The following Fedora 37 Security updates need testing:
Age URL
15
https://bodhi.fedoraproject.org/updates/FEDORA-2022-3b4c68d85d
golang-1.19.4-1.fc37
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-a36ba48049
binwalk-2.3.3-1.fc37
2
https://bodhi.fedoraproject.org/updates/FEDORA-2022-8146a727a8
GitPython-3.1.30-1.fc37
The following Fedora 37 Critical Path updates have yet to be approved:
Age URL
59
https://bodhi.fedoraproject.org/updates/FEDORA-2022-700705c81b
unbound-1.17.0-1.fc37
48
https://bodhi.fedoraproject.org/updates/FEDORA-2022-a1bfac29ac
python-rpmautospec-0.3.1-1.fc37
37
https://bodhi.fedoraproject.org/updates/FEDORA-2022-26a1391176
annobin-10.93-1.fc37
22
https://bodhi.fedoraproject.org/updates/FEDORA-2022-28dc37634d
dnsmasq-2.88-1.fc37
19
https://bodhi.fedoraproject.org/updates/FEDORA-2022-bf8feea173 lorax-37.10-1.fc37
13
https://bodhi.fedoraproject.org/updates/FEDORA-2022-16b288b12d git-2.39.0-1.fc37
12
https://bodhi.fedoraproject.org/updates/FEDORA-2022-106a8e01bc
tpm2-tss-3.2.1-1.fc37
12
https://bodhi.fedoraproject.org/updates/FEDORA-2022-2bc7296765 clevis-18-14.fc37
8
https://bodhi.fedoraproject.org/updates/FEDORA-2022-7edcc46973
thunderbird-102.6.0-2.fc37
7
https://bodhi.fedoraproject.org/updates/FEDORA-2022-f6e640dd82
libretls-3.7.0-1.fc37 netcat-1.219-2.fc37 rpki-client-8.2-3.fc37
7
https://bodhi.fedoraproject.org/updates/FEDORA-2022-edda4c3b97
libpwquality-1.4.5-1.fc37
5
https://bodhi.fedoraproject.org/updates/FEDORA-2022-3c0faf96b8
libqalculate-4.5.0-1.fc37 qalculate-gtk-4.5.0-1.fc37 qalculate-qt-4.5.0-1.fc37
The following builds have been pushed to Fedora 37 updates-testing
emacs-28.2-1.fc37
gi-docgen-2022.2-3.fc37
iwd-2.1-1.fc37
libell-0.55-1.fc37
magic-8.3.358-1.fc37
mame-0.251-1.fc37
mesa-22.3.2-1.fc37
mingw-filesystem-145-1.fc37
mmapper-22.12.1-1.fc37
python-dask-2022.12.1-1.fc37~bootstrap
rEFInd-0.13.3.1-5.fc37
rednotebook-2.29-1.fc37
unrealircd-6.0.5-1.fc37
waydroid-1.3.4-3.fc37
xfe-1.45-1.fc37
Details about builds:
================================================================================
emacs-28.2-1.fc37 (FEDORA-2022-d69c7f95a4)
GNU Emacs text editor
--------------------------------------------------------------------------------
Update Information:
Update to Emacs 28.2
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 1 2022 Dan ��erm��k <dan.cermak(a)cgc-instruments.com> - 1:28.2-1
- New upstream release 28.2, fixes rhbz#2126048
- Add patch to fix CVE-2022-45939, fixes rhbz#2149381
- spawn native-compilation processes with -Q rhbz#2155824 (petersen)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2108993 - Latest Emacs update (28.1-2) hanging system
https://bugzilla.redhat.com/show_bug.cgi?id=2108993
[ 2 ] Bug #2109473 - When install emacs-common-ess, emacs crashes the system when it
starts.
https://bugzilla.redhat.com/show_bug.cgi?id=2109473
[ 3 ] Bug #2109717 - emacs (emacs-ess) freezes system
https://bugzilla.redhat.com/show_bug.cgi?id=2109717
[ 4 ] Bug #2109745 - emacs-ess spawn multiple processes with ... --batch -l
/tmp/emacs-async-comp-ess-custom-*.el
https://bugzilla.redhat.com/show_bug.cgi?id=2109745
[ 5 ] Bug #2138441 - i3-gaps-4.21.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2138441
[ 6 ] Bug #2149381 - CVE-2022-45939 emacs: ctags local command execution vulnerability
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2149381
[ 7 ] Bug #2155824 - emacs-ess spawn multiple processes with ... --batch -l
/tmp/emacs-async-comp-ess-custom-*.el
https://bugzilla.redhat.com/show_bug.cgi?id=2155824
--------------------------------------------------------------------------------
================================================================================
gi-docgen-2022.2-3.fc37 (FEDORA-2022-9fda3ae186)
Documentation tool for GObject-based libraries
--------------------------------------------------------------------------------
Update Information:
Use tomllib instated of deprecated python3-toml
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 30 2022 Miro Hron��ok <miro(a)hroncok.cz> 2022.2-3
- Use tomllib (tomli) instated of deprecated python3-toml
--------------------------------------------------------------------------------
================================================================================
iwd-2.1-1.fc37 (FEDORA-2022-6d4b84a256)
Wireless daemon for Linux
--------------------------------------------------------------------------------
Update Information:
Update to 2.1
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 31 2022 Peter Robinson <pbrobinson(a)fedoraproject.org> - 2.1-1
- Update to 2.1
* Sun Nov 20 2022 Neal Gompa <ngompa(a)fedoraproject.org> - 2.0-2
- Properly remove files intended to be excluded from the package
--------------------------------------------------------------------------------
================================================================================
libell-0.55-1.fc37 (FEDORA-2022-6d4b84a256)
Embedded Linux library
--------------------------------------------------------------------------------
Update Information:
Update to 2.1
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 19 2022 Peter Robinson <pbrobinson(a)fedoraproject.org> - 0.55-1
- Update to 0.55
--------------------------------------------------------------------------------
================================================================================
magic-8.3.358-1.fc37 (FEDORA-2022-ebec05738d)
A very capable VLSI layout tool
--------------------------------------------------------------------------------
Update Information:
New version 8.3.357 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 31 2022 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 8.3.358-1
- 8.3.358
--------------------------------------------------------------------------------
================================================================================
mame-0.251-1.fc37 (FEDORA-2022-b8f2e6a1ba)
Multiple Arcade Machine Emulator
--------------------------------------------------------------------------------
Update Information:
Update to the latest upstream release: *
https://www.mamedev.org/?p=520
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 31 2022 Julian Sikorski <belegdol(a)fedoraproject.org> 0.251-1
- Update to 0.251
--------------------------------------------------------------------------------
================================================================================
mesa-22.3.2-1.fc37 (FEDORA-2022-4fb6462602)
Mesa graphics libraries
--------------------------------------------------------------------------------
Update Information:
Update to 22.3.2
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 31 2022 Pete Walter <pwalter(a)fedoraproject.org> 22.3.2-1
- Update to 22.3.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2156967 - mesa-22.3.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2156967
--------------------------------------------------------------------------------
================================================================================
mingw-filesystem-145-1.fc37 (FEDORA-2022-4796d4b0d1)
MinGW cross compiler base filesystem and environment
--------------------------------------------------------------------------------
Update Information:
Fix mingw-find-lang.sh return code.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 31 2022 Sandro Mani <manisandro(a)gmail.com> - 145-1
- Fix mingw-find-lang.sh exit code
* Fri Dec 23 2022 Sandro Mani <manisandro(a)gmail.com> - 144-1
- Add mingw-qmake-qt6 macros, drop mingw-cmake-kde4 macros
--------------------------------------------------------------------------------
================================================================================
mmapper-22.12.1-1.fc37 (FEDORA-2022-4ca5d38ac8)
Graphical MUME mapper
--------------------------------------------------------------------------------
Update Information:
MMapper 22.12.1 release.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 31 2022 Kalev Lember <klember(a)redhat.com> - 22.12.1-1
- Update to 22.12.1
--------------------------------------------------------------------------------
================================================================================
python-dask-2022.12.1-1.fc37~bootstrap (FEDORA-2022-141fe5f984)
Parallel PyData with Task Scheduling
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 18 2022 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> 2022.12.1-1
- Update to latest version (#2154467)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2154467 - python-dask-2022.12.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2154467
--------------------------------------------------------------------------------
================================================================================
rEFInd-0.13.3.1-5.fc37 (FEDORA-2022-e0c2a374e6)
User friendly EFI boot manager
--------------------------------------------------------------------------------
Update Information:
Fix `refind-install` and auto-install the correct bootloader package per
architecture
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 31 2022 Neal Gompa <ngompa(a)fedoraproject.org> - 0.13.3.1-5
- Make sure rEFInd metapackage pulls in correct bootloader package (rhbz#2157177)
- Fix syntax error in refind-install caused by efi-size detection patch (rhbz#2157178)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2157177 - rEFInd dependencies installs the wrong architecture
https://bugzilla.redhat.com/show_bug.cgi?id=2157177
[ 2 ] Bug #2157178 - refind-install syntax error
https://bugzilla.redhat.com/show_bug.cgi?id=2157178
--------------------------------------------------------------------------------
================================================================================
rednotebook-2.29-1.fc37 (FEDORA-2022-253ea89ded)
Daily journal with calendar, templates and keyword searching
--------------------------------------------------------------------------------
Update Information:
New upstream version 2.29. ---- New upstream version 2.28.1. ---- New
upstream version 2.28.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 31 2022 Phil Wyett <philip.wyett(a)kathenas.org> - 2.29-1
- New upstream version 2.29
* Thu Dec 29 2022 Phil Wyett <philip.wyett(a)kathenas.org> - 2.28.1-1
- New upstream version 2.28.1
* Wed Dec 28 2022 Phil Wyett <philip.wyett(a)kathenas.org> - 2.28-1
- New upstream version 2.28
--------------------------------------------------------------------------------
================================================================================
unrealircd-6.0.5-1.fc37 (FEDORA-2022-f282a4a044)
Open Source IRC server
--------------------------------------------------------------------------------
Update Information:
# UnrealIRCd 6.0.5 This release adds experimental JSON-RPC support, a new TLINE
command, logging to files has been improved and there are several other
enhancements. There are also two important changes: 1) servers that use
websockets now also need to load the "webserver" module (so you may need to
edit
your config file). 2) upstream now requires by default TLSv1.2 or higher and a
modern cipher for IRC clients. This should be no problem for clients using any
reasonably new SSL/TLS library (from 2014 or later). ## Enhancements *
Internally the websocket module has been split up into 3 modules:
`websocket_common`, `webserver` and `websocket`. The `websocket_common` one is
loaded by default via modules.default.conf, the other two are not.
**Important:** If you use websockets then you need to load two modules now
(instead of only one): ``` loadmodule "websocket"; loadmodule
"webserver";
``` * [
JSON-RPC](https://www.unrealircd.org/docs/JSON-RPC) API for UnrealIRCd.
This is work in progress. * New `TLINE` command to test *LINEs. This can be
especially useful for checking how many people match an [extended server
ban](https://www.unrealircd.org/docs/Extended_server_bans) such as `TLINE ~C:NL`
* When an IRCOp is outside the channel and does `MODE #channel` they will now
get to see the mode parameters too. This depends on the
`channel:see:mode:remote` [operclass
permission](https://www.unrealircd.org/docs/Operclass_permissions) which all
IRCOps have by default if you use the default operclasses. * [Logging to a
file](https://www.unrealircd.org/docs/Log_block) now creates a directory
structure if needed. * You could already use: ``` log { source {
!debug; all; } destination { file "ircd.%Y-%m-%d.log"; } } ``` * But now
you can also use: ``` log { source { !debug; all; } destination { file
"%Y-%m-%d/ircd.log"; } } ``` This is especially useful if you output to
multiple log files and then want them grouped by date in a directory. * Add
additional variables in
[
blacklist::reason](https://www.unrealircd.org/docs/Blacklist_block): *
`$blacklist`: name of the blacklist block * `$dnsname`: the
blacklist::dns::name * `$dnsreply`: the DNS reply code * Resolved technical
issue so opers can `REHASH` from [Websocket
connections](https://www.unrealircd.org/docs/WebSocket_support). * In the [TLD
block](https://www.unrealircd.org/docs/Tld_block) the use of `tld::motd` and
`tld::rules` is now optional. * Log which oper actually initiated a server link
request (`CONNECT`) ## Changes * SSL/TLS: By default upstream now requires
TLSv1.2 or later and a modern cipher with forward secrecy. Otherwise the
connection is refused. * Since UnrealIRCd 4.2.2 (March 2019) users see an on-
connect notice with a warning when they use an outdated TLS protocol or cipher
that does not meet these requirements. * This move also reflects the phase out
of versions below TLSv1.2 which happened in browsers in 2020/2021. * In
practice on the client-side this requires at least: * OpenSSL 1.0.1
(released in 2012) * GnuTLS 3.2.6 (2013) * Android 4.4.2 (2013) * Or
presumably any other SSL/TLS library that is not 9+ years old * If you want to
revert back to the previous less secure settings, then look under ''Previous
less secure setting'' in [TLS Ciphers and
protocols](https://www.unrealircd.org/docs/TLS_Ciphers_and_protocols). * The
code for handling [`set::anti-flood::everyone::connect-
flood`](https://www.unrealircd.org/docs/Anti-flood_settings#connect-flood) is
now in its own module `connect-flood`. This module is loaded by default, no
changes needed in your configuration file. * Similarly, [`set:max-unknown-
connections-per-ip`](https://www.unrealircd.org/docs/Set_block#set::max-u...
connections-per-ip) is now handled by the new module `max-unknown-connections-
per-ip`. This module is loaded by default as well, no changes needed in your
configuration file. * When timing out on the
[
authprompt](https://www.unrealircd.org/docs/Set_block#set::authentication-
prompt) module, the error (quit message) is now the original (ban) reason for
the prompt, instead of the generic `Registration timeout`. ## Fixes * Crash
when linking. This requires a certain sequence of events: first a server is
linked in successfully, then it needs to REHASH, and then a new link attempt has
to come in with the same server name (for example because there is a network
issue and the old link has not timed out yet). If all that happens, then an
UnreaIRCd 6 server may crash, but not always. * Warning message about moddata
creationtime when linking. * [Snomask
`+j`](https://www.unrealircd.org/docs/Snomasks) was not showing remote joins,
even though it did show remote parts and kicks. * Leak of 1 file descriptor per
/REHASH (the control socket). * Ban letters showing up twice in 005 EXTBAN= *
Setting [set::authentication-
prompt::enabled](https://www.unrealircd.org/docs/Set_block#set::authentic...
prompt) to `no` was ignored. The default is still `yes`. ## Developers and
protocol * Add `CALL_CMD_FUNC(cmd_func_name)` for calling commands in the same
module, see [this
commit](https://github.com/unrealircd/unrealircd/commit/dc55c3
ec9f19e5ed284e5a786f646d0e6bb60ef9). Benefit of this is that it will keep
working if we ever change command paramters. * Add
`CALL_NEXT_COMMAND_OVERRIDE()` which can be used instead of
`CallCommandOverride()`, see also [this
commit](https://github.com/unrealircd/un
realircd/commit/4e5598b6cf0986095f757f31a2540b03e4d235dc). This too, will keep
working if we ever change command parameters. * During loading and rehash we now
set `loop.config_status` to one of `CONFIG_STATUS_*` so modules (and core) can
see at what step we are during configuration file and module processing. * New
RPC API. See the `src/modules/rpc/` directory for examples. * New function
`get_nvplist(NameValuePrioList *list, const char *name)`
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 31 2022 Robert Scheck <robert(a)fedoraproject.org> 6.0.5-1
- Upgrade to 6.0.5 (#2151482)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2151482 - unrealircd-6.0.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2151482
--------------------------------------------------------------------------------
================================================================================
waydroid-1.3.4-3.fc37 (FEDORA-2022-9360cde92d)
Container-based approach to boot a full Android system on GNU/Linux
--------------------------------------------------------------------------------
Update Information:
Initial package
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 27 2022 Alessandro Astone <ales.astone(a)gmail.com> - 1.3.4-3
- Fix description typos etc.
- Validate desktop and metainfo files
- Reorder post install scriptlets
* Sun Dec 25 2022 Alessandro Astone <ales.astone(a)gmail.com> - 1.3.4-2
- Add selinux label to android rootfs
- Make package noarch
* Wed Dec 14 2022 Alessandro Astone <ales.astone(a)gmail.com> - 1.3.4-1
- Update to 1.3.4
* Sat Nov 5 2022 Alessandro Astone <ales.astone(a)gmail.com> - 1.3.3-3
- Override selinux context of the android rootfs
- Fixes
https://github.com/casualsnek/waydroid_script
* Sun Oct 30 2022 Alessandro Astone <ales.astone(a)gmail.com> - 1.3.3-2
- Add sepolicy for updating from the android app
* Sun Sep 25 2022 Alessandro Astone <ales.astone(a)gmail.com> - 1.3.3-1
- Update to 1.3.3
* Fri Sep 2 2022 Alessandro Astone <ales.astone(a)gmail.com> - 1.3.1-1
- Update to 1.3.1
* Tue Aug 9 2022 Alessandro Astone <ales.astone(a)gmail.com> - 1.3.0-1
- Update to 1.3.0
* Sun Apr 17 2022 Alessandro Astone <ales.astone(a)gmail.com> - 1.2.1-1
- Update to 1.2.1
* Mon Mar 7 2022 Alessandro Astone <ales.astone(a)gmail.com> -
1.2.0-7.20220307git1.2.0
- Recommend pyclip
* Sat Feb 26 2022 Alessandro Astone <ales.astone(a)gmail.com> -
1.2.0-5.20220226git1.2.0
- Add sepolicy for crash handler
* Fri Feb 25 2022 Alessandro Astone <ales.astone(a)gmail.com> -
1.2.0-4.20220225git1.2.0
- Respin package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2120119 - Review Request: waydroid - run android applications on wayland
https://bugzilla.redhat.com/show_bug.cgi?id=2120119
--------------------------------------------------------------------------------
================================================================================
xfe-1.45-1.fc37 (FEDORA-2022-056ee1762b)
X File Explorer File Manager
--------------------------------------------------------------------------------
Update Information:
New version 1.45 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 31 2022 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.45-1
- 1.45
--------------------------------------------------------------------------------