The following Fedora 36 Security updates need testing:
Age URL
20
https://bodhi.fedoraproject.org/updates/FEDORA-2022-6d2b6ad1a6
golang-1.18.9-1.fc36
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-ce7369b9ec
GitPython-3.1.30-1.fc36
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-e37f239f2e emacs-28.2-1.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-15729fa33d
perl-Alien-ProtoBuf-0.09-17.fc36 protobuf-3.19.6-1.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2023-c8a60f6f80 qemu-6.2.0-17.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2023-11256597a8
mingw-binutils-2.37-6.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2023-78b4ce2f23
pypy3.8-7.3.11-1.3.8.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2023-5c6f32db6f
yarnpkg-1.22.19-2.fc36
0
https://bodhi.fedoraproject.org/updates/FEDORA-2023-d4085a681f cacti-1.2.23-1.fc36
cacti-spine-1.2.23-1.fc36
0
https://bodhi.fedoraproject.org/updates/FEDORA-2023-3c4a525dcc
mbedtls-2.28.2-1.fc36
0
https://bodhi.fedoraproject.org/updates/FEDORA-2023-097dd40685
pypy3.9-7.3.11-1.3.9.fc36
0
https://bodhi.fedoraproject.org/updates/FEDORA-2023-2dc2d607ba php-8.1.14-1.fc36
The following Fedora 36 Critical Path updates have yet to be approved:
Age URL
53
https://bodhi.fedoraproject.org/updates/FEDORA-2022-beaae40a8f
python-rpmautospec-0.3.1-1.fc36
50
https://bodhi.fedoraproject.org/updates/FEDORA-2022-ca291a78cf glibc-2.35-21.fc36
28
https://bodhi.fedoraproject.org/updates/FEDORA-2022-df7e4caec9
gnome-shell-42.7-1.fc36 mutter-42.7-1.fc36
16
https://bodhi.fedoraproject.org/updates/FEDORA-2022-fabaf54050 gdb-12.1-3.fc36
13
https://bodhi.fedoraproject.org/updates/FEDORA-2022-b6c29072a3
thunderbird-102.6.0-2.fc36
13
https://bodhi.fedoraproject.org/updates/FEDORA-2022-e7408b527a
libksba-1.6.3-1.fc36
11
https://bodhi.fedoraproject.org/updates/FEDORA-2022-2a77cf04a0
libretls-3.7.0-1.fc36 netcat-1.219-2.fc36 rpki-client-8.2-3.fc36
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-e37f239f2e emacs-28.2-1.fc36
2
https://bodhi.fedoraproject.org/updates/FEDORA-2023-319963375c
edk2-20221117gitfff6d81270b5-9.fc36
2
https://bodhi.fedoraproject.org/updates/FEDORA-2023-0f7d9581f0 bash-5.2.15-1.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2023-c8a60f6f80 qemu-6.2.0-17.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2023-245bb1cb57
whois-5.5.15-1.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2023-4095af1560
libpcap-1.10.2-1.fc36 tcpdump-4.99.2-1.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-15729fa33d
perl-Alien-ProtoBuf-0.09-17.fc36 protobuf-3.19.6-1.fc36
0
https://bodhi.fedoraproject.org/updates/FEDORA-2023-a7c865cb1e
kernel-6.0.17-200.fc36
0
https://bodhi.fedoraproject.org/updates/FEDORA-2023-d482999900
coreutils-9.0-9.fc36
0
https://bodhi.fedoraproject.org/updates/FEDORA-2023-382b67affe
hwdata-0.366-1.fc36
The following builds have been pushed to Fedora 36 updates-testing
ardour7-7.2.0-1.fc36
btrfs-progs-6.1.2-1.fc36
butane-0.17.0-1.fc36
cpufetch-1.03-1.fc36
cyrus-imapd-3.6.0-1.fc36
electrum-4.3.3-1.fc36
firewalld-1.2.3-1.fc36
gerbera-1.12.1-1.fc36
gh-2.21.2-1.fc36
google-api-python-client-2.71.0-1.fc36
gtest-1.12.1-2.fc36
gucharmap-15.0.2-2.fc36
legendary-0.20.32-1.fc36
mock-core-configs-37.9-1.fc36
perl-Syntax-Keyword-Match-0.10-1.fc36
python-beautifulsoup4-4.11.1-1.fc36
python-dbusmock-0.28.7-1.fc36
python-glad2-2.0.3-1.fc36
python-hatchling-1.12.2-1.fc36
python-sqlalchemy-1.4.46-1.fc36
python2.7-2.7.18-23.fc36
supertuxkart-1.4-5.fc36
waf-2.0.25-1.fc36
Details about builds:
================================================================================
ardour7-7.2.0-1.fc36 (FEDORA-2023-5930f3dbb3)
Digital Audio Workstation
--------------------------------------------------------------------------------
Update Information:
This is an upstream bugfix and enhancement release. See the [release
notes](https://ardour.org/whatsnew.html) contains a detailed list of changes in
version 7.2.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 4 2023 Nils Philippsen <nils(a)tiptoe.de> 7.2.0-1
- Version 7.2.0
--------------------------------------------------------------------------------
================================================================================
btrfs-progs-6.1.2-1.fc36 (FEDORA-2023-fcfcd41adf)
Userspace programs for btrfs
--------------------------------------------------------------------------------
Update Information:
Update to revert breakage for consumers of libbtrfs headers and include merged
fix for `btrfs subvolume list -u`.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 5 2023 Neal Gompa <ngompa(a)fedoraproject.org> - 6.1.2-1
- Update to 6.1.2
* Tue Jan 3 2023 Neal Gompa <ngompa(a)fedoraproject.org> - 6.1.1-1
- Update to 6.1.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2157606 - update btrfs-progs to 6.1 breaks some builds
https://bugzilla.redhat.com/show_bug.cgi?id=2157606
[ 2 ] Bug #2157967 - btrfs-progs-6.1.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2157967
[ 3 ] Bug #2158618 - btrfs-progs-6.1.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2158618
--------------------------------------------------------------------------------
================================================================================
butane-0.17.0-1.fc36 (FEDORA-2023-8f86803f59)
Butane config transpiler
--------------------------------------------------------------------------------
Update Information:
New upstream release; see [release
notes](https://github.com/coreos/butane/blob/main/docs/release-
notes.md#butane-0170-2023-01-04)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 4 2023 Sohan Kunkerkar <skunkerk(a)redhat.com> - 0.17.0-1
- New release
--------------------------------------------------------------------------------
================================================================================
cpufetch-1.03-1.fc36 (FEDORA-2023-95a307ad01)
Simple tool for determining CPU architecture
--------------------------------------------------------------------------------
Update Information:
Update to v1.03
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 5 2023 Artur Frenszek-Iwicki <fedora(a)svgames.pl> - 1.03-1
- Update to v1.03
- Add a patch to fix build failures on PowerPC
- Migrate License tag to SPDX
--------------------------------------------------------------------------------
================================================================================
cyrus-imapd-3.6.0-1.fc36 (FEDORA-2023-ab3de29a47)
A high-performance email, contacts and calendar server
--------------------------------------------------------------------------------
Update Information:
- New version 3.6.0 (rhbz#2134350) - Add source code signature verification
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 4 2023 Martin Osvald <mosvald(a)redhat.com> - 3.6.0-1
- New version 3.6.0 (rhbz#2134350)
- Add source code signature verification
* Sat Dec 31 2022 Pete Walter <pwalter(a)fedoraproject.org> - 3.4.4-4
- Rebuild for ICU 72
* Fri Sep 9 2022 Martin Osvald <mosvald(a)redhat.com> - 3.4.4-3
- Require mariadb-connector-c-devel instead of mariadb-devel (rhbz#2116360)
- Drop tzdist module. Clients must use OS provided timezone info
- Drop cyrus-timezones and use system-wide tzdata (rhbz#2116362)
* Mon Aug 1 2022 Frantisek Zatloukal <fzatlouk(a)redhat.com> - 3.4.4-2
- Rebuilt for ICU 71.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2134350 - cyrus-imapd-3.6.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2134350
--------------------------------------------------------------------------------
================================================================================
electrum-4.3.3-1.fc36 (FEDORA-2023-0a6ad7a42f)
A lightweight Bitcoin Client
--------------------------------------------------------------------------------
Update Information:
Updated to 4.3.3
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 4 2023 Vitaly Zaitsev <vitaly(a)easycoding.org> - 4.3.3-1
- Updated to version 4.3.3.
--------------------------------------------------------------------------------
================================================================================
firewalld-1.2.3-1.fc36 (FEDORA-2023-7a86ae37b2)
A firewall daemon with D-Bus interface providing a dynamic firewall
--------------------------------------------------------------------------------
Update Information:
rebase package to v1.2.3
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 5 2023 Eric Garver <eric(a)garver.life> - 1.2.3-1
- rebase package to v1.2.3
--------------------------------------------------------------------------------
================================================================================
gerbera-1.12.1-1.fc36 (FEDORA-2023-c1d2c456f4)
UPnP Media Server
--------------------------------------------------------------------------------
Update Information:
1.12.1
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 5 2023 Gwyn Ciesla <gwync(a)protonmail.com> - 1.12.1-1
- 1.12.1
* Fri Dec 16 2022 Franti��ek Zatloukal <fzatlouk(a)redhat.com> - 1.12.0-2
- Rebuilt for duktape 2.7.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2158293 - gerbera-1.12.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2158293
--------------------------------------------------------------------------------
================================================================================
gh-2.21.2-1.fc36 (FEDORA-2023-aa07bae96f)
GitHub���s official command line tool
--------------------------------------------------------------------------------
Update Information:
Update to 2.21.2 ---- Update to 2.21.1
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 5 2023 Mikel Olasagasti Uranga <mikel(a)olasagasti.info> 2.21.2-1
- Update to 2.21.2 - Closes rhbz#2158295
* Sat Dec 24 2022 Mikel Olasagasti Uranga <mikel(a)olasagasti.info> 2.21.1-2
- Update to 2.21.1 - Closes rhbz#2156132
* Sat Dec 24 2022 Mikel Olasagasti Uranga <mikel(a)olasagasti.info> 2.21.1-1
- Update to 2.21.1 - Closes rhbz#2156132
--------------------------------------------------------------------------------
================================================================================
google-api-python-client-2.71.0-1.fc36 (FEDORA-2023-fb5323ac8c)
Google APIs Client Library for Python
--------------------------------------------------------------------------------
Update Information:
Update to 2.71.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 5 2023 Mikel Olasagasti Uranga <mikel(a)olasagasti.info> 2:2.71.0-1
- Update to 2.71.0 - Closes rhbz#2158313
--------------------------------------------------------------------------------
================================================================================
gtest-1.12.1-2.fc36 (FEDORA-2023-8ae6a54981)
Google C++ testing framework
--------------------------------------------------------------------------------
Update Information:
Update to gtest 1.12.1.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.12.1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Sat Jul 9 2022 Terje Rosten <terje.rosten(a)ntnu.no> - 1.12.1-1
- 1.12.1
* Mon Jun 27 2022 Terje Rosten <terje.rosten(a)ntnu.no> - 1.12.0-1
- 1.12.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2158006 - Request for update to 1.12.1 in Fedora 36
https://bugzilla.redhat.com/show_bug.cgi?id=2158006
--------------------------------------------------------------------------------
================================================================================
gucharmap-15.0.2-2.fc36 (FEDORA-2023-f6240fd8d3)
Unicode character picker and font browser
--------------------------------------------------------------------------------
Update Information:
Enable documentation
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 5 2023 Yaakov Selkowitz <yselkowi(a)redhat.com> - 15.0.2-2
- Enable docs
--------------------------------------------------------------------------------
================================================================================
legendary-0.20.32-1.fc36 (FEDORA-2023-91972cd036)
Free and open-source replacement for the Epic Games Launcher
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 5 2023 Artem Polishchuk <ego.cordatus(a)gmail.com> 0.20.32-1
- chore: Update to 0.20.32
--------------------------------------------------------------------------------
================================================================================
mock-core-configs-37.9-1.fc36 (FEDORA-2023-f1d98ac015)
Mock core config files basic chroots
--------------------------------------------------------------------------------
Update Information:
- missmatching gpg key and rpms in openEuler 20.03 LTS (pkwarcraft(a)gmail.com) -
drop unneccessary module docs from configuration files (nkadel(a)gmail.com)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 5 2023 Pavel Raiskup <praiskup(a)redhat.com> 37.9-1
- missmatching gpg key and rpms in openEuler 20.03 LTS (pkwarcraft(a)gmail.com)
- drop unneccessary module docs from configuration files (nkadel(a)gmail.com)
--------------------------------------------------------------------------------
================================================================================
perl-Syntax-Keyword-Match-0.10-1.fc36 (FEDORA-2023-ba702d2eaa)
Match/case syntax for Perl
--------------------------------------------------------------------------------
Update Information:
This release improves tests and internal code.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 5 2023 Petr Pisar <ppisar(a)redhat.com> - 0.10-1
- 0.10 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2156214 - perl-Syntax-Keyword-Match-0.10 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2156214
--------------------------------------------------------------------------------
================================================================================
python-beautifulsoup4-4.11.1-1.fc36 (FEDORA-2023-35dfbf0261)
HTML/XML parser for quick-turnaround applications like screen-scraping
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release beautifulsoup4 4.11.1
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 5 2023 Major Hayden <major(a)redhat.com> - 4.11.1-1
- Update to 4.11.1
* Fri Jul 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.11.0-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Mon Jun 13 2022 Python Maint <python-maint(a)redhat.com> - 4.11.0-2
- Rebuilt for Python 3.11
--------------------------------------------------------------------------------
================================================================================
python-dbusmock-0.28.7-1.fc36 (FEDORA-2023-ebb8196143)
Mock D-Bus objects
--------------------------------------------------------------------------------
Update Information:
Automatic update for python-dbusmock-0.28.7-1.fc36.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 5 2023 Packit <hello(a)packit.dev> - 0.28.7-1
<!-- generated by eloquent/github-release-action -->
<!-- original source:
- blue5-obex template: Fix OBEX PullAll (thanks Jan Alexander Steffens)
- power_profiles template: Fix Actions property type (thanks Jonas ��dahl)
- README: Explain container tests and how to debug them
-->
<ul>
<li>blue5-obex template: Fix OBEX PullAll (thanks Jan Alexander
Steffens)</li>
<li>power_profiles template: Fix Actions property type (thanks Jonas
��dahl)</li>
<li>README: Explain container tests and how to debug them</li>
</ul>
--------------------------------------------------------------------------------
================================================================================
python-glad2-2.0.3-1.fc36 (FEDORA-2023-8ea5c45e4d)
Multi-Language GL/GLES/EGL/GLX/WGL Loader-Generator
--------------------------------------------------------------------------------
Update Information:
Update to latest version (#2157949)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 5 2023 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> 2.0.3-1
- Update to latest version (#2157949)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2157949 - python-glad2-2.0.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2157949
--------------------------------------------------------------------------------
================================================================================
python-hatchling-1.12.2-1.fc36 (FEDORA-2023-1beb916658)
The build backend used by Hatch
--------------------------------------------------------------------------------
Update Information:
Upgrade python-hatchling to 1.12.2. ##
[
1.12.2](https://github.com/pypa/hatch/releases/tag/hatchling-v1.12.2) -
2023-01-05 ***Fixed:*** - Add `macos-max-compat` option to the `wheel` target
that is enabled by default to support the latest version 22.0 of the `packaging`
library ##
[
1.12.1](https://github.com/pypa/hatch/releases/tag/hatchling-v1.12.1) -
2022-12-31 ***Fixed:*** - Fix minor regression in the PEP 517/660 function
signatures that was discovered by Fedora ##
[
1.12.0](https://github.com/pypa/hatch/releases/tag/hatchling-v1.12.0) -
2022-12-30 ***Added:*** - Improve readability of exceptions - Add
`extra_metadata` build data to the `wheel` target - Retroactively support
`License-Expression` core metadata starting at version 2.1 - Add more type hints
- Update the set of known trove classifiers to version 2022.12.22 - Update SPDX
license information to version 3.19 - Store Hatchling's metadata in
`pyproject.toml` ***Fixed:*** - Acknowledge the `ARCHFLAGS` environment
variable on macOS for the `wheel` target when build hooks set the `infer_tag`
build data to `true` - Fix dependency checking when encountering broken
distributions - Remove unnecessary encoding declaration in the default template
for the `version` build hook
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 5 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> 1.12.2-1
- Update to 1.12.2 (close RHBZ#2158329)
* Sat Dec 31 2022 Benjamin A. Beasley <code(a)musicinmybrain.net> 1.12.1-1
- Update to 1.12.1 (close RHBZ#2157116)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2157116 - python-hatchling-1.12.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2157116
[ 2 ] Bug #2158329 - python-hatchling-1.12.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2158329
--------------------------------------------------------------------------------
================================================================================
python-sqlalchemy-1.4.46-1.fc36 (FEDORA-2023-d54fffc401)
Modular and flexible ORM library for Python
--------------------------------------------------------------------------------
Update Information:
This is a bugfix and enhancement release. The upstream [announcement](https://w
ww.sqlalchemy.org/blog/2023/01/03/sqlalchemy-1.4.46-released/) summarizes and
the [
changelog](https://docs.sqlalchemy.org/en/20/changelog/changelog_14.html#ch
ange-1.4.46) contains a detailed list of changes in version 1.4.46.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 4 2023 Nils Philippsen <nils(a)tiptoe.de> 1.4.46-1
- Version 1.4.46
--------------------------------------------------------------------------------
================================================================================
python2.7-2.7.18-23.fc36 (FEDORA-2023-f1381c83af)
Version 2.7 of the Python interpreter
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2022-45061: CPU denial of service via inefficient IDNA
decoder
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 19 2022 Charalampos Stratakis <cstratak(a)redhat.com> - 2.7.18-23
- Security fix for CVE-2022-45061: CPU denial of service via inefficient IDNA decoder
Related: rhbz#2144072
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2144418 - CVE-2022-45061 python2.7: Python: CPU denial of service via
inefficient IDNA decoder [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2144418
--------------------------------------------------------------------------------
================================================================================
supertuxkart-1.4-5.fc36 (FEDORA-2023-322ef3b249)
Kids 3D go-kart racing game featuring Tux
--------------------------------------------------------------------------------
Update Information:
Patch for crash.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 4 2023 Gwyn Ciesla <gwync(a)protonmail.com> - 1.4.5
- Patch for
https://github.com/supertuxkart/stk-code/issues/4834
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2144296 - Super Tux Kart core dumps on battle mode when using "too
many" players
https://bugzilla.redhat.com/show_bug.cgi?id=2144296
--------------------------------------------------------------------------------
================================================================================
waf-2.0.25-1.fc36 (FEDORA-2023-16c4601aad)
A Python-based build system
--------------------------------------------------------------------------------
Update Information:
### WAF 2.0.25 ### * Fix invalid characters returned by find_program #2397 *
Prepare for distutils removal (Python 3.12 regression) #2402 * Improve cp65001
compat in cpython < 3.3 #2346 * Add Fujitsu Fortran compiler detection on
ARM64FX #2348 * Support multiple Sphinx output formats #2344 * Improve PyQt5
detection #2343 * Add asynchronous wafcache uploads
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 5 2023 Thomas Moschny <thomas.moschny(a)gmx.de> - 2.0.25-1
- Update to 2.0.25.
* Sat Jul 23 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.0.24-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Mon Jun 13 2022 Python Maint <python-maint(a)redhat.com> - 2.0.24-2
- Rebuilt for Python 3.11
--------------------------------------------------------------------------------