The following Fedora 36 Security updates need testing: Age URL 19 https://bodhi.fedoraproject.org/updates/FEDORA-2022-6d2b6ad1a6 golang-1.18.9-1.fc36 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-ce7369b9ec GitPython-3.1.30-1.fc36 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-e37f239f2e emacs-28.2-1.fc36 1 https://bodhi.fedoraproject.org/updates/FEDORA-2022-15729fa33d perl-Alien-ProtoBuf-0.09-17.fc36 protobuf-3.19.6-1.fc36 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-c8a60f6f80 qemu-6.2.0-17.fc36 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-11256597a8 mingw-binutils-2.37-6.fc36 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-78b4ce2f23 pypy3.8-7.3.11-1.3.8.fc36 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-5c6f32db6f yarnpkg-1.22.19-2.fc36
The following Fedora 36 Critical Path updates have yet to be approved: Age URL 52 https://bodhi.fedoraproject.org/updates/FEDORA-2022-beaae40a8f python-rpmautospec-0.3.1-1.fc36 50 https://bodhi.fedoraproject.org/updates/FEDORA-2022-ca291a78cf glibc-2.35-21.fc36 27 https://bodhi.fedoraproject.org/updates/FEDORA-2022-df7e4caec9 gnome-shell-42.7-1.fc36 mutter-42.7-1.fc36 16 https://bodhi.fedoraproject.org/updates/FEDORA-2022-fabaf54050 gdb-12.1-3.fc36 13 https://bodhi.fedoraproject.org/updates/FEDORA-2022-b6c29072a3 thunderbird-102.6.0-2.fc36 13 https://bodhi.fedoraproject.org/updates/FEDORA-2022-e7408b527a libksba-1.6.3-1.fc36 11 https://bodhi.fedoraproject.org/updates/FEDORA-2022-2a77cf04a0 libretls-3.7.0-1.fc36 netcat-1.219-2.fc36 rpki-client-8.2-3.fc36 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-e37f239f2e emacs-28.2-1.fc36 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-fcfcd41adf btrfs-progs-6.1.1-1.fc36 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-c8a60f6f80 qemu-6.2.0-17.fc36 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-245bb1cb57 whois-5.5.15-1.fc36 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-4095af1560 libpcap-1.10.2-1.fc36 tcpdump-4.99.2-1.fc36 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-319963375c edk2-20221117gitfff6d81270b5-9.fc36 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-0f7d9581f0 bash-5.2.15-1.fc36 1 https://bodhi.fedoraproject.org/updates/FEDORA-2022-15729fa33d perl-Alien-ProtoBuf-0.09-17.fc36 protobuf-3.19.6-1.fc36
The following builds have been pushed to Fedora 36 updates-testing
bear-factory-0.7.0-0.39.20200220git2a78522.fc36 bemenu-0.6.14-1.fc36 cacti-1.2.23-1.fc36 cacti-spine-1.2.23-1.fc36 container-selinux-2.197.0-1.fc36 containers-common-1-65.fc36 coreutils-9.0-9.fc36 dovecot-2.3.20-1.fc36 erlang-24.3.4.7-1.fc36 filezilla-3.62.2-1.fc36 gscan2pdf-2.13.1-1.fc36 hamlib-4.5.3-1.fc36 hwdata-0.366-1.fc36 imhex-1.26.0-1.fc36 kernel-6.0.17-200.fc36 kweather-22.11-2.fc36 libfilezilla-0.40.0-1.fc36 lighttpd-1.4.68-1.fc36 mbedtls-2.28.2-1.fc36 media-downloader-2.8.0-1.fc36 mozilla-noscript-11.4.14-1.fc36 mozilla-privacy-badger-2022.9.27-1.fc36 newsboat-2.30.1-1.fc36 osbuild-75-1.fc36 packit-0.65.2-1.fc36 php-8.1.14-1.fc36 powdertoy-97.0.352-1.fc36 pypy3.9-7.3.11-1.3.9.fc36 python-identify-2.5.12-1.fc36 python-whois-0.9.21-1.fc36 stellarium-1.2-1.fc36 timeline-2.8.0-1.fc36 tokodon-23.01.0-2.fc36 tuxpaint-0.9.28-4.fc36 ufdbGuard-1.35.4-1.fc36 wabt-1.0.32-1.fc36
Details about builds:
================================================================================ bear-factory-0.7.0-0.39.20200220git2a78522.fc36 (FEDORA-2023-38fd56a95c) Game engine and editors dedicated to creating great 2D games -------------------------------------------------------------------------------- Update Information:
Rebuild with wxWidgets 3.2 -------------------------------------------------------------------------------- ChangeLog:
* Mon Sep 12 2022 Scott Talbert swt@techie.net - 0.7.0-0.39.20200220git2a78522 - Rebuild with wxWidgets 3.2 --------------------------------------------------------------------------------
================================================================================ bemenu-0.6.14-1.fc36 (FEDORA-2023-0e654eea01) Dynamic menu library and client program inspired by dmenu -------------------------------------------------------------------------------- Update Information:
Update to version 0.6.14. -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 4 2023 Jan Stan��k jstanek@redhat.com 0.6.14-1 - Update to version 0.6.14 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2154167 - bemenu-0.6.14 is available https://bugzilla.redhat.com/show_bug.cgi?id=2154167 --------------------------------------------------------------------------------
================================================================================ cacti-1.2.23-1.fc36 (FEDORA-2023-d4085a681f) An rrd based graphing tool -------------------------------------------------------------------------------- Update Information:
- Update to 1.2.23 - CVE-46169 Release notes: https://www.cacti.net/info/changelog/1.2.23 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 4 2023 Morten Stevens mstevens@fedoraproject.org - 1.2.23-1 - Update to 1.2.23 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2151572 - CVE-2022-46169 cacti: unauthenticated command injection https://bugzilla.redhat.com/show_bug.cgi?id=2151572 --------------------------------------------------------------------------------
================================================================================ cacti-spine-1.2.23-1.fc36 (FEDORA-2023-d4085a681f) Threaded poller for Cacti written in C -------------------------------------------------------------------------------- Update Information:
- Update to 1.2.23 - CVE-46169 Release notes: https://www.cacti.net/info/changelog/1.2.23 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 4 2023 Morten Stevens mstevens@fedoraproject.org - 1.2.23-1 - Update to 1.2.23 * Tue Dec 13 2022 Florian Weimer fweimer@redhat.com - 1.2.22-2 - Port configure script to C99 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2151572 - CVE-2022-46169 cacti: unauthenticated command injection https://bugzilla.redhat.com/show_bug.cgi?id=2151572 --------------------------------------------------------------------------------
================================================================================ container-selinux-2.197.0-1.fc36 (FEDORA-2023-28e06b8c63) SELinux policies for container runtimes -------------------------------------------------------------------------------- Update Information:
bump to v2.197.0 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 4 2023 Lokesh Mandvekar lsm5@fedoraproject.org 2:2.197.0-1 - bump to v2.197.0 --------------------------------------------------------------------------------
================================================================================ containers-common-1-65.fc36 (FEDORA-2023-0250bbcd04) Common configuration and documentation for containers -------------------------------------------------------------------------------- Update Information:
Add /etc/containers/systemd and /usr/share/containers/systemd dirs -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 4 2023 Alexander Larsson alexl@redhat.com 4:1-65 - Add /etc/containers/systemd and /usr/share/containers/systemd dirs * Wed Jan 4 2023 Daniel J Walsh dwalsh@redhat.com 4:1-64 - Change container-selinux to a recommends * Wed Jan 4 2023 Lokesh Mandvekar lsm5@fedoraproject.org 4:1-63 - install RPM-GPG-KEY-redhat-release only on fedora and centos environments --------------------------------------------------------------------------------
================================================================================ coreutils-9.0-9.fc36 (FEDORA-2023-d482999900) A set of basic GNU tools commonly used in shell scripts -------------------------------------------------------------------------------- Update Information:
- basic support for checking NFSv4 ACLs (#2137866) -------------------------------------------------------------------------------- ChangeLog:
* Mon Jan 2 2023 Kamil Dudka kdudka@redhat.com - 9.0-9 - basic support for checking NFSv4 ACLs (#2137866) --------------------------------------------------------------------------------
================================================================================ dovecot-2.3.20-1.fc36 (FEDORA-2023-545f12d613) Secure imap and pop3 server -------------------------------------------------------------------------------- Update Information:
dovecot updated to 2.3.20, pigeonhole to 0.5.20 -------------------------------------------------------------------------------- ChangeLog:
* Mon Jan 2 2023 Michal Hlavinka mhlavink@redhat.com - 1:2.3.20-1 - updated to 2.3.20, pigeonhole to 0.5.20 * Mon Jan 2 2023 Florian Weimer fweimer@redhat.com - 1:2.3.19.1-8 - Port configure script to C99 * Sat Dec 31 2022 Pete Walter pwalter@fedoraproject.org - 1:2.3.19.1-7 - Rebuild for ICU 72 --------------------------------------------------------------------------------
================================================================================ erlang-24.3.4.7-1.fc36 (FEDORA-2023-615452a8de) General-purpose programming language and runtime environment -------------------------------------------------------------------------------- Update Information:
Erlang ver. 24.3.4.7 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 4 2023 Peter Lemenkov lemenkov@gmail.com - 24.3.4.7-1 - Ver. 24.3.4.7 --------------------------------------------------------------------------------
================================================================================ filezilla-3.62.2-1.fc36 (FEDORA-2023-469a4bc0f0) FTP, FTPS and SFTP client -------------------------------------------------------------------------------- Update Information:
Filezilla 3.62.2, libfilezilla 0.40.0 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 4 2023 Gwyn Ciesla gwync@protonmail.com - 3.62.2-1 - 3.62.2 * Fri Jul 22 2022 Gwyn Ciesla gwync@protonmail.com - 3.60.2-1 - 3.60.2 * Thu Jul 21 2022 Fedora Release Engineering releng@fedoraproject.org - 3.60.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Wed Jul 20 2022 Gwyn Ciesla gwync@protonmail.com - 3.60.1-3 - libfilezilla rebuild * Tue Jul 12 2022 Gwyn Ciesla gwync@protonmail.com - 3.60.1-2 - libfilezilla rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2157590 - Update FileZilla to 3.62.2 https://bugzilla.redhat.com/show_bug.cgi?id=2157590 --------------------------------------------------------------------------------
================================================================================ gscan2pdf-2.13.1-1.fc36 (FEDORA-2023-684b5f60fc) GUI for producing a multipage PDF from a scan -------------------------------------------------------------------------------- Update Information:
This release fixes handling symbolic links to TIFF files. It also updates Hungarian translation. -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 3 2023 Petr Pisar ppisar@redhat.com - 2.13.1-1 - 2.13.1 bump -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2154415 - gscan2pdf-2.13.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2154415 --------------------------------------------------------------------------------
================================================================================ hamlib-4.5.3-1.fc36 (FEDORA-2023-02b17ef538) Run-time library to control radio transceivers and receivers -------------------------------------------------------------------------------- Update Information:
Version 4.5.2 2022-12-23 * Fix PowerSDR ability to do commands while powered off * Fix TX-500 operations * Fix FTDX5000 to return to MIC input on closing * Fix rig.c calling rig_get_mode when backend does not have get_mode * Fix kenwood_ts890_get_level * Add Prosistel D elevation CBOX az to fix problem with azimuth control * Fix FT736R gpredict usage by adding cached get_freq * Fix get_powerstat problem with Log4OM/Flex and others * Fix -R option to not need argument * Fix -R option to close rig on last rigctld client disconnect * Add FTDX1200 to rigs that need to ensure PTT is off before changing frequency * Add --disable-parallel configure option for mingw builds on Linux -------------------------------------------------------------------------------- ChangeLog:
* Sun Jan 1 2023 Richard Shaw hobbes1069@gmail.com - 4.5.3-1 - Update to 4.5.3. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2157219 - hamlib-4.5.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2157219 --------------------------------------------------------------------------------
================================================================================ hwdata-0.366-1.fc36 (FEDORA-2023-382b67affe) Hardware identification and configuration data -------------------------------------------------------------------------------- Update Information:
Update pci, usb and vendor ids -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 4 2023 Vitezslav Crhonek vcrhonek@redhat.com - 0.366-1 - Update pci, usb and vendor ids --------------------------------------------------------------------------------
================================================================================ imhex-1.26.0-1.fc36 (FEDORA-2023-364221697f) A hex editor for reverse engineers and programmers -------------------------------------------------------------------------------- Update Information:
update to 1.26.0 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 4 2023 Jonathan Wright jonathan@almalinux.org - 1.26.0-1 - update to 1.26.0 rhbz#2158207 --------------------------------------------------------------------------------
================================================================================ kernel-6.0.17-200.fc36 (FEDORA-2023-a7c865cb1e) The Linux kernel -------------------------------------------------------------------------------- Update Information:
The 6.0.17 stable kernel update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 4 2023 Justin M. Forbes jforbes@fedoraproject.org [6.0.17-0] - Linux v6.0.17 --------------------------------------------------------------------------------
================================================================================ kweather-22.11-2.fc36 (FEDORA-2023-83777994cb) Convergent KDE weather application -------------------------------------------------------------------------------- Update Information:
kweather Fedora 37 rebuild to include runtime dependency Kirigami Addons -------------------------------------------------------------------------------- ChangeLog:
--------------------------------------------------------------------------------
================================================================================ libfilezilla-0.40.0-1.fc36 (FEDORA-2023-469a4bc0f0) C++ Library for FileZilla -------------------------------------------------------------------------------- Update Information:
Filezilla 3.62.2, libfilezilla 0.40.0 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 4 2023 Gwyn Ciesla gwync@protonmail.com - 0.40.0-1 - 0.40.0 * Thu Jul 21 2022 Fedora Release Engineering releng@fedoraproject.org - 0.38.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Wed Jul 20 2022 Gwyn Ciesla gwync@protonmail.com - 0.38.1-1 - 0.38.1 * Fri Jul 8 2022 Gwyn Ciesla gwync@protonmail.com - 0.38.0-1 - 0.38.0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2157590 - Update FileZilla to 3.62.2 https://bugzilla.redhat.com/show_bug.cgi?id=2157590 --------------------------------------------------------------------------------
================================================================================ lighttpd-1.4.68-1.fc36 (FEDORA-2023-d815e2e3f5) Lightning fast webserver with light system requirements -------------------------------------------------------------------------------- Update Information:
https://redmine.lighttpd.net/projects/lighttpd/wiki/Release-1_4_68 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 4 2023 Gwyn Ciesla gwync@protonmail.com - 1.4.68-1 - 1.4.68 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2157912 - lighttpd-1.4.68 is available https://bugzilla.redhat.com/show_bug.cgi?id=2157912 --------------------------------------------------------------------------------
================================================================================ mbedtls-2.28.2-1.fc36 (FEDORA-2023-3c4a525dcc) Light-weight cryptographic and SSL/TLS library -------------------------------------------------------------------------------- Update Information:
- Update to 2.28.2 Release notes: https://github.com/Mbed- TLS/mbedtls/releases/tag/v2.28.2 -------------------------------------------------------------------------------- ChangeLog:
* Fri Dec 16 2022 Benson Muite benson_muite@emailplus.org - 2.28.2-1 - Update to 2.28.2 - Update URLs -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2155397 - CVE-2022-46392 CVE-2022-46393 mbedtls: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2155397 --------------------------------------------------------------------------------
================================================================================ media-downloader-2.8.0-1.fc36 (FEDORA-2023-db097c27fa) GUI frontend to multiple CLI based downloading programs -------------------------------------------------------------------------------- Update Information:
Update to 2.8.0 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 4 2023 Martin Gansser martinkg@fedoraproject.org - 2.8.0-1 - Update to 2.8.0 --------------------------------------------------------------------------------
================================================================================ mozilla-noscript-11.4.14-1.fc36 (FEDORA-2023-a167966a5a) JavaScript white list extension for Mozilla Firefox -------------------------------------------------------------------------------- Update Information:
* Updated HTML event attributes list * Uniformed indexed directory Firefox UI emulation to prevent a script blocking bypass on file:// resources (thanks RyotaK for reporting) * Fixed error being logged in the console on scriptless pages when hitting [Delete] or [Backspace] (thanks barbaz for reporting) * Work- around for background page mysteriously being unloaded sometimes by Firefox * [L10n] Updated Transifex configuration -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 4 2023 Dominik Mierzejewski dominik@greysector.net - 11.4.14-1 - update to 11.4.14 (#2158071) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2158071 - mozilla-noscript-11.4.14 is available https://bugzilla.redhat.com/show_bug.cgi?id=2158071 --------------------------------------------------------------------------------
================================================================================ mozilla-privacy-badger-2022.9.27-1.fc36 (FEDORA-2023-7476f7f5ee) Protects your privacy by blocking spying ads and invisible trackers -------------------------------------------------------------------------------- Update Information:
* Improved widget replacement system to better handle embedded YouTube videos * Delayed opening the new user welcome page for a few seconds to work around a Chromium bug with administrator settings (managed storage) * Removed obsolete "Prevent WebRTC from leaking local IP address" setting * Fixed various site breakages * Added Japanese translations * Improved translations (Dutch, Finnish, French, Brazilian Portuguese, Russian, Spanish, Swedish, Turkish, Ukrainian) -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 4 2023 Dominik Mierzejewski dominik@greysector.net - 2022.9.27-1 - update to 2022.9.27 (#2130321) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2130321 - mozilla-privacy-badger-2022.9.27 is available https://bugzilla.redhat.com/show_bug.cgi?id=2130321 --------------------------------------------------------------------------------
================================================================================ newsboat-2.30.1-1.fc36 (FEDORA-2023-8b701f4e77) RSS/Atom feed reader for the text console -------------------------------------------------------------------------------- Update Information:
Update to version 2.30.1. -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 4 2023 Jan Stan��k jstanek@redhat.com 2.30.1-1 - Update to version 2.30.1 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2156475 - newsboat-2.30.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2156475 --------------------------------------------------------------------------------
================================================================================ osbuild-75-1.fc36 (FEDORA-2023-969d72b3a6) A build system for OS images -------------------------------------------------------------------------------- Update Information:
Automatic update for osbuild-75-1.fc36. ##### **Changelog for osbuild** ``` * Wed Jan 04 2023 Packit hello@packit.dev - 75-1 Changes with 75 ---------------- * runners: add Fedora Asahi runner (#1216) * stages/rhsm.facts: create facts file in /etc (#1220) * test/objectstore: use os.stat instead Path.stat (#1217) Contributions from: Achilleas Koutsou, Christian Kellner, Eric Curtin ��� Somewhere on the Internet, 2023-01-04 ``` -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 4 2023 Packit hello@packit.dev - 75-1 Changes with 75 ---------------- * runners: add Fedora Asahi runner (#1216) * stages/rhsm.facts: create facts file in /etc (#1220) * test/objectstore: use os.stat instead Path.stat (#1217)
Contributions from: Achilleas Koutsou, Christian Kellner, Eric Curtin
��� Somewhere on the Internet, 2023-01-04 --------------------------------------------------------------------------------
================================================================================ packit-0.65.2-1.fc36 (FEDORA-2023-59664ad996) A tool for integrating upstream projects with Fedora operating system -------------------------------------------------------------------------------- Update Information:
Automatic update for packit-0.65.2-1.fc36. ##### **Changelog for packit** ``` * Wed Jan 04 2023 Packit hello@packit.dev - 0.65.2-1 - No changes. This is a fixup release for sake of Packit deployment. ``` -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 4 2023 Packit hello@packit.dev - 0.65.2-1 - No changes. This is a fixup release for sake of Packit deployment. --------------------------------------------------------------------------------
================================================================================ php-8.1.14-1.fc36 (FEDORA-2023-2dc2d607ba) PHP scripting language for creating dynamic web sites -------------------------------------------------------------------------------- Update Information:
**PHP version 8.1.14** (05 Jan 2023) **Core:** * Fixed bug [GH-9905](https://github.com/php/php-src/issues/9905) (constant() behaves inconsistent when class is undefined). (cmb) * Fixed bug [GH-9918](https://github.com/php/php-src/issues/9918) (License information for xxHash is not included in README.REDIST.BINS file). (Akama Hitoshi) * Fixed bug [GH-9650](https://github.com/php/php-src/issues/9650) (Can't initialize heap: [0x000001e7]). (Michael Vo������ek) * Fixed potentially undefined behavior in Windows ftok(3) emulation. (cmb) **Date:** * Fixed bug [GH-9699](https://github.com/php/php-src/issues/9699) (DateTimeImmutable::diff differences in 8.1.10 onwards - timezone related). (Derick) * Fixed bug [GH-9700](https://github.com/php/php-src/issues/9700) (DateTime::createFromFormat: Parsing TZID string is too greedy). (Derick) * Fixed bug [GH-9866](https://github.com/php/php-src/issues/9866) (Time zone bug with \DateTimeInterface::diff()). (Derick) * Fixed bug [GH-9880](https://github.com/php/php-src/issues/9880) (DateTime diff returns wrong sign on day count when using a timezone). (Derick) **FPM:** * Fixed bug [GH-9959](https://github.com/php/php-src/issues/9959) (Solaris port event mechanism is still broken after bug php#66694). (Petr Sumbera) * Fixed bug php#68207 (Setting fastcgi.error_header can result in a WARNING). (Jakub Zelenka) * Fixed bug [GH-8517](https://github.com/php/php-src/issues/8517) (Random crash of FPM master process in fpm_stdio_child_said). (Jakub Zelenka) **MBString:** * Fixed bug [GH-9535](https://github.com/php/php-src/issues/9535) (The behavior of mb_strcut in mbstring has been changed in PHP8.1). (Nathan Freeman) **Opcache:** * Fixed bug [GH-9968](https://github.com/php/php- src/issues/9968) (Segmentation Fault during OPCache Preload). (Arnaud, michdingpayc) **OpenSSL:** * Fixed bug [GH-9064](https://github.com/php/php- src/issues/9064) (PHP fails to build if openssl was built with --no-ec). (Jakub Zelenka) * Fixed bug [GH-10000](https://github.com/php/php-src/issues/10000) (OpenSSL test failures when OpenSSL compiled with no-dsa). (Jakub Zelenka) **Pcntl:** * Fixed bug [GH-9298](https://github.com/php/php-src/issues/9298) (Signal handler called after rshutdown leads to crash). (Erki Aring) **PDO_Firebird:** * Fixed bug [GH-9971](https://github.com/php/php- src/issues/9971) (Incorrect NUMERIC value returned from PDO_Firebird). (cmb) **PDO/SQLite:** * Fixed bug php#81740 (PDO::quote() may return unquoted string). (**CVE-2022-31631**) (cmb) **Session:** * Fixed [GH-9932](https://github.com/php/php-src/issues/9932) (session name silently fails with . and [). (David Carlier) **SPL:** * Fixed [GH-9883](https://github.com/php/php-src/issues/9883) (SplFileObject::__toString() reads next line). (Girgias) * Fixed [GH-10011](https://github.com/php/php-src/issues/10011) (Trampoline autoloader will get reregistered and cannot be unregistered). (Girgias) **SQLite3:** * Fixed bug php#81742 (open_basedir bypass in SQLite3 by using file URI). (cmb) -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 4 2023 Remi Collet remi@remirepo.net - 8.1.14-1 - Update to 8.1.14 - http://www.php.net/releases/8_1_14.php --------------------------------------------------------------------------------
================================================================================ powdertoy-97.0.352-1.fc36 (FEDORA-2023-b1d4536303) Physics sandbox game -------------------------------------------------------------------------------- Update Information:
Update to v97.0.352 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 4 2023 Artur Frenszek-Iwicki fedora@svgames.pl - 97.0.352-1 - Update to v97.0.352 - Drop Patch0 (no longer needed, changes now done via config values) - Install icons for the savefile mimetype as well - Use a patch for renaming files instead of relying on sed -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2156781 - powdertoy-97.0.351b is available https://bugzilla.redhat.com/show_bug.cgi?id=2156781 --------------------------------------------------------------------------------
================================================================================ pypy3.9-7.3.11-1.3.9.fc36 (FEDORA-2023-097dd40685) Python 3.9 implementation with a Just-In-Time compiler -------------------------------------------------------------------------------- Update Information:
Update to 7.3.11. See https://doc.pypy.org/en/latest/release-v7.3.11.html Security fix for CVE-2022-37454, CVE-2022-45061, CVE-2022-42919. -------------------------------------------------------------------------------- ChangeLog:
* Fri Dec 30 2022 Miro Hron��ok mhroncok@redhat.com - 7.3.11-1.3.9 - Update to 7.3.11 - Fixes: rhbz#2147520 * Fri Dec 2 2022 Miro Hron��ok mhroncok@redhat.com - 7.3.9-5.3.9 - On Fedora 37+, obsolete the pypy3.7 package which is no longer available -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2138705 - CVE-2022-42919 python: local privilege escalation via the multiprocessing forkserver start method https://bugzilla.redhat.com/show_bug.cgi?id=2138705 [ 2 ] Bug #2140200 - CVE-2022-37454 XKCP: buffer overflow in the SHA-3 reference implementation https://bugzilla.redhat.com/show_bug.cgi?id=2140200 [ 3 ] Bug #2144072 - CVE-2022-45061 Python: CPU denial of service via inefficient IDNA decoder https://bugzilla.redhat.com/show_bug.cgi?id=2144072 --------------------------------------------------------------------------------
================================================================================ python-identify-2.5.12-1.fc36 (FEDORA-2023-0901c466fd) File identification library for Python -------------------------------------------------------------------------------- Update Information:
2.5.12 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 4 2023 Gwyn Ciesla gwync@protonmail.com - 2.5.12-1 - 2.5.12 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2157981 - python-identify-2.5.12 is available https://bugzilla.redhat.com/show_bug.cgi?id=2157981 --------------------------------------------------------------------------------
================================================================================ python-whois-0.9.21-1.fc36 (FEDORA-2023-1a3a9d914e) Python module for retrieving WHOIS information of domains -------------------------------------------------------------------------------- Update Information:
Update to v0.9.21 ---- Update to v0.9.20 ---- Update to v0.9.19 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 4 2023 Artur Frenszek-Iwicki fedora@svgames.pl - 0.9.21-1 - Update to v0.9.21 * Sun Jan 1 2023 Artur Frenszek-Iwicki fedora@svgames.pl - 0.9.20-1 - Update to v0.9.20 * Tue Dec 27 2022 Artur Frenszek-Iwicki fedora@svgames.pl - 0.9.19-1 - Update to v0.9.19 - Switch to using GitHub tarballs (PyPi sources do not contain tests) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2158205 - python-whois-0.9.21 is available https://bugzilla.redhat.com/show_bug.cgi?id=2158205 --------------------------------------------------------------------------------
================================================================================ stellarium-1.2-1.fc36 (FEDORA-2023-77e2a36ccb) Photo-realistic nightsky renderer -------------------------------------------------------------------------------- Update Information:
1.2 -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 3 2023 Gwyn Ciesla gwync@protonmail.com - 1.2-1 - 1.2 * Wed Nov 30 2022 Gwyn Ciesla gwync@protonmail.com - 1.1-3 - QT6 rebuild. * Mon Nov 28 2022 Gwyn Ciesla gwync@protonmail.com - 1.1-2 - QT6 rebuild. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2156415 - stellarium-1.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2156415 --------------------------------------------------------------------------------
================================================================================ timeline-2.8.0-1.fc36 (FEDORA-2023-6f5d7b0565) Displays and navigates events on a timeline -------------------------------------------------------------------------------- Update Information:
2.8.0 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 4 2023 Gwyn Ciesla gwync@protonmail.com - 2.8.0-1 - 2.8.0 * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org - 2.7.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2157288 - timeline-2.8.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2157288 --------------------------------------------------------------------------------
================================================================================ tokodon-23.01.0-2.fc36 (FEDORA-2023-e06cc20b58) Kirigami-based mastodon client -------------------------------------------------------------------------------- Update Information:
Fedora 36 rebuild for runtime dependency kirigami addons addition ---- Tokodon 23.01.0 Update for Fedora 36 ---- Tokodon 22.11.2 Update for F36 -------------------------------------------------------------------------------- ChangeLog:
* Mon Jan 2 2023 Justin Zobel justin@1707.io - 23.01.0-1 - Update to 23.01.0 * Thu Dec 22 2022 Marcus M��ller marcus@hostalia.de - 22.11.2-1 - Update to 22.11.2 - Fixes RHBZ #2154524 --------------------------------------------------------------------------------
================================================================================ tuxpaint-0.9.28-4.fc36 (FEDORA-2023-89cd8cf470) Drawing program designed for young children -------------------------------------------------------------------------------- Update Information:
Patch for fill tool crash. -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 4 2023 Gwyn Ciesla gwync@protonmail.com - 1:0.9.28-4 - Patch for fill tool crash. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2156118 - A Crash bug with brush fill tool https://bugzilla.redhat.com/show_bug.cgi?id=2156118 --------------------------------------------------------------------------------
================================================================================ ufdbGuard-1.35.4-1.fc36 (FEDORA-2023-f74086efcd) A URL filter for squid -------------------------------------------------------------------------------- Update Information:
1.35.4 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 4 2023 Gwyn Ciesla gwync@protonmail.com - 1.35.4-1 - 1.35.4 * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org - 1.35.3-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2156764 - ufdbGuard-1.35.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2156764 --------------------------------------------------------------------------------
================================================================================ wabt-1.0.32-1.fc36 (FEDORA-2023-8ddb70540a) The WebAssembly Binary Toolkit -------------------------------------------------------------------------------- Update Information:
* Implement Relaxed SIMD proposal * Fix: Base 64 output is incorrect -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 3 2023 Dominik Mierzejewski dominik@greysector.net 1.0.32-1 - update to 1.0.32 (#2156897) - skip one new failing test on aarch64, ppc64le and s390x for now -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2156897 - wabt-1.0.32 is available https://bugzilla.redhat.com/show_bug.cgi?id=2156897 --------------------------------------------------------------------------------
test-reports@lists.fedoraproject.org