Fedora 36 updates-testing report - test-reports - Fedora mailing-lists

27 Apr 2023


      The following Fedora 36 Security updates need testing:
 Age  URL
  13  https://bodhi.fedoraproject.org/updates/FEDORA-2023-de10e674ae   libpcap-1.10.4-1.fc36 tcpdump-4.99.4-1.fc36
  11  https://bodhi.fedoraproject.org/updates/FEDORA-2023-6c3278c87b   thunderbird-102.10.0-1.fc36
  11  https://bodhi.fedoraproject.org/updates/FEDORA-2023-9992b32c1f   python-setuptools-59.6.0-4.fc36
   5  https://bodhi.fedoraproject.org/updates/FEDORA-2023-8b0938312e   libsignal-protocol-c-2.3.3-7.fc36
   5  https://bodhi.fedoraproject.org/updates/FEDORA-2023-b37722768e   rust-askama-0.11.1-4.fc36 rust-askama_shared-0.12.2-4.fc36 rust-comrak-0.18.0-1.fc36
   5  https://bodhi.fedoraproject.org/updates/FEDORA-2023-8900b35c6f   webkit2gtk3-2.40.1-1.fc36
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2023-88c4b55c32   apptainer-1.1.8-1.fc36
The following Fedora 36 Critical Path updates have yet to be approved:
 Age URL
 128  https://bodhi.fedoraproject.org/updates/FEDORA-2022-fabaf54050   gdb-12.1-3.fc36
  13  https://bodhi.fedoraproject.org/updates/FEDORA-2023-ddcb7e8a30   annobin-12.02-1.fc36
  13  https://bodhi.fedoraproject.org/updates/FEDORA-2023-de10e674ae   libpcap-1.10.4-1.fc36 tcpdump-4.99.4-1.fc36
  12  https://bodhi.fedoraproject.org/updates/FEDORA-2023-86dff4f7d6   firewalld-1.2.5-1.fc36
  11  https://bodhi.fedoraproject.org/updates/FEDORA-2023-9992b32c1f   python-setuptools-59.6.0-4.fc36
  11  https://bodhi.fedoraproject.org/updates/FEDORA-2023-6c3278c87b   thunderbird-102.10.0-1.fc36
   7  https://bodhi.fedoraproject.org/updates/FEDORA-2023-fb80a4fff2   pyproject-rpm-macros-1.7.0-1.fc36
   6  https://bodhi.fedoraproject.org/updates/FEDORA-2023-af1aaae396   mariadb-connector-c-3.3.4-2.fc36
   6  https://bodhi.fedoraproject.org/updates/FEDORA-2023-72ef70f677   fedora-appstream-metadata-20230419-1.fc36
   6  https://bodhi.fedoraproject.org/updates/FEDORA-2023-460849706f   linux-firmware-20230404-149.fc36
   5  https://bodhi.fedoraproject.org/updates/FEDORA-2023-8900b35c6f   webkit2gtk3-2.40.1-1.fc36
   5  https://bodhi.fedoraproject.org/updates/FEDORA-2023-1e8b5040e2   evolution-3.44.4-3.fc36
   5  https://bodhi.fedoraproject.org/updates/FEDORA-2023-0355ccf850   pipewire-0.3.70-1.fc36
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2023-9c568e54e3   libmediainfo-23.03-2.fc36 libzen-0.4.41-1.fc36 mediainfo-23.03-2.fc36
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2023-1c19398137   389-ds-base-2.1.8-1.fc36
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2023-84cd7e9664   vim-9.0.1486-1.fc36
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2023-fe709e5968   bind-9.16.40-1.fc36 bind-dyndb-ldap-11.9-23.fc36
The following builds have been pushed to Fedora 36 updates-testing
distribution-gpg-keys-1.87-1.fc36
    git-2.40.1-1.fc36
    ladspa-autotalent-plugins-0.2-39.fc36
    nqp-2023.04-1.fc36
    pspg-5.7.6-1.fc36
    python-awscrt-0.16.16-1.fc36
    python-identify-2.5.23-1.fc36
    python-llvmlite-0.39.1-8.fc36
    python-pynamodb-5.5.0-1.fc36
    python-pyphi-1.2.1-17.fc36
    scitokens-cpp-1.0.1-1.fc36
    x86-simd-sort-1.0-2.fc36
    xfce4-whiskermenu-plugin-2.7.3-1.fc36
Details about builds:
================================================================================
 distribution-gpg-keys-1.87-1.fc36 (FEDORA-2023-315f8a5ff1)
 GPG keys of various Linux distributions
--------------------------------------------------------------------------------
Update Information:
- update copr keys - update virtualbox key - update openSUSE-Backports key -
update skype key
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 26 2023 Miroslav Such�� msuchy@redhat.com 1.87-1
- update copr keys
- update virtualbox key
- update openSUSE-Backports key
- update skype key
* Wed Apr  5 2023 Miroslav Such�� msuchy@redhat.com 1.86-1
- update copr keys
- Add Jenkins 2023
- Add keys for Bacula & Baculum
- Add keys for Google Cloud
- Add VeraCrypt keys
- add Element keys
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2188684 - contains expired RPM-GPG-KEY-openSUSE-Backports key
        https://bugzilla.redhat.com/show_bug.cgi?id=2188684
--------------------------------------------------------------------------------
================================================================================
 git-2.40.1-1.fc36 (FEDORA-2023-003e7d2867)
 Fast Version Control System
--------------------------------------------------------------------------------
Update Information:
update to 2.40.1 (CVE-2023-25652, CVE-2023-25815, CVE-2023-29007)  Refer to the
release notes for 2.30.9 for details of each CVE as well as the following
security advisories from the git project:
https://github.com/git/git/security/advisories/GHSA-2hvf-7c8p-28fx
(CVE-2023-25652)
https://github.com/git/git/security/advisories/GHSA-v48j-4xgg-4844
(CVE-2023-29007)      (At this time there is no upstream advisory for
CVE-2023-25815.  This issue does not affect the Fedora packages as we do not use
the runtime prefix support.)      Release notes:
https://github.com/git/git/raw/v2.30.9/Documentation/RelNotes/2.30.9.txt
https://github.com/git/git/raw/v2.40.1/Documentation/RelNotes/2.40.1.txt
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 25 2023 Todd Zullinger tmz@pobox.com - 2.40.1-1
- update to 2.40.1 (CVE-2023-25652, CVE-2023-25815, CVE-2023-29007)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2188333 - CVE-2023-25652 git: by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents
        https://bugzilla.redhat.com/show_bug.cgi?id=2188333
  [ 2 ] Bug #2188338 - CVE-2023-29007 git: arbitrary configuration injection when renaming or deleting a section from a configuration file
        https://bugzilla.redhat.com/show_bug.cgi?id=2188338
--------------------------------------------------------------------------------
================================================================================
 ladspa-autotalent-plugins-0.2-39.fc36 (FEDORA-2023-e94b5d1ae1)
 A pitch-correcting LADSPA plugin
--------------------------------------------------------------------------------
Update Information:
Drop the PDF reference card, convert License to SPDX, and tidy up packaging
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 26 2023 Benjamin A. Beasley code@musicinmybrain.net - 0.2-39
- Record that the obsolete FSF postal address was reported upstream
* Wed Apr 26 2023 Benjamin A. Beasley code@musicinmybrain.net - 0.2-38
- Stop unnecessarily globbing in the files list
* Wed Apr 26 2023 Benjamin A. Beasley code@musicinmybrain.net - 0.2-37
- Remove unnecessary include-path patching
* Wed Apr 26 2023 Benjamin A. Beasley code@musicinmybrain.net - 0.2-36
- Update URLs and summary
* Wed Apr 26 2023 Benjamin A. Beasley code@musicinmybrain.net - 0.2-35
- Use RPM make macros and improve handling of build flags
* Wed Apr 26 2023 Benjamin A. Beasley code@musicinmybrain.net - 0.2-34
- Update License to SPDX
* Wed Apr 26 2023 Benjamin A. Beasley code@musicinmybrain.net - 0.2-33
- Drop the PDF reference card due to license issues
- Add an explanatory spec-file comment.
* Wed Apr 26 2023 Benjamin A. Beasley code@musicinmybrain.net - 0.2-32
- Improve spec-file formatting
* Thu Jan 19 2023 Fedora Release Engineering releng@fedoraproject.org - 0.2-27
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Thu Jul 21 2022 Fedora Release Engineering releng@fedoraproject.org - 0.2-26
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
 nqp-2023.04-1.fc36 (FEDORA-2023-3ddd2d881a)
 Perl 6 compiler implementation that runs on MoarVM
--------------------------------------------------------------------------------
Update Information:
Update to 2023.04
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 26 2023 topazus topazus@outlook.com - 2023.04-1
- Update to 2023.04
--------------------------------------------------------------------------------
================================================================================
 pspg-5.7.6-1.fc36 (FEDORA-2023-5ae0106f32)
 A unix pager optimized for psql
--------------------------------------------------------------------------------
Update Information:
new upstream release, per release notes:
https://github.com/okbob/pspg/releases/tag/5.7.6
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 26 2023 Pavel Raiskup praiskup@redhat.com - 5.7.6-1
- new upstream release, per release notes:
  https://github.com/okbob/pspg/releases/tag/5.7.6
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2188410 - pspg-5.7.6 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2188410
--------------------------------------------------------------------------------
================================================================================
 python-awscrt-0.16.16-1.fc36 (FEDORA-2023-83019c3872)
 Python bindings for the AWS Common Runtime
--------------------------------------------------------------------------------
Update Information:
https://github.com/awslabs/aws-crt-python/compare/v0.16.13...v0.16.16
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 26 2023 Nikola Forr�� nforro@redhat.com - 0.16.16-1
- New upstream release 0.16.16
--------------------------------------------------------------------------------
================================================================================
 python-identify-2.5.23-1.fc36 (FEDORA-2023-92e8bcad73)
 File identification library for Python
--------------------------------------------------------------------------------
Update Information:
2.5.23
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 26 2023 Gwyn Ciesla gwync@protonmail.com - 2.5.23-1
- 2.5.23
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2189706 - python-identify-2.5.23 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2189706
--------------------------------------------------------------------------------
================================================================================
 python-llvmlite-0.39.1-8.fc36 (FEDORA-2023-3d2e2fb8c4)
 Lightweight LLVM Python binding for writing JIT compilers
--------------------------------------------------------------------------------
Update Information:
Replace downstream patch with backported upstream commit
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 26 2023 Benjamin A. Beasley code@musicinmybrain.net - 0.39.1-8
- Don���t assume %_smp_mflags is -j%_smp_build_ncpus
* Wed Apr 26 2023 Benjamin A. Beasley code@musicinmybrain.net - 0.39.1-7
- Simplify test-suite invocation
* Wed Apr 26 2023 Benjamin A. Beasley code@musicinmybrain.net - 0.39.1-6
- Drop unnecessary manual BR on pyproject-rpm-macros
* Wed Apr 26 2023 Benjamin A. Beasley code@musicinmybrain.net - 0.39.1-5
- Replace a downstream patch with a backported upstream commit
* Wed Apr 26 2023 Benjamin A. Beasley code@musicinmybrain.net - 0.39.1-4
- Add public-domain text link in license breakdown
--------------------------------------------------------------------------------
================================================================================
 python-pynamodb-5.5.0-1.fc36 (FEDORA-2023-ddaf8b482e)
 A pythonic interface to Amazon���s DynamoDB
--------------------------------------------------------------------------------
Update Information:
v5.5.0 ----------  - `pynamodb.models.Model.save`,
`pynamodb.models.Model.update`, `pynamodb.models.Model.delete_item`,   and
`pynamodb.models.Model.delete` now accept a `add_version_condition` parameter.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 26 2023 Benjamin A. Beasley code@musicinmybrain.net - 5.5.0-1
- Update to 5.5.0 (close RHBZ#2189719)
* Wed Apr 26 2023 Benjamin A. Beasley code@musicinmybrain.net - 5.4.1-2
- Don���t assume %_smp_mflags is -j%_smp_build_ncpus
--------------------------------------------------------------------------------
================================================================================
 python-pyphi-1.2.1-17.fc36 (FEDORA-2023-c274e831c1)
 A toolbox for integrated information theory
--------------------------------------------------------------------------------
Update Information:
Convert License to SPDX; build documentation as PDF; other minor packaging
improvements
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 25 2023 Benjamin A. Beasley code@musicinmybrain.net - 1.2.1-17
- Update summary and description from upstream
* Tue Apr 25 2023 Benjamin A. Beasley code@musicinmybrain.net - 1.2.1-16
- Build documentation as PDF instead of HTML
* Tue Apr 25 2023 Benjamin A. Beasley code@musicinmybrain.net - 1.2.1-15
- Slightlier tidier shebang stripping
* Tue Apr 25 2023 Benjamin A. Beasley code@musicinmybrain.net - 1.2.1-14
- Use generated BR���s for tests
* Tue Apr 25 2023 Benjamin A. Beasley code@musicinmybrain.net - 1.2.1-13
- Apply sphinx-contrib-napolean with a patch rather than a sed invocation
* Tue Apr 25 2023 Benjamin A. Beasley code@musicinmybrain.net - 1.2.1-12
- Simplify patch application
* Tue Apr 25 2023 Benjamin A. Beasley code@musicinmybrain.net - 1.2.1-11
- Drop forge macros, which are not doing much for us
* Tue Apr 25 2023 Benjamin A. Beasley code@musicinmybrain.net - 1.2.1-10
- Convert to SPDX and remove bundled bits
* Tue Apr 25 2023 Benjamin A. Beasley code@musicinmybrain.net - 1.2.1-9
- Add RHBZ link for s390x failures
* Tue Apr 25 2023 Benjamin A. Beasley code@musicinmybrain.net - 1.2.1-8
- Build on all arches to ensure we detect arch-dependent test failures
* Fri Jan 20 2023 Fedora Release Engineering releng@fedoraproject.org - 1.2.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Fri Jul 22 2022 Fedora Release Engineering releng@fedoraproject.org - 1.2.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Mon Jun 20 2022 Python Maint python-maint@redhat.com - 1.2.1-4
- Rebuilt for Python 3.11
--------------------------------------------------------------------------------
================================================================================
 scitokens-cpp-1.0.1-1.fc36 (FEDORA-2023-eec18b74d6)
 C++ Implementation of the SciTokens Library
--------------------------------------------------------------------------------
Update Information:
Fix bug in generate acls which would cause a timeout
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 26 2023 Derek Weitzel dweitzel@unl.edu - 1.0.1-1
- Fix bug in generate acls which would cause a timeout
--------------------------------------------------------------------------------
================================================================================
 x86-simd-sort-1.0-2.fc36 (FEDORA-2023-a58a1ef7e3)
 C++ header file library for high performance SIMD based sorting algorithms
--------------------------------------------------------------------------------
Update Information:
1st release
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 26 2023 Ali Erdinc Koroglu aekoroglu@linux.intel.com - 1.0-2
- dependency fix
* Wed Apr 26 2023 Ali Erdinc Koroglu aekoroglu@linux.intel.com - 1.0-1
- 1st release
--------------------------------------------------------------------------------
================================================================================
 xfce4-whiskermenu-plugin-2.7.3-1.fc36 (FEDORA-2023-c62fec34ed)
 An alternate application launcher for Xfce
--------------------------------------------------------------------------------
Update Information:
- Update to 2.7.3 fixes rhbz#2189912
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 26 2023 Filipe Rosset rosset.filipe@gmail.com - 2.7.3-1
- Update to 2.7.3 fixes rhbz#2189912
* Sat Jan 21 2023 Fedora Release Engineering releng@fedoraproject.org - 2.7.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Tue Jan 17 2023 Mukundan Ragavan nonamedotc@fedoraproject.org - 2.7.2-1
- Update to v2.7.2
* Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org - 2.7.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------