The following Fedora 35 Security updates need testing: Age URL 208 https://bodhi.fedoraproject.org/updates/FEDORA-2022-2e85e6cfc9 libdxfrw-1.0.1-3.fc35 librecad-2.2.0-0.13.rc3.fc35 200 https://bodhi.fedoraproject.org/updates/FEDORA-2022-dfc6924a11 mysql-connector-java-8.0.28-1.fc35 33 https://bodhi.fedoraproject.org/updates/FEDORA-2022-d7f95e65dd booth-1.0-251.3.bfb2f92.git.fc35 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-ddfeee50c9 webkit2gtk3-2.36.7-1.fc35 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-ddee3eb27c thunderbird-102.2.0-1.fc35 3 https://bodhi.fedoraproject.org/updates/FEDORA-2022-fe1a4e3cf0 libtar-1.2.20-25.fc35 3 https://bodhi.fedoraproject.org/updates/FEDORA-2022-680ea95f71 tcpreplay-4.4.2-1.fc35 1 https://bodhi.fedoraproject.org/updates/FEDORA-2022-de968d1b6c rubygem-puma-4.3.6-5.fc35
The following Fedora 35 Critical Path updates have yet to be approved: Age URL 19 https://bodhi.fedoraproject.org/updates/FEDORA-2022-bca7996d14 annobin-10.81-1.fc35 13 https://bodhi.fedoraproject.org/updates/FEDORA-2022-4841fbd892 createrepo_c-0.20.1-1.fc35 13 https://bodhi.fedoraproject.org/updates/FEDORA-2022-2eb835425a fedora-repos-35-4 12 https://bodhi.fedoraproject.org/updates/FEDORA-2022-48e82b4eda dbus-broker-32-1.fc35 9 https://bodhi.fedoraproject.org/updates/FEDORA-2022-564484bcd4 twolame-0.4.0-1.fc35 8 https://bodhi.fedoraproject.org/updates/FEDORA-2022-e4bd968e45 libreport-2.17.2-1.fc35 8 https://bodhi.fedoraproject.org/updates/FEDORA-2022-ad62906a26 shadow-utils-4.9-10.fc35 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-9a3f9767d1 ndctl-74-1.fc35 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-52f71b625b ethtool-5.19-1.fc35 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-19b61cd789 librepo-1.14.4-1.fc35 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-781669c384 glibc-2.34-41.fc35 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-ada487682a tzdata-2022c-1.fc35 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-ddee3eb27c thunderbird-102.2.0-1.fc35 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-ddfeee50c9 webkit2gtk3-2.36.7-1.fc35 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-3a75635d6a kde-settings-35.2-1.fc35 3 https://bodhi.fedoraproject.org/updates/FEDORA-2022-3c8a55de8c sssd-2.7.4-1.fc35 1 https://bodhi.fedoraproject.org/updates/FEDORA-2022-f018f2c368 audit-3.0.9-1.fc35 1 https://bodhi.fedoraproject.org/updates/FEDORA-2022-b6f267b811 koji-1.30.0-1.fc35
The following builds have been pushed to Fedora 35 updates-testing
binutils-2.37-25.fc35 cinfo-0.4.9-1.fc35 credentials-fetcher-0.0.94-1.fc35 ddccontrol-db-20220829-1.fc35 eccodes-2.27.0-1.fc35 exim-4.96-2.fc35 freecad-0.20.1-1.fc35.1 insight-13.0.50.20220502-1.fc35 plasmatube-22.06-1.fc35 python-asn1-2.6.0-1.fc35 python-tabulate-0.8.10-1.fc35 quisk-4.2.3-1.fc35 redhat-rpm-config-202-1.fc35 strawberry-1.0.8-1.fc35 vim-pathogen-2.4-9.fc35
Details about builds:
================================================================================ binutils-2.37-25.fc35 (FEDORA-2022-e5a363e490) A GNU collection of binary utilities -------------------------------------------------------------------------------- Update Information:
Fixes warning when running strip on an object file (#2114597) ---- - Fixes warning when running strip on an object file (#2114597) ---- - Add the --package-metadata option to the linkers. (#2099999) ---- Fix building the binutils for Risc64 and AArch64 ---- - Fix bug in binutils.spec file that was causing the wrong linker flags to be used. - Change the ld man page so that it says that --enable-new-dtags is the default. (#2090818) ---- Stop readelf and objdump from unnecessarily following links. ---- Add support for generating static PIE binaries for the s390x -------------------------------------------------------------------------------- ChangeLog:
* Thu Aug 11 2022 Nick Clifton nickc@redhat.com - 2.37-25 - Fix problems running the linkers LTO testsuite. (#2117284) * Wed Aug 10 2022 Yara Ahmad yahmad@redhat.com - 2.37-24 - Fixes warning when running strip on an object file (#2114597) * Fri Aug 5 2022 Yara Ahmad yahmad@redhat.com - 2.37-23 - Add the --package-metadata option to the linkers. (#2099999) * Wed Aug 3 2022 Yara Ahmad yahmad@redhat.com - 2.37-22 - Restore the use of --enable-64-bit-bfd for the AArch64 and riscv64 targets. - Check and enable 64-bit bfd on aarch64 and riscv64. * Thu Jun 30 2022 Nick Clifton nickc@redhat.com - 2.37-21 - Fix a problem honouring readelf's -wE and -wN command line options. * Wed Jun 8 2022 Yara Ahmad yahmad@redhat.com - 2.37-20 - Fix bug in binutils.spec file that was causing the wrong linker flags to be used. - Change the ld man page so that it says that --enable-new-dtags is the default. (#2090818) * Sat May 21 2022 Nick Clifton nickc@redhat.comn - 2.37-19 - Stop readelf and objdump from unnecessarily following links. (#2086863) * Thu May 19 2022 Nick Clifton nickc@redhat.comn - 2.37-18 - Add support for generating static PIE binaries for s390x. (#2088331) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2086863 - readelf is trying to reach debuginfod remote server? https://bugzilla.redhat.com/show_bug.cgi?id=2086863 --------------------------------------------------------------------------------
================================================================================ cinfo-0.4.9-1.fc35 (FEDORA-2022-3a8870a91d) Fast and minimal system information tool -------------------------------------------------------------------------------- Update Information:
update to 0.4.9 ---- initial package build -------------------------------------------------------------------------------- ChangeLog:
* Tue Aug 30 2022 Jonathan Wright jonathan@almalinux.org 0.4.9-1 - update to 0.4.9 - rhbz#2121986 * Sat Aug 20 2022 Jonathan Wright jonathan@almalinux.org 0.4.8-1 - Initial package build - rhbz#2120002 --------------------------------------------------------------------------------
================================================================================ credentials-fetcher-0.0.94-1.fc35 (FEDORA-2022-a7bd44e159) credentials-fetcher is a daemon that refreshes tickets or tokens periodically -------------------------------------------------------------------------------- Update Information:
Initial package release for credentials fetcher -------------------------------------------------------------------------------- ChangeLog:
* Mon Aug 29 2022 Tom Callaway spotaws@amazon.com - 0.0.94-1 - systemd clean up * Mon Aug 22 2022 Sai Kiran Akula saakla@amazon.com - 0.0.93 - Add validation for read metadata file and rpm install require openldap-clients * Wed Aug 10 2022 Samiullah Mohammed samiull@amazon.com - 0.0.92 - Move binaries to standard Linux directories - Add directory paths as configurable variables in cmake - Generate systemd service file from cmake * Sun Aug 7 2022 Samiullah Mohammed samiull@amazon.com - 0.0.91 - Relocate binary, library files and change permissions * Sat Jul 30 2022 Samiullah Mohammed samiull@amazon.com - 0.0.90 - add ctests and bump revision to 0.0.90 * Thu Jul 28 2022 Samiullah Mohammed samiull@amazon.com - 0.0.1 - Add mono-based utf16 decoder * Tue Jul 12 2022 Samiullah Mohammed samiull@amazon.com - 0.0.1 - Resolve rpath for Fedora and change macros * Sat Jun 18 2022 Sai Kiran Akula saakla@amazon.com - 0.0.1 - Refactor cmake for all the directories * Thu Jun 16 2022 Samiullah Mohammed samiull@amazon.com - 0.0.1 - Compile subdirectory into a shared library * Wed Jun 15 2022 Samiullah Mohammed samiull@amazon.com - 0.0.1 - Add daemon infra * Wed Jun 8 2022 Samiullah Mohammed samiull@amazon.com - 0.0.1 - Fixes to rpm spec * Mon Jun 6 2022 Samiullah Mohammed samiull@amazon.com - 0.0.1 - Initial commit -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2122345 - Review Request: credentials-fetcher - Daemon to allow Windows gMSA accounts to be used in Linux https://bugzilla.redhat.com/show_bug.cgi?id=2122345 --------------------------------------------------------------------------------
================================================================================ ddccontrol-db-20220829-1.fc35 (FEDORA-2022-c7e9292962) DDC/CI control database for ddccontrol -------------------------------------------------------------------------------- Update Information:
New version -------------------------------------------------------------------------------- ChangeLog:
* Tue Aug 30 2022 Jaroslav ��karvada jskarvad@redhat.com - 20220829-1 - New version Resolves: rhbz#2122446 * Thu Jul 21 2022 Fedora Release Engineering releng@fedoraproject.org - 20220629-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Thu Jun 30 2022 Jaroslav ��karvada jskarvad@redhat.com - 20220629-1 - New version Resolves: rhbz#2102037 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2122446 - ddccontrol-db-20220829 is available https://bugzilla.redhat.com/show_bug.cgi?id=2122446 --------------------------------------------------------------------------------
================================================================================ eccodes-2.27.0-1.fc35 (FEDORA-2022-399f2a09e7) WMO data format decoding and encoding -------------------------------------------------------------------------------- Update Information:
Upgrade to upstream version 2.27.0 -------------------------------------------------------------------------------- ChangeLog:
* Mon Aug 29 2022 Jos de Kloe josdekloe@gmail.com - 2.27.0-1 - Upgrade to upstream version 2.27.0 - Added generation of man pages for tools that support the --help option * Thu Jul 21 2022 Fedora Release Engineering releng@fedoraproject.org - 2.26.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2121151 - eccodes-2.27.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2121151 --------------------------------------------------------------------------------
================================================================================ exim-4.96-2.fc35 (FEDORA-2022-1ca1d22165) The exim mail transfer agent -------------------------------------------------------------------------------- Update Information:
This is update of exim to fix CVE-2022-37451. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 21 2022 Fedora Release Engineering releng@fedoraproject.org - 4.96-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Tue Jun 28 2022 Jaroslav ��karvada jskarvad@redhat.com - 4.96-1 - New version Resolves: rhbz#2101104 * Mon May 30 2022 Jitka Plesnikova jplesnik@redhat.com - 4.95-4 - Perl 5.36 rebuild * Thu Jan 20 2022 Fedora Release Engineering releng@fedoraproject.org - 4.95-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Fri Nov 12 2021 Bj��rn Esser besser82@fedoraproject.org - 4.95-2 - Rebuild(libnsl2) - Drop support for NISPLUS, as libnsl2 >= 2.0.0 does not support it anymore * Mon Oct 4 2021 Jaroslav ��karvada jskarvad@redhat.com - 4.95-1 - New version Resolves: rhbz#2008452 * Tue Sep 14 2021 Sahana Prasad sahana@redhat.com - 4.94.2-4 - Rebuilt with OpenSSL 3.0.0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2119782 - CVE-2022-37451 Exim: Exim before 4.96 has an invalid free in pam_converse https://bugzilla.redhat.com/show_bug.cgi?id=2119782 --------------------------------------------------------------------------------
================================================================================ freecad-0.20.1-1.fc35.1 (FEDORA-2022-8d9d83762f) A general purpose 3D CAD modeler -------------------------------------------------------------------------------- Update Information:
Rebuild of proper version for retagged upstream source. -------------------------------------------------------------------------------- ChangeLog:
* Tue Aug 30 2022 Richard Shaw hobbes1069@gmail.com - 1:0.20.1-1.1 - Rebuild for retagged upstream source, fixes rhbz#2121671. --------------------------------------------------------------------------------
================================================================================ insight-13.0.50.20220502-1.fc35 (FEDORA-2022-8e1df11a7a) Graphical debugger based on GDB -------------------------------------------------------------------------------- Update Information:
- New upstream snapshot. - Fixes CVE-2021-3826. - Disable deprecated declaration warnings/errors. - Disable nonnull-compare warnings. - Patch "symtab_no_format_overflow" to avoid a false positive format overflow detection. -------------------------------------------------------------------------------- ChangeLog:
* Mon May 2 2022 Patrick Monnerat patrick@monnerat.net 13.0.50.20220502-1 - New upstream snapshot. - Disable deprecated declaration warnings/errors. - Disable nonnull-compare warnings. - Patch "symtab_no_format_overflow" to avoid a false positive format overflow detection. * Thu Jan 20 2022 Fedora Release Engineering releng@fedoraproject.org - 11.0.50.20201215-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2122627 - CVE-2021-3826 libiberty: Heap/stack buffer overflow in the dlang_lname function in d-demangle.c https://bugzilla.redhat.com/show_bug.cgi?id=2122627 --------------------------------------------------------------------------------
================================================================================ plasmatube-22.06-1.fc35 (FEDORA-2022-1a5c4181f0) YouTube video player based on QtMultimedia and youtube-dl -------------------------------------------------------------------------------- Update Information:
Plasmatube for F35 -------------------------------------------------------------------------------- ChangeLog:
* Thu May 5 2022 Justin Zobel justin@1707.io - 22.04-1 - Update to 22.04 * Tue Mar 1 2022 Jusitn Zobel justin@1707.io - 22.02-1 - Update to 22.02 * Wed Dec 22 2021 Justin Zobel justin@1707.io - 21.12-1 - Initial version of package --------------------------------------------------------------------------------
================================================================================ python-asn1-2.6.0-1.fc35 (FEDORA-2022-86199f4907) Simple ASN.1 encoder and decoder for Python -------------------------------------------------------------------------------- Update Information:
Initial import; Fixes: RHBZ#2121982 -------------------------------------------------------------------------------- ChangeLog:
* Tue Aug 30 2022 Davide Cavalca dcavalca@fedoraproject.org 2.6.0-1 - Initial import; Fixes: RHBZ#2121982 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2121982 - Review Request: python-asn1 - Simple ASN.1 encoder and decoder for Python https://bugzilla.redhat.com/show_bug.cgi?id=2121982 --------------------------------------------------------------------------------
================================================================================ python-tabulate-0.8.10-1.fc35 (FEDORA-2022-a2fff1cd5a) Pretty-print tabular data in Python, a library and a command-line utility -------------------------------------------------------------------------------- Update Information:
0.8.10: Python 3.10 support. Bug fixes. Column width parameter. -------------------------------------------------------------------------------- ChangeLog:
* Thu Aug 18 2022 Benjamin A. Beasley code@musicinmybrain.net - 0.8.10-1 - Update to 0.8.10 (close RHBZ#2099766) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2099766 - python-tabulate-0.8.10 is available https://bugzilla.redhat.com/show_bug.cgi?id=2099766 --------------------------------------------------------------------------------
================================================================================ quisk-4.2.3-1.fc35 (FEDORA-2022-8985f85ac3) Software Defined Radio (SDR) software -------------------------------------------------------------------------------- Update Information:
This is new version of quisk. -------------------------------------------------------------------------------- ChangeLog:
* Tue Aug 30 2022 Jaroslav ��karvada jskarvad@redhat.com - 4.2.3-1 - New version Resolves: rhbz#2122301 * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org - 4.2.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2122301 - quisk-4.2.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2122301 --------------------------------------------------------------------------------
================================================================================ redhat-rpm-config-202-1.fc35 (FEDORA-2022-5c5e12d1bd) Red Hat specific rpm configuration files -------------------------------------------------------------------------------- Update Information:
Add new shell completions macros ``` %bash_completions_dir %{_datadir}/bash- completion/completions %zsh_completions_dir %{_datadir}/zsh/site-functions %fish_completions_dir %{_datadir}/fish/vendor_completions.d ``` -------------------------------------------------------------------------------- ChangeLog:
* Mon Aug 8 2022 Maxwell G gotmax@e.email - 202-1 - Add macros.shell-completions --------------------------------------------------------------------------------
================================================================================ strawberry-1.0.8-1.fc35 (FEDORA-2022-9e26b3b20a) Audio player and music collection organizer -------------------------------------------------------------------------------- Update Information:
Update to version 1.0.8: https://github.com/strawberrymusicplayer/strawberry/releases/tag/1.0.8 -------------------------------------------------------------------------------- ChangeLog:
* Mon Aug 29 2022 Ondrej Mosn����ek omosnacek@gmail.com 1.0.8-1 - Update to version 1.0.8 - Resolves: rhbz#2122307 --------------------------------------------------------------------------------
================================================================================ vim-pathogen-2.4-9.fc35 (FEDORA-2022-8d1809a617) Manage your runtimepath -------------------------------------------------------------------------------- Update Information:
Update to latest version -------------------------------------------------------------------------------- ChangeLog:
* Tue Aug 30 2022 Artem Polishchuk ego.cordatus@gmail.com 2.4-9 - chore(update): Latest git snapshot * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org - 2.4-7.20210104gite0a3efb - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Sat Jan 22 2022 Fedora Release Engineering releng@fedoraproject.org - 2.4-6.20210104gite0a3efb - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild --------------------------------------------------------------------------------
test-reports@lists.fedoraproject.org