The following Fedora 36 Security updates need testing:
Age URL
57
https://bodhi.fedoraproject.org/updates/FEDORA-2022-15729fa33d
perl-Alien-ProtoBuf-0.09-17.fc36 protobuf-3.19.6-1.fc36
11
https://bodhi.fedoraproject.org/updates/FEDORA-2023-e821b64a4c
edk2-20221117gitfff6d81270b5-14.fc36
10
https://bodhi.fedoraproject.org/updates/FEDORA-2023-dad0295b25 xen-4.16.3-3.fc36
8
https://bodhi.fedoraproject.org/updates/FEDORA-2023-30e81e5293
c-ares-1.19.0-1.fc36
6
https://bodhi.fedoraproject.org/updates/FEDORA-2023-672f668f51
python-cryptography-36.0.0-4.fc36
6
https://bodhi.fedoraproject.org/updates/FEDORA-2023-ce66f112b2
golang-1.19.6-1.fc36
4
https://bodhi.fedoraproject.org/updates/FEDORA-2023-3d775d93be
python-django3-3.2.18-1.fc36
4
https://bodhi.fedoraproject.org/updates/FEDORA-2023-051e9ea171
stb-0^20230129git5736b15-0.2.fc36
2
https://bodhi.fedoraproject.org/updates/FEDORA-2023-ac5e1832f9 usd-22.03-10.fc36
2
https://bodhi.fedoraproject.org/updates/FEDORA-2023-7bd6fbb5fa
rust-sequoia-octopus-librnp-1.4.1-5.fc36 rust-sequoia-sop-0.26.1-5.fc36
rust-sequoia-sq-0.26.0-5.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2023-4fc4c33f2b gnutls-3.8.0-1.fc36
guile-gnutls-3.7.11-1.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2023-c230cc08c4
perl-HTTP-Daemon-6.16-1.fc36
0
https://bodhi.fedoraproject.org/updates/FEDORA-2023-4afddd37a9
libtpms-0.9.6-1.fc36
The following Fedora 36 Critical Path updates have yet to be approved:
Age URL
71
https://bodhi.fedoraproject.org/updates/FEDORA-2022-fabaf54050 gdb-12.1-3.fc36
57
https://bodhi.fedoraproject.org/updates/FEDORA-2022-15729fa33d
perl-Alien-ProtoBuf-0.09-17.fc36 protobuf-3.19.6-1.fc36
14
https://bodhi.fedoraproject.org/updates/FEDORA-2023-13f71d04fc
gnome-shell-42.8-1.fc36 mutter-42.8-1.fc36
12
https://bodhi.fedoraproject.org/updates/FEDORA-2023-d7c4ff86aa
samba-4.16.9-0.fc36
12
https://bodhi.fedoraproject.org/updates/FEDORA-2023-a8bbed482b koji-1.32.0-1.fc36
12
https://bodhi.fedoraproject.org/updates/FEDORA-2023-1d4621df55
pipewire-0.3.66-1.fc36
12
https://bodhi.fedoraproject.org/updates/FEDORA-2023-68f9a577c2
appstream-data-36-6.fc36
11
https://bodhi.fedoraproject.org/updates/FEDORA-2023-e821b64a4c
edk2-20221117gitfff6d81270b5-14.fc36
10
https://bodhi.fedoraproject.org/updates/FEDORA-2023-dad0295b25 xen-4.16.3-3.fc36
9
https://bodhi.fedoraproject.org/updates/FEDORA-2023-8cbe8590ed
rust-rav1e-0.5.0-8.fc36
8
https://bodhi.fedoraproject.org/updates/FEDORA-2023-30e81e5293
c-ares-1.19.0-1.fc36
8
https://bodhi.fedoraproject.org/updates/FEDORA-2023-4b7992f752
fedora-appstream-metadata-20230220-1.fc36
7
https://bodhi.fedoraproject.org/updates/FEDORA-2023-3ab01cdee2
freerdp-2.10.0-1.fc36
6
https://bodhi.fedoraproject.org/updates/FEDORA-2023-7d1e4f8e5e ethtool-6.2-1.fc36
6
https://bodhi.fedoraproject.org/updates/FEDORA-2023-672f668f51
python-cryptography-36.0.0-4.fc36
4
https://bodhi.fedoraproject.org/updates/FEDORA-2023-f598efbe30
kf5-kidletime-5.103.0-2.fc36
4
https://bodhi.fedoraproject.org/updates/FEDORA-2023-aba8530e65
xorg-x11-drv-amdgpu-23.0.0-1.fc36
4
https://bodhi.fedoraproject.org/updates/FEDORA-2023-edb120eb86 ndctl-76.1-1.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2023-4fc4c33f2b gnutls-3.8.0-1.fc36
guile-gnutls-3.7.11-1.fc36
0
https://bodhi.fedoraproject.org/updates/FEDORA-2023-4afddd37a9
libtpms-0.9.6-1.fc36
0
https://bodhi.fedoraproject.org/updates/FEDORA-2023-f52c618667
annobin-11.11-1.fc36
0
https://bodhi.fedoraproject.org/updates/FEDORA-2023-6b4844e6b7
zchunk-1.3.0-1.fc36
The following builds have been pushed to Fedora 36 updates-testing
CGAL-5.4.4-1.fc36
aqbanking-6.5.4-1.fc36
caddy-2.4.6-6.fc36
centpkg-0.7.1-1.fc36
cmake-3.26.0~rc5-1.fc36
cryptobone-1.5-1.fc36
fedpkg-1.44-2.fc36
fotoxx-23.2-1.fc36
golang-github-rivo-uniseg-0.4.4-2.fc36
google-api-python-client-2.80.0-1.fc36
mrack-1.13.3-1.fc36
obs-build-20230228-415.1.1.fc36
osbuild-composer-76-1.fc36
python-jenkins-job-builder-4.3.0-1.fc36
python-productmd-1.35-1.fc36
qatlib-23.02.0-1.fc36
redis-6.2.11-1.fc36
rpkg-1.66-3.fc36
rust-bytemuck-1.13.1-1.fc36
rust-memsec-0.6.3-1.fc36
rust-tokio-1.26.0-1.fc36
selint-1.4.0-1.fc36
tigervnc-1.13.1-1.fc36
tkrzw-1.0.26-1.fc36
Details about builds:
================================================================================
CGAL-5.4.4-1.fc36 (FEDORA-2023-bedeafe761)
Computational Geometry Algorithms Library
--------------------------------------------------------------------------------
Update Information:
New upstream release: [
CGAL-5.4.4](https://www.cgal.org/2023/02/28/cgal5.4.4/)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Laurent Rineau <laurent.rineau(a)cgal.org> - 5.4.4
- New upstream release
--------------------------------------------------------------------------------
================================================================================
aqbanking-6.5.4-1.fc36 (FEDORA-2023-81ed365679)
A library for online banking functions and financial data import/export
--------------------------------------------------------------------------------
Update Information:
6.5.4
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Gwyn Ciesla <gwync(a)protonmail.com> - 6.5.4-1
- 6.5.4
* Wed Jan 18 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 6.5.3-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Mon Oct 10 2022 Gwyn Ciesla <gwync(a)protonmail.com> - 6.5.3-2
- Enable libchipcard.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2174507 - aqbanking-6.5.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2174507
--------------------------------------------------------------------------------
================================================================================
caddy-2.4.6-6.fc36 (FEDORA-2023-a258bed79b)
Web server with automatic HTTPS
--------------------------------------------------------------------------------
Update Information:
Backport of upstream fix for CVE-2022-29718.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Carl George <carl(a)george.computer> - 2.4.6-6
- Backport of upstream fix for CVE-2022-29718
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2096860 - CVE-2022-29718 caddy: unauthenticated open redirect vulnerability
[fedora-36]
https://bugzilla.redhat.com/show_bug.cgi?id=2096860
--------------------------------------------------------------------------------
================================================================================
centpkg-0.7.1-1.fc36 (FEDORA-2023-d0c383ae8c)
CentOS utility for working with dist-git
--------------------------------------------------------------------------------
Update Information:
Latest upstream
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Troy Dawson <tdawson(a)redhat.com> - 0.7.1-1
- Latest upstream
* Tue Feb 28 2023 Troy Dawson <tdawson(a)redhat.com> - 0.7.0-1
- Latest upstream - adds --rhel-target feature
* Wed Jan 18 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.6.9-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
cmake-3.26.0~rc5-1.fc36 (FEDORA-2023-b994e90ecf)
Cross-platform make system
--------------------------------------------------------------------------------
Update Information:
Update to cmake-3.26.0-rc5.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Bj��rn Esser <besser82(a)fedoraproject.org> - 3.26.0~rc5-1
- cmake-3.26.0-rc5
* Wed Feb 22 2023 Bj��rn Esser <besser82(a)fedoraproject.org> - 3.26.0~rc4-1
- cmake-3.26.0-rc4
Fixes rhbz#2172604
* Wed Feb 15 2023 Bj��rn Esser <besser82(a)fedoraproject.org> - 3.26.0~rc3-1
- cmake-3.26.0-rc3
Fixes rhbz#2170100
* Thu Feb 9 2023 Bj��rn Esser <besser82(a)fedoraproject.org> - 3.26.0~rc2-1
- cmake-3.26.0-rc2
Fixes rhbz#2167064
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2174456 - cmake-3.26.0-rc5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2174456
--------------------------------------------------------------------------------
================================================================================
cryptobone-1.5-1.fc36 (FEDORA-2023-bf07c3edab)
Secure Communication Under Your Control
--------------------------------------------------------------------------------
Update Information:
This is a major update that improves the mail exchange and GUI.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 28 2023 Ralf Senderek <innovation(a)senderek.ie> - 1.5-1
- Update email transport and GUI
--------------------------------------------------------------------------------
================================================================================
fedpkg-1.44-2.fc36 (FEDORA-2023-a807dcedb5)
Fedora utility for working with dist-git
--------------------------------------------------------------------------------
Update Information:
A new release presents these changes: *
https://docs.pagure.org/fedpkg/releases/1.44.html *
https://docs.pagure.org/rpkg/releases/1.66.html +Patch
https://bodhi.fedoraproject.org/updates/FEDORA-2023-e7db0e991f
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Ond��ej Nosek <onosek(a)redhat.com> - 1.44-2
- Require a bumped rpkg version
* Mon Feb 20 2023 Ond��ej Nosek <onosek(a)redhat.com> - 1.44-1
- Do not execute unittests for old bodhi-client (onosek)
- New command `disable-monitoring` (onosek)
- Set default_branch_merge to 'rawhide' (otto.liljalaakso)
- `fedpkg update`: can handle $EDITOR with arguments - #492 (onosek)
- Add Jenkinsfile for CI (onosek)
* Mon Jan 30 2023 Miro Hron��ok <mhroncok(a)redhat.com> - 1.43-3
- Rebuilt to change Python shebangs to /usr/bin/python3.6 on EPEL 8
* Thu Jan 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.43-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
fotoxx-23.2-1.fc36 (FEDORA-2023-5efc3556ca)
Photo editor
--------------------------------------------------------------------------------
Update Information:
23.2
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Gwyn Ciesla <gwync(a)protonmail.com> - 23.2-1
- 23.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2174357 - fotoxx-23.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2174357
--------------------------------------------------------------------------------
================================================================================
golang-github-rivo-uniseg-0.4.4-2.fc36 (FEDORA-2023-2c549227c6)
Unicode Text Segmentation, Word Wrapping, and String Width Calculation in Go
--------------------------------------------------------------------------------
Update Information:
Update to 0.4.4
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Mikel Olasagasti Uranga <mikel(a)olasagasti.info> - 0.4.4-2
- Update to 0.4.4 - Closes rhbz#2172526
* Wed Mar 1 2023 Mikel Olasagasti Uranga <mikel(a)olasagasti.info> - 0.4.4-1
- Update to 0.4.4 - Closes rhbz#2172526
* Thu Jan 19 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.4.3-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
google-api-python-client-2.80.0-1.fc36 (FEDORA-2023-7a61bc8bd4)
Google APIs Client Library for Python
--------------------------------------------------------------------------------
Update Information:
Update to 2.80.0
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Mikel Olasagasti Uranga <mikel(a)olasagasti.info> - 2:2.80.0-1
- Update to 2.80.0 - Closes rhbz#2172245
--------------------------------------------------------------------------------
================================================================================
mrack-1.13.3-1.fc36 (FEDORA-2023-02b95f8dd3)
Multicloud use-case based multihost async provisioner
--------------------------------------------------------------------------------
Update Information:
Automatic update for mrack-1.13.3-1.fc36. ##### **Changelog for mrack** ``` *
Wed Mar 01 2023 Tibor Dudl��k <tdudlak(a)redhat.com> - 1.13.3-1 - 0f62237
fix(OpenStack): await loading limits to not break provisioning (Tibor Dudl��k) *
Wed Mar 01 2023 Tibor Dudl��k <tdudlak(a)redhat.com> - 1.13.2-1 - 06f18d1 fix: Use
get method when host error object is a dictionary (Tibor Dudl��k) - fd33d68
fix(Beaker): rerurn common dictionary when validation fails (Tibor Dudl��k) -
b6c5ef4 fix(OpenStack): Add exception parameter when validation fails (Tibor
Dudl��k) - fa2c779 fix(OpenStack): load limits properly by one method (Tibor
Dudl��k) - 61e515f chore: change back mrack dist release to 1 (Tibor Dudl��k) ```
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Tibor Dudl��k <tdudlak(a)redhat.com> - 1.13.3-1
- 0f62237 fix(OpenStack): await loading limits to not break provisioning (Tibor Dudl��k)
* Wed Mar 1 2023 Tibor Dudl��k <tdudlak(a)redhat.com> - 1.13.2-1
- 06f18d1 fix: Use get method when host error object is a dictionary (Tibor Dudl��k)
- fd33d68 fix(Beaker): rerurn common dictionary when validation fails (Tibor Dudl��k)
- b6c5ef4 fix(OpenStack): Add exception parameter when validation fails (Tibor Dudl��k)
- fa2c779 fix(OpenStack): load limits properly by one method (Tibor Dudl��k)
- 61e515f chore: change back mrack dist release to 1 (Tibor Dudl��k)
--------------------------------------------------------------------------------
================================================================================
obs-build-20230228-415.1.1.fc36 (FEDORA-2023-29c2858b74)
A generic package build script
--------------------------------------------------------------------------------
Update Information:
New upstream release 20230228 ---- New upstream release 20230215
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Dan ��erm��k <dan.cermak(a)cgc-instruments.com> - 20230228-1
- New upstream release 20230228, fixes rhbz#2174169
* Tue Feb 21 2023 Dan ��erm��k <dan.cermak(a)cgc-instruments.com> - 20230215-1
- New upstream release 20230215, fixes rhbz#2169991
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2169991 - obs-build-20230215 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2169991
[ 2 ] Bug #2174169 - obs-build-20230228 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2174169
--------------------------------------------------------------------------------
================================================================================
osbuild-composer-76-1.fc36 (FEDORA-2023-f68e4de617)
An image building service based on osbuild
--------------------------------------------------------------------------------
Update Information:
Automatic update for osbuild-composer-76-1.fc36. ##### **Changelog for osbuild-
composer** ``` * Wed Mar 01 2023 Packit <hello(a)packit.dev> - 76-1 Changes with
76 ---------------- * Fix CIV_OPTIONS bug (#3297) * Update test suite after
rebase to weldr-client-35.9 (#3296) * distro: assign pipeline-specific repos
to package sets (#3291) * ignition: enable systemd firstboot condition through
kargs (#3308) Contributions from: Achilleas Koutsou, Alexander Todorov, Antonio
Murdaca, Juan Abia ��� Somewhere on the Internet, 2023-03-01 * Wed Feb 22 2023
Packit <hello(a)packit.dev> - 75-1 Changes with 75 ---------------- * Blueprint:
add support for custom files and directories in `/etc` (#3281) * Image info:
Update from manifest-db (#3278) * `edge-simplified-installer` allows User &
Group customizations (#3285) * cloudapi: Add subscription option for rhc
(#3240) * internal/prometheus: add more buckets for job durations (#3273) *
osbuild-worker/koji: Add logging for koji requests/responses (#3252) * rhel:
fix conditionals for sysroot.readonly enablement (#3276) * test/cases: move
CIV options into a variable (#3279) Contributions from: Antonio Murdaca, Brian
C. Lane, Diaa Sami, Irene Diez, Jakub Rusz, Juan Abia, Mario Cattamo, Sanne
Raymaekers, Thomas Lavocat, Tom���� Hozza, Xiaofeng Wang ��� Somewhere on the
Internet, 2023-02-22 ``` ---- Automatic update for osbuild-
composer-75-1.fc36. ##### **Changelog for osbuild-composer** ``` * Wed Feb 22
2023 Packit <hello(a)packit.dev> - 75-1 Changes with 75 ---------------- *
Blueprint: add support for custom files and directories in `/etc` (#3281) *
Image info: Update from manifest-db (#3278) * `edge-simplified-installer`
allows User & Group customizations (#3285) * cloudapi: Add subscription option
for rhc (#3240) * internal/prometheus: add more buckets for job durations
(#3273) * osbuild-worker/koji: Add logging for koji requests/responses (#3252)
* rhel: fix conditionals for sysroot.readonly enablement (#3276) * test/cases:
move CIV options into a variable (#3279) Contributions from: Antonio Murdaca,
Brian C. Lane, Diaa Sami, Irene Diez, Jakub Rusz, Juan Abia, Mario Cattamo,
Sanne Raymaekers, Thomas Lavocat, Tom���� Hozza, Xiaofeng Wang ��� Somewhere on the
Internet, 2023-02-22 ```
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Packit <hello(a)packit.dev> - 76-1
Changes with 76
----------------
* Fix CIV_OPTIONS bug (#3297)
* Update test suite after rebase to weldr-client-35.9 (#3296)
* distro: assign pipeline-specific repos to package sets (#3291)
* ignition: enable systemd firstboot condition through kargs (#3308)
Contributions from: Achilleas Koutsou, Alexander Todorov, Antonio Murdaca, Juan Abia
��� Somewhere on the Internet, 2023-03-01
* Wed Feb 22 2023 Packit <hello(a)packit.dev> - 75-1
Changes with 75
----------------
* Blueprint: add support for custom files and directories in `/etc` (#3281)
* Image info: Update from manifest-db (#3278)
* `edge-simplified-installer` allows User & Group customizations (#3285)
* cloudapi: Add subscription option for rhc (#3240)
* internal/prometheus: add more buckets for job durations (#3273)
* osbuild-worker/koji: Add logging for koji requests/responses (#3252)
* rhel: fix conditionals for sysroot.readonly enablement (#3276)
* test/cases: move CIV options into a variable (#3279)
Contributions from: Antonio Murdaca, Brian C. Lane, Diaa Sami, Irene Diez, Jakub Rusz,
Juan Abia, Mario Cattamo, Sanne Raymaekers, Thomas Lavocat, Tom���� Hozza, Xiaofeng Wang
��� Somewhere on the Internet, 2023-02-22
--------------------------------------------------------------------------------
================================================================================
python-jenkins-job-builder-4.3.0-1.fc36 (FEDORA-2023-49de1b2b19)
Manage Jenkins jobs with YAML
--------------------------------------------------------------------------------
Update Information:
Update to 4.3.0 (rhbz#2173887)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Christoph Erhardt <fedora(a)sicherha.de> - 1:4.3.0-1
- Update to 4.3.0 (rhbz#2173887)
* Fri Jan 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1:4.1.0-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2173887 - python-jenkins-job-builder-4.3.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2173887
--------------------------------------------------------------------------------
================================================================================
python-productmd-1.35-1.fc36 (FEDORA-2023-7f93ad4312)
Library providing parsers for metadata related to OS installation
--------------------------------------------------------------------------------
Update Information:
Rebased to latest upstream release. * Fix support for obtaining metadata via
FTP * Add `vhd-compressed` image type * Add support for EulerOS
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Lubom��r Sedl���� <lsedlar(a)redhat.com> - 1.35-1
- New upstream release 1.35
* Fri Jan 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.33-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Fri Jul 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.33-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Mon Jun 13 2022 Python Maint <python-maint(a)redhat.com> - 1.33-5
- Rebuilt for Python 3.11
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2173937 - python-productmd-1.34 is now available
https://bugzilla.redhat.com/show_bug.cgi?id=2173937
--------------------------------------------------------------------------------
================================================================================
qatlib-23.02.0-1.fc36 (FEDORA-2023-743bebe40e)
Intel QuickAssist user space library
--------------------------------------------------------------------------------
Update Information:
Update to qatlib 23.02.0.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 24 2023 Giovanni Cabiddu <giovanni.cabiddu(a)intel.com> - 23.02.0-1
- Update to qatlib 23.02.0
* Fri Jan 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 22.07.2-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
redis-6.2.11-1.fc36 (FEDORA-2023-7a98e2d545)
A persistent key-value database
--------------------------------------------------------------------------------
Update Information:
**Redis 6.2.11** - Released Tue Feb 28 12:00:00 IST 2023 Upgrade urgency:
SECURITY, contains fixes to security issues. Security Fixes: *
(**CVE-2023-25155**) Specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD
commands can trigger an integer overflow, resulting in a runtime assertion and
termination of the Redis server process. * (**CVE-2022-36021**) String matching
commands (like SCAN or KEYS) with a specially crafted pattern to trigger a
denial-of-service attack on Redis, causing it to hang and consume 100% CPU
time. Bug Fixes * Fix a crash when reaching the maximum invalidations limit of
client-side tracking (#11814) * Fix cluster inbound link keepalive time (#11785)
* Make sure that fork child doesn't do incremental rehashing (#11692)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Remi Collet <remi(a)remirepo.net> - 6.2.11-1
- Upstream 6.2.11 release.
--------------------------------------------------------------------------------
================================================================================
rpkg-1.66-3.fc36 (FEDORA-2023-a807dcedb5)
Python library for interacting with rpm+git
--------------------------------------------------------------------------------
Update Information:
A new release presents these changes: *
https://docs.pagure.org/fedpkg/releases/1.44.html *
https://docs.pagure.org/rpkg/releases/1.66.html +Patch
https://bodhi.fedoraproject.org/updates/FEDORA-2023-e7db0e991f
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Ond��ej Nosek <onosek(a)redhat.com> - 1.66-3
- Patch: Process source URLs with fragment in pre-push hook
- Patch: container-build: update --signing-intent help for OSBS 2
* Tue Feb 21 2023 Ond��ej Nosek <onosek(a)redhat.com> - 1.66-2
- rebuild for unification of all branches
* Mon Feb 20 2023 Ond��ej Nosek <onosek(a)redhat.com> - 1.66-1
- container-build: document --compose-ids overrides any new composes (kdreyer)
- Use srpm when scratch-building from dirty repo - #652 (otto.liljalaakso)
- Code cleanup in tests/test_cli.py (otto.liljalaakso)
- Reduce indentation in assert_build helper (otto.liljalaakso)
- Allow empty commits - 494 (msuchy)
- Allow forcing download of all sources - #650 (otto.liljalaakso)
- Add test case for not downloading unused sources (otto.liljalaakso)
- Support 'results_dir=subdir' when building from srpm - #648
(otto.liljalaakso)
- Use local branch name as release when there is no remote (otto.liljalaakso)
- Allow downstreams to define a default release (otto.liljalaakso)
- Switch load_branch_merge to use multiple return (otto.liljalaakso)
- Unittests for 'git push' hook script (onosek)
- Checking a repo configuration before 'git push' with a git hook script - 491
(onosek)
- Fix skipping NVR check with autorelease (nils)
- pyrpkg.spec.SpecFile: More lenient parser for Source/Patch lines (fweimer)
- Fix URL in CHANGELOG.rst (tmz)
- Add Jenkinsfile for CI (onosek)
- mockbuild: escape rpm command under mock - rhbz#2130349 (onosek)
- Fixes for exploded SRPM layouts - #633 (tdawson)
- `fedpkg local` does not show rpmbuild output - rhbz#2124809 (onosek)
--------------------------------------------------------------------------------
================================================================================
rust-bytemuck-1.13.1-1.fc36 (FEDORA-2023-23a9973a2b)
Crate for mucking around with piles of bytes
--------------------------------------------------------------------------------
Update Information:
Update to version 1.13.1.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Fabio Valentini <decathorpe(a)gmail.com> - 1.13.1-1
- Update to version 1.13.1; Fixes RHBZ#2174225
--------------------------------------------------------------------------------
================================================================================
rust-memsec-0.6.3-1.fc36 (FEDORA-2023-39a3718e0d)
Rust implementation of libsodium/utils
--------------------------------------------------------------------------------
Update Information:
Update to version 0.6.3.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Fabio Valentini <decathorpe(a)gmail.com> - 0.6.3-1
- Update to version 0.6.3; Fixes RHBZ#2174347
* Fri Jan 20 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.6.2-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Sat Jul 23 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.6.2-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rust-tokio-1.26.0-1.fc36 (FEDORA-2023-77a730e89d)
Event-driven, non-blocking I/O platform
--------------------------------------------------------------------------------
Update Information:
Update to version 1.26.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Fabio Valentini <decathorpe(a)gmail.com> - 1.26.0-1
- Update to version 1.26.0; Fixes RHBZ#2174594
--------------------------------------------------------------------------------
================================================================================
selint-1.4.0-1.fc36 (FEDORA-2023-be812e768d)
Static code analysis tool for SELinux policy source files
--------------------------------------------------------------------------------
Update Information:
New Fedora package
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 8 2023 Juraj Marcin <juraj(a)jurajmarcin.com> - 1.4.0-1
- v 1.4.0
* Mon Dec 19 2022 Vit Mojzis <vmojzis(a)redhat.com> - 1.3.0-1
- v 1.3.0
- Silence warning in bison generated code
- Drop dead stores
- Declare file local variable static
- Drop duplicate semicolons
- Add missing fall through comment
- Drop duplicate include
- Update URLs after repository move
- Add check example for W-012
- Add new check to warn about incorrect usage of audit_access permission
- Warn on duplicate policy configuration files
- Reduce recursion in free_policy_node
- Support disable commands for tunable conditions
- Support ifn?def in .if files
* Fri Sep 2 2022 Vit Mojzis <vmojzis(a)redhat.com> - 1.2.1-3
- v 1.2.1
--------------------------------------------------------------------------------
================================================================================
tigervnc-1.13.1-1.fc36 (FEDORA-2023-c41e8f24bb)
A TigerVNC remote display system
--------------------------------------------------------------------------------
Update Information:
Tigervnc 1.13.1 update. CVE-2023-0494 tigervnc: xorg-x11-server:
DeepCopyPointerClasses use-after-free leads to privilege elevation
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 Jan Grulich <jgrulich(a)redhat.com> - 1.13.1-1
- 1.13.1
* Tue Feb 21 2023 Jan Grulich <jgrulich(a)redhat.com> - 1.13.0-3
- vncsession: allow to create .vnc directory
* Wed Feb 15 2023 Jan Grulich <jgrulich(a)redhat.com> - 1.13.0-2
- Backport: Sanity check when cleaning up keymap changes
* Tue Feb 7 2023 Jan Grulich <jgrulich(a)redhat.com> - 1.13.0-1
- 1.13.0
- CVE-2023-0494
* Tue Jan 31 2023 Jan Grulich <jgrulich(a)redhat.com> - 1.12.0-9
- migrated to SPDX license
* Sat Jan 21 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.12.0-8
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Sat Jul 23 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.12.0-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2165995 - CVE-2023-0494 xorg-x11-server: DeepCopyPointerClasses
use-after-free leads to privilege elevation
https://bugzilla.redhat.com/show_bug.cgi?id=2165995
--------------------------------------------------------------------------------
================================================================================
tkrzw-1.0.26-1.fc36 (FEDORA-2023-85ab2c5407)
A straightforward implementation of DBM
--------------------------------------------------------------------------------
Update Information:
Version bump ---- Version bump
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 1 2023 TI_Eugene <ti.eugene(a)gmail.com> - 1.0.26-1
- Version bump
* Tue Feb 28 2023 TI_Eugene <ti.eugene(a)gmail.com> - 1.0.25-1
- Version bump
* Sat Jan 21 2023 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.0.24-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Sat Jul 23 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.0.24-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------