Fedora 35 updates-testing report - test-reports - Fedora mailing-lists

27 Aug 2022


      The following Fedora 35 Security updates need testing:
 Age  URL
 204  https://bodhi.fedoraproject.org/updates/FEDORA-2022-2e85e6cfc9   libdxfrw-1.0.1-3.fc35 librecad-2.2.0-0.13.rc3.fc35
 196  https://bodhi.fedoraproject.org/updates/FEDORA-2022-dfc6924a11   mysql-connector-java-8.0.28-1.fc35
  29  https://bodhi.fedoraproject.org/updates/FEDORA-2022-d7f95e65dd   booth-1.0-251.3.bfb2f92.git.fc35
  10  https://bodhi.fedoraproject.org/updates/FEDORA-2022-15da0cf165   rsync-3.2.5-1.fc35
   4  https://bodhi.fedoraproject.org/updates/FEDORA-2022-d9f1bb102d   OpenImageIO-2.2.21.0-2.fc35 ctk-0.1-0.24.20190721.fc35 dcmtk-3.6.7-1.fc35
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2022-ddfeee50c9   webkit2gtk3-2.36.7-1.fc35
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2022-ddee3eb27c   thunderbird-102.2.0-1.fc35
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2022-3b33d04743   vim-9.0.246-1.fc35
The following Fedora 35 Critical Path updates have yet to be approved:
 Age URL
  15  https://bodhi.fedoraproject.org/updates/FEDORA-2022-bca7996d14   annobin-10.81-1.fc35
  15  https://bodhi.fedoraproject.org/updates/FEDORA-2022-da31238a14   binutils-2.37-24.fc35
  12  https://bodhi.fedoraproject.org/updates/FEDORA-2022-9ddf777fdb   libbluray-1.3.2-1.fc35
  12  https://bodhi.fedoraproject.org/updates/FEDORA-2022-4fc68b4137   libkcapi-1.4.0-2.fc35
  10  https://bodhi.fedoraproject.org/updates/FEDORA-2022-8597aa54ec   libdnf-0.68.0-1.fc35
  10  https://bodhi.fedoraproject.org/updates/FEDORA-2022-15da0cf165   rsync-3.2.5-1.fc35
  10  https://bodhi.fedoraproject.org/updates/FEDORA-2022-03eb748e1d   freerdp-2.8.0-1.fc35 gnome-boxes-41.3-2.fc35 gnome-connections-41.2-2.fc35 gnome-remote-desktop-41.3-2.fc35 guacamole-server-1.4.0-6.fc35 hydra-9.2-5.fc35 medusa-2.2-18.20181216git292193b.fc35 pidgin-sipe-1.25.0-14.fc35 vinagre-3.22.0-26.fc35 weston-8.0.0-12.fc35
   9  https://bodhi.fedoraproject.org/updates/FEDORA-2022-4841fbd892   createrepo_c-0.20.1-1.fc35
   9  https://bodhi.fedoraproject.org/updates/FEDORA-2022-2eb835425a   fedora-repos-35-4
   8  https://bodhi.fedoraproject.org/updates/FEDORA-2022-48e82b4eda   dbus-broker-32-1.fc35
   5  https://bodhi.fedoraproject.org/updates/FEDORA-2022-564484bcd4   twolame-0.4.0-1.fc35
   4  https://bodhi.fedoraproject.org/updates/FEDORA-2022-e4bd968e45   libreport-2.17.2-1.fc35
   4  https://bodhi.fedoraproject.org/updates/FEDORA-2022-ad62906a26   shadow-utils-4.9-10.fc35
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2022-9a3f9767d1   ndctl-74-1.fc35
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2022-52f71b625b   ethtool-5.19-1.fc35
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2022-19b61cd789   librepo-1.14.4-1.fc35
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2022-781669c384   glibc-2.34-41.fc35
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2022-ada487682a   tzdata-2022c-1.fc35
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2022-a7c12f917e   kernel-5.19.4-100.fc35 kernel-headers-5.19.4-100.fc35 kernel-tools-5.19.4-100.fc35
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2022-3b33d04743   vim-9.0.246-1.fc35
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2022-ddee3eb27c   thunderbird-102.2.0-1.fc35
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2022-ddfeee50c9   webkit2gtk3-2.36.7-1.fc35
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2022-3a75635d6a   kde-settings-35.2-1.fc35
The following builds have been pushed to Fedora 35 updates-testing
cinfo-0.4.8-1.fc35
    emacs-dockerfile-mode-1.8-1.fc35
    fts-rest-client-3.12.0-1.fc35
    gnome-shell-extension-just-perfection-21.0-1.fc35
    golang-uber-multierr-1.8.0-1.fc35
    libtar-1.2.20-25.fc35
    osbuild-65-1.fc35
    osbuild-composer-61-1.fc35
    python-cloudscraper-1.2.62-1.fc35
    python-ecdsa-0.18.0-1.fc35
    sameboy-0.15.5-1.fc35
    sssd-2.7.4-1.fc35
    tcpreplay-4.4.2-1.fc35
    texstudio-4.3.1-1.fc35
    tuptime-5.2.1-1.fc35
    yambar-1.8.0-1.fc35
Details about builds:
================================================================================
 cinfo-0.4.8-1.fc35 (FEDORA-2022-39b31f0010)
 Fast and minimal system information tool
--------------------------------------------------------------------------------
Update Information:
initial package build
--------------------------------------------------------------------------------
ChangeLog:
* Sat Aug 20 2022 Jonathan Wright jonathan@almalinux.org 0.4.8-1
- Initial package build
- rhbz#2120002
--------------------------------------------------------------------------------
================================================================================
 emacs-dockerfile-mode-1.8-1.fc35 (FEDORA-2022-6ca391cf1c)
 An emacs mode for handling Dockerfiles
--------------------------------------------------------------------------------
Update Information:
Fix: remove repeated switch in docstring
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 18 2022 Mohamed El Morabity melmorabity@fedoraproject.org - 1.8-1
- Update to 1.8
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2117992 - emacs-dockerfile-mode-1.8 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2117992
--------------------------------------------------------------------------------
================================================================================
 fts-rest-client-3.12.0-1.fc35 (FEDORA-2022-3817cede8e)
 File Transfer Service (FTS) -- Python3 Client and CLI
--------------------------------------------------------------------------------
Update Information:
First release of the FTS REST Client package
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 27 2022 Mihai Patrascoiu mihai.patrascoiu@cern.ch - 3.12.0-1
- First EPEL release (v3.12.0 upstream release)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2111607 - Review Request: fts-rest-client - FTS Python3 clients
        https://bugzilla.redhat.com/show_bug.cgi?id=2111607
--------------------------------------------------------------------------------
================================================================================
 gnome-shell-extension-just-perfection-21.0-1.fc35 (FEDORA-2022-252488152b)
 Extension to Customize GNOME Shell and Disable UI Elements
--------------------------------------------------------------------------------
Update Information:
Update to upstream version 21.  See the [upstream
changelog](https://gitlab.gnome.org/jrahmatzadeh/just-
perfection/-/blob/21.0/CHANGELOG.md) for more details.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Aug 27 2022 Carl George carl@george.computer 21.0-1
- Latest upstream, resolves rhbz#2116039
* Thu Jul 21 2022 Fedora Release Engineering releng@fedoraproject.org 20.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2116039 - gnome-shell-extension-just-perfection-21.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2116039
--------------------------------------------------------------------------------
================================================================================
 golang-uber-multierr-1.8.0-1.fc35 (FEDORA-2022-eae2f4f9f5)
 Combine one or more go errors together
--------------------------------------------------------------------------------
Update Information:
Update to 1.8.0
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 26 2022 Anthony Rabbito hello@anthonyrabbito.com 1.8.0-1
- Update to 1.8.0 use generate_buildrequires
* Thu Jul 21 2022 Fedora Release Engineering releng@fedoraproject.org - 1.6.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Thu Jan 20 2022 Fedora Release Engineering releng@fedoraproject.org - 1.6.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
 libtar-1.2.20-25.fc35 (FEDORA-2022-fe1a4e3cf0)
 Tar file manipulation API
--------------------------------------------------------------------------------
Update Information:
- fix memory leaks through gnu_long{name,link} (CVE-2021-33645 CVE-2021-33646) -
fix out-of-bounds read in gnu_long{name,link} (CVE-2021-33643 CVE-2021-33644)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 26 2022 Kamil Dudka kdudka@redhat.com - 1.2.20-25
- fix memory leaks through gnu_long{name,link} (CVE-2021-33645 CVE-2021-33646)
- fix out-of-bounds read in gnu_long{name,link} (CVE-2021-33643 CVE-2021-33644)
* Thu Jul 21 2022 Fedora Release Engineering releng@fedoraproject.org - 1.2.20-24
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Thu Jan 20 2022 Fedora Release Engineering releng@fedoraproject.org - 1.2.20-23
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
 osbuild-65-1.fc35 (FEDORA-2022-a03d2ca8a8)
 A build system for OS images
--------------------------------------------------------------------------------
Update Information:
New upstream release: 60   ----  New upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 26 2022 Packit hello@packit.dev - 65-1
Changes with 65
----------------
  * Add greenboot configuration management via osbuild (#1086)
  * Add new properties to ostree.remotes stage: gpgkeypath and contenturl (#1097)
  * pipeline: include mounts in stage checksum (#1098)
  * runners: add fedora38 (#1092)
Contributions from: Achilleas Koutsou, Christian Kellner, Ond��ej Budai, Sayan Paul
��� Somewhere on the Internet, 2022-08-26
* Wed Aug 17 2022 Packit hello@packit.dev - 64-1
Changes with 64
----------------
  * Ability to mark installation as `ostree-booted` (#1085)
  * Add org.osbuild.gcp.guest-agent.conf stage (#1080)
  * Check source via `autopep8` (#1083)
  * `stages/gcp.guest-agent.conf`: various small fixes (#1081)
  * osbuild-mpp: Allow use of mpp-* operations for stages (#1084)
  * stages/rpm: allow setting the dbpath (#666)
Contributions from: Alexander Larsson, Christian Kellner, fkolwa
��� Somewhere on the Internet, 2022-08-17
--------------------------------------------------------------------------------
================================================================================
 osbuild-composer-61-1.fc35 (FEDORA-2022-cd28ab27c1)
 An image building service based on osbuild
--------------------------------------------------------------------------------
Update Information:
New upstream release: 61
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 26 2022 Packit hello@packit.dev - 61-1
Changes with 61
----------------
  * Add the `rhsm.facts` stage. (#2909)
  * Disable skipped tests (#2885)
  * Support hybrid boot for edge installers (#2912)
  * worker/osbuild: use `os-release` to determine host OS (#2842)
Contributions from: Achilleas Koutsou, Juan Abia, Simon de Vlieger, Tomas Hozza, Xiaofeng Wang
��� Somewhere on the Internet, 2022-08-26
* Wed Aug 24 2022 Packit hello@packit.dev - 60-1
Changes with 60
----------------
  * Add search command to dnf-json and use it for package searches (#2908)
  * Modify repositories/rhel-xy.json file before testing nightly compose (#2894)
  * Update terraform SHA with more aarch64 runner options (#2907)
  * [GCE images] don't install SDK and turn off GPG check on el9 (#2900)
  * distro/image-installer: remove nvmf dracut module for RHEL-9.1 (#2899)
  * distro: add oscap packages to image (#2898)
  * tests: Add comment to make it more obvious what's happening (#2888)
  * tests: Remove useless JSON file overrides (#2881)
  * update civ (#2796)
Contributions from: Alexander Todorov, Brian C. Lane, Gianluca Zuccarelli, Jakub Rusz, Juan Abia, Tomas Hozza, Xiaofeng Wang
��� Somewhere on the Internet, 2022-08-24
--------------------------------------------------------------------------------
================================================================================
 python-cloudscraper-1.2.62-1.fc35 (FEDORA-2022-4c797a5e49)
 Python module to bypass Cloudflare's anti-bot page
--------------------------------------------------------------------------------
Update Information:
Updating 1.2.62
--------------------------------------------------------------------------------
ChangeLog:
* Sat Aug 27 2022 Lyes Saadi lyessaadi@fedoraproject.org 1.2.62-1
- Updating to 1.2.62
* Fri Jul 22 2022 Fedora Release Engineering releng@fedoraproject.org - 1.2.60-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue Jul 19 2022 Zbigniew J��drzejewski-Szmek zbyszek@in.waw.pl - 1.2.60-3
- Rebuilt for pyparsing-3.0.9
* Tue Jun 14 2022 Python Maint python-maint@redhat.com - 1.2.60-2
- Rebuilt for Python 3.11
--------------------------------------------------------------------------------
================================================================================
 python-ecdsa-0.18.0-1.fc35 (FEDORA-2022-d05684ab29)
 ECDSA cryptographic signature library
--------------------------------------------------------------------------------
Update Information:
update to 0.18.0
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 26 2022 Jonathan Wright jonathan@almalinux.org - 0.18.0-1
- update to 0.18.0
- rhbz#1873173
* Fri Aug 26 2022 Jonathan Wright jonathan@almalinux.org - 0.17.0-9
- improve performance with gmpy2
* Fri Aug 26 2022 Jonathan Wright jonathan@almalinux.org - 0.17.0-8
- modernize spec file
* Fri Aug 26 2022 Jonathan Wright jonathan@almalinux.org - 0.17.0-7
- remove python2-related code from spec
* Fri Jul 22 2022 Fedora Release Engineering releng@fedoraproject.org - 0.17.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Mon Jun 13 2022 Python Maint python-maint@redhat.com - 0.17.0-5
- Rebuilt for Python 3.11
* Fri Jan 21 2022 Fedora Release Engineering releng@fedoraproject.org - 0.17.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
 sameboy-0.15.5-1.fc35 (FEDORA-2022-a69911a8c9)
 Game Boy and Game Boy Color emulator written in C
--------------------------------------------------------------------------------
Update Information:
Update to 0.15.5
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 25 2022 Jan Dr��gehoff sentrycraft123@gmail.com - 0.15.5-1
- Update to 0.15.5
--------------------------------------------------------------------------------
================================================================================
 sssd-2.7.4-1.fc35 (FEDORA-2022-3c8a55de8c)
 System Security Services Daemon
--------------------------------------------------------------------------------
Update Information:
Rebase to sssd-2.7.4. Release notes: https://sssd.io/release-
notes/sssd-2.7.4.html
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 26 2022 Pavel B��ezina pbrezina@redhat.com - 2.7.4-1
- Rebase to SSSD 2.7.4
--------------------------------------------------------------------------------
================================================================================
 tcpreplay-4.4.2-1.fc35 (FEDORA-2022-680ea95f71)
 Replay captured network traffic
--------------------------------------------------------------------------------
Update Information:
This is Tcpreplay suite 4.4.2  This release contains bug fixes only. What's
changed:  - Bug #716 heap-buffer-overflow in get_l2len_protocol() by @fklassen
in #738 - Bug #721 fixed typo in tcpliveplay.c by @jonathan-dev in #721 - Bug
#717 avoid assertion in get_layer4_v6 by @fklassen in #739 - Bug #718 improved
heap-overflow protection by @fklassen in #740 - Bug #719 better overflow
protection in parse_mpls by @fklassen in #741 - Bug #725 FORCE_ALIGN on arm by
@fklassen in #742 - Bug #729 tcpreplay_edit: disallow both -K and -l options by
@fklassen in #743 - Bug #735 heap-overflow in get_l2len_protocol by @fklassen in
#744 - Bug #745 remove autogen.sh from distribution tarballs by @fklassen in
#747
--------------------------------------------------------------------------------
ChangeLog:
* Sat Aug 27 2022 Bojan Smojver <bojan@rexursive com> - 4.4.2-1
- bump up to 4.4.2
* Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org - 4.4.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2071668 - CVE-2022-27939 tcpreplay: net-analyzer/tcpreplay: multiple vulnerabilities [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2071668
  [ 2 ] Bug #2071669 - CVE-2022-27939 tcpreplay: net-analyzer/tcpreplay: multiple vulnerabilities [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2071669
  [ 3 ] Bug #2071673 - CVE-2022-27940 tcpreplay: net-analyzer/tcpreplay: multiple vulnerabilities [epel-8]
        https://bugzilla.redhat.com/show_bug.cgi?id=2071673
  [ 4 ] Bug #2071716 - CVE-2022-27941 tcpreplay: VUL-0: CVE-2022-27941: tcpreplay: tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_l2len_protocol in common/get.c. [epel-8]
        https://bugzilla.redhat.com/show_bug.cgi?id=2071716
  [ 5 ] Bug #2071721 - CVE-2022-27942 tcpreplay: CVE-2022-27942: tcpreplay: tcpprep in Tcpreplay 4.4.1 has a heap-based buffer over-read in parse_mpls in common/get.c. [epel-8]
        https://bugzilla.redhat.com/show_bug.cgi?id=2071721
  [ 6 ] Bug #2081861 - CVE-2022-28487 tcpreplay: memory leak in fix_ipv6_checksums() function [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2081861
  [ 7 ] Bug #2081862 - CVE-2022-28487 tcpreplay: memory leak in fix_ipv6_checksums() function [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2081862
--------------------------------------------------------------------------------
================================================================================
 texstudio-4.3.1-1.fc35 (FEDORA-2022-36c0a22548)
 A feature-rich editor for LaTeX documents
--------------------------------------------------------------------------------
Update Information:
- update to 4.3.1 - https://raw.githubusercontent.com/texstudio-
org/texstudio/master/utilities/manual/CHANGELOG.txt
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 26 2022 Johannes Lips hannes@fedoraproject.org 4.3.1-1
- Update to latest upstream release 4.3.1
--------------------------------------------------------------------------------
================================================================================
 tuptime-5.2.1-1.fc35 (FEDORA-2022-412a293fa6)
 Report historical system real time
--------------------------------------------------------------------------------
Update Information:
New upstream release  ----  New upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Sat Aug 27 2022 Frank Crawford frank@crawford.emu.id.au - 5.2.1-1
- New upstream release
* Sat Aug 20 2022 Frank Crawford frank@crawford.emu.id.au - 5.2.0-1
- New upstream release
- Rename systemd unit files from tuptime-cron to tuptime-sync
* Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org - 5.1.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
 yambar-1.8.0-1.fc35 (FEDORA-2022-f2c240a532)
 Modular status panel for X11 and Wayland
--------------------------------------------------------------------------------
Update Information:
Initial import (#2051066)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 26 2022 Aleksei Bavshin alebastr@fedoraproject.org - 1.8.0-1
- Initial import (#2051066)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2051066 - Review Request: yambar - Modular status panel for X11 and Wayland
        https://bugzilla.redhat.com/show_bug.cgi?id=2051066
--------------------------------------------------------------------------------