The following Fedora 35 Security updates need testing:
Age URL
208
https://bodhi.fedoraproject.org/updates/FEDORA-2022-2e85e6cfc9
libdxfrw-1.0.1-3.fc35 librecad-2.2.0-0.13.rc3.fc35
200
https://bodhi.fedoraproject.org/updates/FEDORA-2022-dfc6924a11
mysql-connector-java-8.0.28-1.fc35
33
https://bodhi.fedoraproject.org/updates/FEDORA-2022-d7f95e65dd
booth-1.0-251.3.bfb2f92.git.fc35
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-ddfeee50c9
webkit2gtk3-2.36.7-1.fc35
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-ddee3eb27c
thunderbird-102.2.0-1.fc35
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-fe1a4e3cf0
libtar-1.2.20-25.fc35
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-680ea95f71
tcpreplay-4.4.2-1.fc35
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-de968d1b6c
rubygem-puma-4.3.6-5.fc35
The following Fedora 35 Critical Path updates have yet to be approved:
Age URL
19
https://bodhi.fedoraproject.org/updates/FEDORA-2022-bca7996d14
annobin-10.81-1.fc35
13
https://bodhi.fedoraproject.org/updates/FEDORA-2022-4841fbd892
createrepo_c-0.20.1-1.fc35
13
https://bodhi.fedoraproject.org/updates/FEDORA-2022-2eb835425a fedora-repos-35-4
12
https://bodhi.fedoraproject.org/updates/FEDORA-2022-48e82b4eda
dbus-broker-32-1.fc35
9
https://bodhi.fedoraproject.org/updates/FEDORA-2022-564484bcd4
twolame-0.4.0-1.fc35
8
https://bodhi.fedoraproject.org/updates/FEDORA-2022-e4bd968e45
libreport-2.17.2-1.fc35
8
https://bodhi.fedoraproject.org/updates/FEDORA-2022-ad62906a26
shadow-utils-4.9-10.fc35
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-9a3f9767d1 ndctl-74-1.fc35
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-52f71b625b
ethtool-5.19-1.fc35
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-19b61cd789
librepo-1.14.4-1.fc35
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-781669c384 glibc-2.34-41.fc35
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-ada487682a
tzdata-2022c-1.fc35
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-ddee3eb27c
thunderbird-102.2.0-1.fc35
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-ddfeee50c9
webkit2gtk3-2.36.7-1.fc35
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-3a75635d6a
kde-settings-35.2-1.fc35
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-3c8a55de8c sssd-2.7.4-1.fc35
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-f018f2c368 audit-3.0.9-1.fc35
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-b6f267b811 koji-1.30.0-1.fc35
The following builds have been pushed to Fedora 35 updates-testing
binutils-2.37-25.fc35
cinfo-0.4.9-1.fc35
credentials-fetcher-0.0.94-1.fc35
ddccontrol-db-20220829-1.fc35
eccodes-2.27.0-1.fc35
exim-4.96-2.fc35
freecad-0.20.1-1.fc35.1
insight-13.0.50.20220502-1.fc35
plasmatube-22.06-1.fc35
python-asn1-2.6.0-1.fc35
python-tabulate-0.8.10-1.fc35
quisk-4.2.3-1.fc35
redhat-rpm-config-202-1.fc35
strawberry-1.0.8-1.fc35
vim-pathogen-2.4-9.fc35
Details about builds:
================================================================================
binutils-2.37-25.fc35 (FEDORA-2022-e5a363e490)
A GNU collection of binary utilities
--------------------------------------------------------------------------------
Update Information:
Fixes warning when running strip on an object file (#2114597) ---- - Fixes
warning when running strip on an object file (#2114597) ---- - Add the
--package-metadata option to the linkers. (#2099999) ---- Fix building the
binutils for Risc64 and AArch64 ---- - Fix bug in binutils.spec file that was
causing the wrong linker flags to be used. - Change the ld man page so that it
says that --enable-new-dtags is the default. (#2090818) ---- Stop readelf
and objdump from unnecessarily following links. ---- Add support for
generating static PIE binaries for the s390x
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 11 2022 Nick Clifton <nickc(a)redhat.com> - 2.37-25
- Fix problems running the linkers LTO testsuite. (#2117284)
* Wed Aug 10 2022 Yara Ahmad <yahmad(a)redhat.com> - 2.37-24
- Fixes warning when running strip on an object file (#2114597)
* Fri Aug 5 2022 Yara Ahmad <yahmad(a)redhat.com> - 2.37-23
- Add the --package-metadata option to the linkers. (#2099999)
* Wed Aug 3 2022 Yara Ahmad <yahmad(a)redhat.com> - 2.37-22
- Restore the use of --enable-64-bit-bfd for the AArch64 and riscv64 targets.
- Check and enable 64-bit bfd on aarch64 and riscv64.
* Thu Jun 30 2022 Nick Clifton <nickc(a)redhat.com> - 2.37-21
- Fix a problem honouring readelf's -wE and -wN command line options.
* Wed Jun 8 2022 Yara Ahmad <yahmad(a)redhat.com> - 2.37-20
- Fix bug in binutils.spec file that was causing the wrong linker flags to be used.
- Change the ld man page so that it says that --enable-new-dtags is the default.
(#2090818)
* Sat May 21 2022 Nick Clifton <nickc(a)redhat.comn> - 2.37-19
- Stop readelf and objdump from unnecessarily following links. (#2086863)
* Thu May 19 2022 Nick Clifton <nickc(a)redhat.comn> - 2.37-18
- Add support for generating static PIE binaries for s390x. (#2088331)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2086863 - readelf is trying to reach debuginfod remote server?
https://bugzilla.redhat.com/show_bug.cgi?id=2086863
--------------------------------------------------------------------------------
================================================================================
cinfo-0.4.9-1.fc35 (FEDORA-2022-3a8870a91d)
Fast and minimal system information tool
--------------------------------------------------------------------------------
Update Information:
update to 0.4.9 ---- initial package build
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 30 2022 Jonathan Wright <jonathan(a)almalinux.org> 0.4.9-1
- update to 0.4.9
- rhbz#2121986
* Sat Aug 20 2022 Jonathan Wright <jonathan(a)almalinux.org> 0.4.8-1
- Initial package build
- rhbz#2120002
--------------------------------------------------------------------------------
================================================================================
credentials-fetcher-0.0.94-1.fc35 (FEDORA-2022-a7bd44e159)
credentials-fetcher is a daemon that refreshes tickets or tokens periodically
--------------------------------------------------------------------------------
Update Information:
Initial package release for credentials fetcher
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 29 2022 Tom Callaway <spotaws(a)amazon.com> - 0.0.94-1
- systemd clean up
* Mon Aug 22 2022 Sai Kiran Akula <saakla(a)amazon.com> - 0.0.93
- Add validation for read metadata file and rpm install require openldap-clients
* Wed Aug 10 2022 Samiullah Mohammed <samiull(a)amazon.com> - 0.0.92
- Move binaries to standard Linux directories
- Add directory paths as configurable variables in cmake
- Generate systemd service file from cmake
* Sun Aug 7 2022 Samiullah Mohammed <samiull(a)amazon.com> - 0.0.91
- Relocate binary, library files and change permissions
* Sat Jul 30 2022 Samiullah Mohammed <samiull(a)amazon.com> - 0.0.90
- add ctests and bump revision to 0.0.90
* Thu Jul 28 2022 Samiullah Mohammed <samiull(a)amazon.com> - 0.0.1
- Add mono-based utf16 decoder
* Tue Jul 12 2022 Samiullah Mohammed <samiull(a)amazon.com> - 0.0.1
- Resolve rpath for Fedora and change macros
* Sat Jun 18 2022 Sai Kiran Akula <saakla(a)amazon.com> - 0.0.1
- Refactor cmake for all the directories
* Thu Jun 16 2022 Samiullah Mohammed <samiull(a)amazon.com> - 0.0.1
- Compile subdirectory into a shared library
* Wed Jun 15 2022 Samiullah Mohammed <samiull(a)amazon.com> - 0.0.1
- Add daemon infra
* Wed Jun 8 2022 Samiullah Mohammed <samiull(a)amazon.com> - 0.0.1
- Fixes to rpm spec
* Mon Jun 6 2022 Samiullah Mohammed <samiull(a)amazon.com> - 0.0.1
- Initial commit
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2122345 - Review Request: credentials-fetcher - Daemon to allow Windows gMSA
accounts to be used in Linux
https://bugzilla.redhat.com/show_bug.cgi?id=2122345
--------------------------------------------------------------------------------
================================================================================
ddccontrol-db-20220829-1.fc35 (FEDORA-2022-c7e9292962)
DDC/CI control database for ddccontrol
--------------------------------------------------------------------------------
Update Information:
New version
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 30 2022 Jaroslav ��karvada <jskarvad(a)redhat.com> - 20220829-1
- New version
Resolves: rhbz#2122446
* Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
20220629-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Thu Jun 30 2022 Jaroslav ��karvada <jskarvad(a)redhat.com> - 20220629-1
- New version
Resolves: rhbz#2102037
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2122446 - ddccontrol-db-20220829 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2122446
--------------------------------------------------------------------------------
================================================================================
eccodes-2.27.0-1.fc35 (FEDORA-2022-399f2a09e7)
WMO data format decoding and encoding
--------------------------------------------------------------------------------
Update Information:
Upgrade to upstream version 2.27.0
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 29 2022 Jos de Kloe <josdekloe(a)gmail.com> - 2.27.0-1
- Upgrade to upstream version 2.27.0
- Added generation of man pages for tools that support the --help option
* Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.26.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2121151 - eccodes-2.27.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2121151
--------------------------------------------------------------------------------
================================================================================
exim-4.96-2.fc35 (FEDORA-2022-1ca1d22165)
The exim mail transfer agent
--------------------------------------------------------------------------------
Update Information:
This is update of exim to fix CVE-2022-37451.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.96-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue Jun 28 2022 Jaroslav ��karvada <jskarvad(a)redhat.com> - 4.96-1
- New version
Resolves: rhbz#2101104
* Mon May 30 2022 Jitka Plesnikova <jplesnik(a)redhat.com> - 4.95-4
- Perl 5.36 rebuild
* Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.95-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Fri Nov 12 2021 Bj��rn Esser <besser82(a)fedoraproject.org> - 4.95-2
- Rebuild(libnsl2)
- Drop support for NISPLUS, as libnsl2 >= 2.0.0 does not support it anymore
* Mon Oct 4 2021 Jaroslav ��karvada <jskarvad(a)redhat.com> - 4.95-1
- New version
Resolves: rhbz#2008452
* Tue Sep 14 2021 Sahana Prasad <sahana(a)redhat.com> - 4.94.2-4
- Rebuilt with OpenSSL 3.0.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2119782 - CVE-2022-37451 Exim: Exim before 4.96 has an invalid free in
pam_converse
https://bugzilla.redhat.com/show_bug.cgi?id=2119782
--------------------------------------------------------------------------------
================================================================================
freecad-0.20.1-1.fc35.1 (FEDORA-2022-8d9d83762f)
A general purpose 3D CAD modeler
--------------------------------------------------------------------------------
Update Information:
Rebuild of proper version for retagged upstream source.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 30 2022 Richard Shaw <hobbes1069(a)gmail.com> - 1:0.20.1-1.1
- Rebuild for retagged upstream source, fixes rhbz#2121671.
--------------------------------------------------------------------------------
================================================================================
insight-13.0.50.20220502-1.fc35 (FEDORA-2022-8e1df11a7a)
Graphical debugger based on GDB
--------------------------------------------------------------------------------
Update Information:
- New upstream snapshot. - Fixes CVE-2021-3826. - Disable deprecated declaration
warnings/errors. - Disable nonnull-compare warnings. - Patch
"symtab_no_format_overflow" to avoid a false positive format overflow
detection.
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 2 2022 Patrick Monnerat <patrick(a)monnerat.net> 13.0.50.20220502-1
- New upstream snapshot.
- Disable deprecated declaration warnings/errors.
- Disable nonnull-compare warnings.
- Patch "symtab_no_format_overflow" to avoid a false positive format overflow
detection.
* Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
11.0.50.20201215-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2122627 - CVE-2021-3826 libiberty: Heap/stack buffer overflow in the
dlang_lname function in d-demangle.c
https://bugzilla.redhat.com/show_bug.cgi?id=2122627
--------------------------------------------------------------------------------
================================================================================
plasmatube-22.06-1.fc35 (FEDORA-2022-1a5c4181f0)
YouTube video player based on QtMultimedia and youtube-dl
--------------------------------------------------------------------------------
Update Information:
Plasmatube for F35
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 5 2022 Justin Zobel <justin(a)1707.io> - 22.04-1
- Update to 22.04
* Tue Mar 1 2022 Jusitn Zobel <justin(a)1707.io> - 22.02-1
- Update to 22.02
* Wed Dec 22 2021 Justin Zobel <justin(a)1707.io> - 21.12-1
- Initial version of package
--------------------------------------------------------------------------------
================================================================================
python-asn1-2.6.0-1.fc35 (FEDORA-2022-86199f4907)
Simple ASN.1 encoder and decoder for Python
--------------------------------------------------------------------------------
Update Information:
Initial import; Fixes: RHBZ#2121982
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 30 2022 Davide Cavalca <dcavalca(a)fedoraproject.org> 2.6.0-1
- Initial import; Fixes: RHBZ#2121982
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2121982 - Review Request: python-asn1 - Simple ASN.1 encoder and decoder for
Python
https://bugzilla.redhat.com/show_bug.cgi?id=2121982
--------------------------------------------------------------------------------
================================================================================
python-tabulate-0.8.10-1.fc35 (FEDORA-2022-a2fff1cd5a)
Pretty-print tabular data in Python, a library and a command-line utility
--------------------------------------------------------------------------------
Update Information:
0.8.10: Python 3.10 support. Bug fixes. Column width parameter.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 18 2022 Benjamin A. Beasley <code(a)musicinmybrain.net> - 0.8.10-1
- Update to 0.8.10 (close RHBZ#2099766)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2099766 - python-tabulate-0.8.10 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2099766
--------------------------------------------------------------------------------
================================================================================
quisk-4.2.3-1.fc35 (FEDORA-2022-8985f85ac3)
Software Defined Radio (SDR) software
--------------------------------------------------------------------------------
Update Information:
This is new version of quisk.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 30 2022 Jaroslav ��karvada <jskarvad(a)redhat.com> - 4.2.3-1
- New version
Resolves: rhbz#2122301
* Sat Jul 23 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.2.2-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2122301 - quisk-4.2.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2122301
--------------------------------------------------------------------------------
================================================================================
redhat-rpm-config-202-1.fc35 (FEDORA-2022-5c5e12d1bd)
Red Hat specific rpm configuration files
--------------------------------------------------------------------------------
Update Information:
Add new shell completions macros ``` %bash_completions_dir %{_datadir}/bash-
completion/completions %zsh_completions_dir %{_datadir}/zsh/site-functions
%fish_completions_dir %{_datadir}/fish/vendor_completions.d ```
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 8 2022 Maxwell G <gotmax(a)e.email> - 202-1
- Add macros.shell-completions
--------------------------------------------------------------------------------
================================================================================
strawberry-1.0.8-1.fc35 (FEDORA-2022-9e26b3b20a)
Audio player and music collection organizer
--------------------------------------------------------------------------------
Update Information:
Update to version 1.0.8:
https://github.com/strawberrymusicplayer/strawberry/releases/tag/1.0.8
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 29 2022 Ondrej Mosn����ek <omosnacek(a)gmail.com> 1.0.8-1
- Update to version 1.0.8
- Resolves: rhbz#2122307
--------------------------------------------------------------------------------
================================================================================
vim-pathogen-2.4-9.fc35 (FEDORA-2022-8d1809a617)
Manage your runtimepath
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 30 2022 Artem Polishchuk <ego.cordatus(a)gmail.com> 2.4-9
- chore(update): Latest git snapshot
* Sat Jul 23 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
2.4-7.20210104gite0a3efb
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Sat Jan 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
2.4-6.20210104gite0a3efb
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------