------------------------------------------------- Update Information:
ati-vga: out-of-bounds write in ati_2d_blt (CVE-2021-3638) (rhbz#1979882) qxl: qxl_phys2virt unsafe address translation (CVE-2022-4144) (rhbz#2148542) linux- user: default to -cpu max (rhbz#2121700) -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 3 2023 Mauro Matteo Cascella mcascell@redhat.com - 2:6.2.0-17 - ati-vga: out-of-bounds write in ati_2d_blt (CVE-2021-3638) (rhbz#1979882) - qxl: qxl_phys2virt unsafe address translation (CVE-2022-4144) (rhbz#2148542) - linux-user: default to -cpu max (rhbz#2121700) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1979882 - CVE-2021-3638 qemu: ati-vga: inconsistent check in ati_2d_blt() may lead to out-of-bounds write [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1979882 [ 2 ] Bug #2121700 - qemu-x86_64-static cannot run el9 binaries by default https://bugzilla.redhat.com/show_bug.cgi?id=2121700 [ 3 ] Bug #2148542 - CVE-2022-4144 qemu: QXL: qxl_phys2virt unsafe address translation can lead to out-of-bounds read [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2148542 --------------------------------------------------------------------------------
================================================================================ rxvt-unicode-9.31-1.fc36 (FEDORA-2023-8497329aab) Unicode version of rxvt -------------------------------------------------------------------------------- Update Information:
- New upstream version (9.31) -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 3 2023 Robbie Harwood rharwood@redhat.com - 9.31-1 - New upstream version (9.31) * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org - 9.30-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Wed Jun 1 2022 Jitka Plesnikova jplesnik@redhat.com - 9.30-3 - Perl 5.36 rebuild --------------------------------------------------------------------------------
================================================================================ stratisd-3.4.4-1.fc36 (FEDORA-2023-1a723fc0d9) Daemon that manages block devices to create filesystems -------------------------------------------------------------------------------- Update Information:
Update to 3.4.4 -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 3 2023 Bryan Gurney bgurney@redhat.com - 3.4.4-1 - Update to 3.4.4 --------------------------------------------------------------------------------
================================================================================ tcpdump-4.99.2-1.fc36 (FEDORA-2023-4095af1560) A network traffic monitoring tool -------------------------------------------------------------------------------- Update Information:
New versions of libpcap and tcpdump -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 3 2023 Michal Ruprich mruprich@redhat.com - 14:4.99.2-1 - New version 4.99.2 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2157180 - tcpdump-4.99.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2157180 [ 2 ] Bug #2157185 - libpcap-1.10.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2157185 --------------------------------------------------------------------------------
================================================================================ usbrelay-1.1.2-1.fc36 (FEDORA-2023-6d190e7fb2) A library and command line tool to control USB-connected relays based on hidapi -------------------------------------------------------------------------------- Update Information:
new package upload -------------------------------------------------------------------------------- ChangeLog:
* Mon Jan 2 2023 Mark E. Fuller mark.e.fuller@gmx.de 1.1.2-1 - new package upload -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2126785 - Review Request: usbrelay - USB-connected electrical relay control, based on hidapi https://bugzilla.redhat.com/show_bug.cgi?id=2126785 --------------------------------------------------------------------------------
================================================================================ whois-5.5.15-1.fc36 (FEDORA-2023-245bb1cb57) Improved WHOIS client -------------------------------------------------------------------------------- Update Information:
* Updated the .bd, .nz and .tv TLD servers. * Added the .llyw.cymru, .gov.scot and .gov.wales SLD servers. * Updated the .ac.uk and .gov.uk SLD servers. * Recursion has been enabled for whois.nic.tv. * Updated the list of new gTLDs with four generic TLDs assigned in October 2013 which were missing due to a bug. * Removed 4 new gTLDs which are no longer active. * Added the Georgian translation, contributed by Temuri Doghonadze. * Updated the Finnish translation, contributed by Lauri Nurmi. -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 3 2023 Petr Men����k pemensik@redhat.com - 5.5.15-1 - Update to 5.5.15 (#2156870) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2156870 - whois-5.5.15 is available https://bugzilla.redhat.com/show_bug.cgi?id=2156870 --------------------------------------------------------------------------------
================================================================================ yarnpkg-1.22.19-2.fc36 (FEDORA-2023-5c6f32db6f) Fast, reliable, and secure dependency management. -------------------------------------------------------------------------------- Update Information:
Update to 1.22.19. Backport patch for CVE-2021-35065 for bundled glob-parent. -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 3 2023 Sandro Mani manisandro@gmail.com - 1.22.19-2 - Backport fix for CVE-2021-35065 for bundled glob-parent * Thu Dec 15 2022 Sandro Mani manisandro@gmail.com - 1.22.19-1 - Update to 1.22.19 * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org - 1.22.17-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2156648 - CVE-2021-35065 yarnpkg: glob-parent: Regular Expression Denial of Service [fedora-36] https://bugzilla.redhat.com/show_bug.cgi?id=2156648 [ 2 ] Bug #2156654 - CVE-2021-35065 yarnpkg: glob-parent: Regular Expression Denial of Service [fedora-37] https://bugzilla.redhat.com/show_bug.cgi?id=2156654 --------------------------------------------------------------------------------
test-reports@lists.fedoraproject.org