The following Fedora 33 Security updates need testing:
Age URL
18
https://bodhi.fedoraproject.org/updates/FEDORA-2021-c3d587d52c shim-15.4-1
13
https://bodhi.fedoraproject.org/updates/FEDORA-2021-c56a213327
skopeo-1.2.3-1.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-ab6e2a0828
p7zip-16.02-20.fc33
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-4a17f0225d
ansible-2.9.20-1.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-f925ef1e2a
pngcheck-2.4.0-8.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-cfdc434610
libtpms-0.8.2-0.20210426git729fc6a4ca.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-88d24aa32b
perl-Image-ExifTool-12.16-3.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-90b4716992
axel-2.17.10-1.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-d4149ff7fb
libmicrohttpd-0.9.73-1.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-dd62918333
python-yara-4.1.0-1.fc33 yara-4.1.0-1.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-05a145ee27 php-7.4.18-1.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-3f975f68c8
python-pygments-2.6.1-6.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-b9093bc6c6
java-latest-openjdk-16.0.1.0.9-1.rolling.fc33
The following Fedora 33 Critical Path updates have yet to be approved:
Age URL
37
https://bodhi.fedoraproject.org/updates/FEDORA-2021-2961f34ccb
PackageKit-1.2.3-1.fc33
20
https://bodhi.fedoraproject.org/updates/FEDORA-2021-e8f2b4555f
libbluray-1.3.0-1.fc33
14
https://bodhi.fedoraproject.org/updates/FEDORA-2021-0fcde60f54
xdg-desktop-portal-1.8.1-2.fc33
10
https://bodhi.fedoraproject.org/updates/FEDORA-2021-447fb19490
createrepo_c-0.17.2-1.fc33 dnf-4.7.0-1.fc33 dnf-plugins-core-4.0.21-1.fc33
libdnf-0.62.0-1.fc33 librepo-1.14.0-1.fc33 microdnf-3.8.0-1.fc33
10
https://bodhi.fedoraproject.org/updates/FEDORA-2021-a5cba1894e
mtools-4.0.27-1.fc33
10
https://bodhi.fedoraproject.org/updates/FEDORA-2021-e50f4a64ac
plymouth-0.9.5-2.20210331git1ea1020.fc33
7
https://bodhi.fedoraproject.org/updates/FEDORA-2021-45b9b30892
evolution-data-server-3.38.4-2.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-604697bc65
gnome-online-accounts-3.38.2-1.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-f1f18d78a6
nfs-utils-2.5.3-2.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-56ab6d4bcc
osinfo-db-20210426-1.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-6761b1adac
shadow-utils-4.8.1-6.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-988350dcad
poppler-0.90.0-7.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-353ac32f40
xdg-utils-1.1.3-9.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-610deea5b8
pipewire-0.3.26-2.fc33
0
https://bodhi.fedoraproject.org/updates/FEDORA-2021-ea13091639
gnome-software-3.38.2-2.fc33
0
https://bodhi.fedoraproject.org/updates/FEDORA-2021-55842d68c9
kernel-5.11.17-200.fc33
0
https://bodhi.fedoraproject.org/updates/FEDORA-2021-050d4e8def
selinux-policy-3.14.6-37.fc33
The following builds have been pushed to Fedora 33 updates-testing
ardour6-6.6.0-1.fc33
dcfldd-1.7-1.fc33
dd_rescue-1.99.11-1.fc33
dialog-1.3-29.20210117.fc33
exiv2-0.27.3-6.fc33
fedora-repos-33-5
fedora-upgrade-34.3-1.fc33
iaito-5.2.2-1.fc33
kirigami-gallery-21.04.0-1.fc33
php-laminas-cache-2.10.2-1.fc33
php-pear-Net-Sieve-1.4.5-1.fc33
pungi-4.2.9-1.fc33
qt5-qtwayland-5.15.2-6.fc33
rpm-ostree-2021.4-3.fc33
samba-4.13.8-0.fc33
stalld-1.10-1.fc33
vdr-osdteletext-2.1.1-1.fc33
Details about builds:
================================================================================
ardour6-6.6.0-1.fc33 (FEDORA-2021-ab9406e9e1)
Digital Audio Workstation
--------------------------------------------------------------------------------
Update Information:
Upstream bugfix and enhancement release. For details, refer to the [upstream
release
announcement](https://discourse.ardour.org/t/ardour-6-6-is-
released/105521).
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 24 2021 Guido Aulisi <guido.aulisi(a)gmail.com> - 6.6.0-1
- Version 6.6.0
- Fix FTBFS with GCC 11
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 6.5.0-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
dcfldd-1.7-1.fc33 (FEDORA-2021-7b305028ce)
Improved dd, useful for forensics and security
--------------------------------------------------------------------------------
Update Information:
switch to fork
https://github.com/resurrecting-open-source-projects/dcfldd
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 28 2021 Michal Ambroz <rebus at, seznam.cz> - 1.7-1
- switch to fork
https://github.com/resurrecting-open-source-projects/dcfldd
- bump to version 1.7
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
1.3.4.1-23
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1955105 - dcfldd-1.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1955105
--------------------------------------------------------------------------------
================================================================================
dd_rescue-1.99.11-1.fc33 (FEDORA-2021-75087c3782)
Fault tolerant "dd" utility for rescuing data from bad media
--------------------------------------------------------------------------------
Update Information:
bump to 1.99.11 ---- Update to dd_rescue-1.99.10, keeping dd_rhelp-0.3.0.
---- Update to dd_rescue-1.99.9, keeping dd_rhelp-0.3.0.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 29 2021 Michal Ambroz <rebus AT seznam dot cz> - 1.99.11-1
- bump to 1.99.11
* Mon Mar 8 2021 Hans Ulrich Niedermann <hun(a)n-dimensional.de> - 1.99.10-14
- Update to dd_rescue-1.99.10 and dd_rhelp-0.3.0
* Sat Feb 27 2021 Hans Ulrich Niedermann <hun(a)n-dimensional.de> - 1.99.9-13
- Update to dd_rescue-1.99.9 and dd_rhelp-0.3.0
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.99.8-13
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Mon Sep 28 2020 Jeff Law <law(a)redhat.com> - 1.99.8-12
- Re-enable LTO as upstream GCC target/96939 has been fixed
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1933416 - dd_rescue-1.99.9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1933416
[ 2 ] Bug #1936356 - dd_rescue-1.99.10 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1936356
[ 3 ] Bug #1955030 - dd_rescue-1.99.11 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1955030
--------------------------------------------------------------------------------
================================================================================
dialog-1.3-29.20210117.fc33 (FEDORA-2021-011a6f4562)
A utility for creating TTY dialog boxes
--------------------------------------------------------------------------------
Update Information:
Update to a newer upstream release, which fixes a bug with the --pause option.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 18 2021 Miroslav Lichvar <mlichvar(a)redhat.com> - 1.3-29.20210117
- update to 1.3-20210117
* Fri Nov 27 2020 Miroslav Lichvar <mlichvar(a)redhat.com> - 1.3-28.20201126
- update to 1.3-20201126
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1954883 - Version: 1.3-20200327 has bug with --pause option.
https://bugzilla.redhat.com/show_bug.cgi?id=1954883
--------------------------------------------------------------------------------
================================================================================
exiv2-0.27.3-6.fc33 (FEDORA-2021-be94728b95)
Exif and Iptc metadata manipulation library
--------------------------------------------------------------------------------
Update Information:
Exiv2 update fixing security issues.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 29 2021 Jan Grulich <jgrulich(a)redhat.com> - 0.27.3-6
- CVE-2021-3482: Fix heap-based buffer overflow in Jp2Image::readMetadata()
CVE-2021-29458 exiv2: out-of-bounds read in Exiv2::Internal::CrwMap::encode
CVE-2021-29457 exiv2: heap-based buffer overflow in Exiv2::Jp2Image::doWriteMetadata
CVE-2021-29470 exiv2: out-of-bounds read in Exiv2::Jp2Image::encodeJp2Header
CVE-2021-29473 exiv2: out-of-bounds read in Exiv2::Jp2Image::doWriteMetadata
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.27.3-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1946315 - CVE-2021-3482 exiv2: heap-based buffer overflow in
Jp2Image::readMetadata() in jp2image.cpp [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1946315
[ 2 ] Bug #1952608 - CVE-2021-29458 exiv2: out-of-bounds read in
Exiv2::Internal::CrwMap::encode [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1952608
[ 3 ] Bug #1952613 - CVE-2021-29457 exiv2: heap-based buffer overflow in
Exiv2::Jp2Image::doWriteMetadata [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1952613
[ 4 ] Bug #1953709 - CVE-2021-29470 exiv2: out-of-bounds read in
Exiv2::Jp2Image::encodeJp2Header [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1953709
[ 5 ] Bug #1954066 - CVE-2021-29473 exiv2: out-of-bounds read in
Exiv2::Jp2Image::doWriteMetadata [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1954066
--------------------------------------------------------------------------------
================================================================================
fedora-repos-33-5 (FEDORA-2021-1fa34fec98)
Fedora package repositories
--------------------------------------------------------------------------------
Update Information:
Enable archived repository in non rawhide releases
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 28 2021 Dusty Mabe <dusty(a)dustymabe.com> - 33-5
- Enable the updates archive repo on non-rawhide.
--------------------------------------------------------------------------------
================================================================================
fedora-upgrade-34.3-1.fc33 (FEDORA-2021-34ba18015f)
Upgrade Fedora to next version using dnf upgrade (unofficial tool)
--------------------------------------------------------------------------------
Update Information:
removed prerelease test for F34
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 29 2021 Miroslav Such�� <msuchy(a)redhat.com> 34.3-1
- remove prerelease test for F34
--------------------------------------------------------------------------------
================================================================================
iaito-5.2.2-1.fc33 (FEDORA-2021-7582a9f7f3)
GUI for radare2 reverse engineering framework
--------------------------------------------------------------------------------
Update Information:
bump to 5.2.2 ---- bump to 5.2.1
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1954370 - iaito-5.2.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1954370
--------------------------------------------------------------------------------
================================================================================
kirigami-gallery-21.04.0-1.fc33 (FEDORA-2021-ba4f2b390f)
Gallery application built using Kirigami
--------------------------------------------------------------------------------
Update Information:
``` * Wed Apr 28 2021 Rex Dieter <rdieter(a)fedoraproject.org> - 21.04.0-1
- 21.04.0 ```
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 28 2021 Rex Dieter <rdieter(a)fedoraproject.org> - 21.04.0-1
- 21.04.0
* Mon Apr 12 2021 Onuralp SEZER <thunderbirdtr(a)fedoraproject.org> 21.03.90-3
- requirement : breeze-icon-theme added.
* Mon Apr 12 2021 Onuralp SEZER <thunderbirdtr(a)fedoraproject.org> 21.03.90-2
- F35FailsToInstall fix (#1948402)
* Sat Apr 10 2021 Onuralp SEZER <thunderbirdtr(a)fedoraproject.org> 21.03.90-1
- 21.03.90 (#1943793)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1952648 - kirigami-gallery-21.04.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1952648
--------------------------------------------------------------------------------
================================================================================
php-laminas-cache-2.10.2-1.fc33 (FEDORA-2021-1b6968848d)
Laminas Framework Cache component
--------------------------------------------------------------------------------
Update Information:
**Version 2.10.2** Fixed * The decorator for PSR-6 CacheItemPool assumed
that a deletion was successful even if the underlying storage failed to delete
these items.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 29 2021 Remi Collet <remi(a)remirepo.net> - 2.10.2-1
- update to 2.10.2
- update laminas-cache-storage-adapter-filesystem to 1.1.1
- update laminas-cache-storage-adapter-memcached to 1.1.0
- update laminas-cache-storage-adapter-memory to 1.1.0
- update laminas-cache-storage-adapter-test to 1.1.1
--------------------------------------------------------------------------------
================================================================================
php-pear-Net-Sieve-1.4.5-1.fc33 (FEDORA-2021-db0498f712)
Handles talking to a sieve server
--------------------------------------------------------------------------------
Update Information:
**Version 1.4.5** * Support XOAUTH2 authorization method
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 29 2021 Remi Collet <remi(a)remirepo.net> - 1.4.5-1
- update to 1.4.5
--------------------------------------------------------------------------------
================================================================================
pungi-4.2.9-1.fc33 (FEDORA-2021-9af76fe9fa)
Distribution compose tool
--------------------------------------------------------------------------------
Update Information:
New upstream release 4.2.9
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 29 2021 onosek - 4.2.9-1
- New upstream release 4.2.9
- Fix can't link XDEV using repos as pkgset_sources (romain.forlot)
- Updated the deprecated ks argument name (to the current inst.ks) (lveyde)
- gather: Adjust reusing with lookaside (hlin)
- hybrid: Optimize getting lookaside packages (lsedlar)
- gather: Copy old logs when reusing gather result (hlin)
- Cancel koji tasks when pungi terminated (hlin)
- Add Dockerfile for building testing image (hlin)
- image_container: Fix incorrect arch processing (lsedlar)
- runroot: Adjust permissions always (hlin)
- Format code (hlin)
- pkgset: Fix meaning of retries (lsedlar)
- pkgset: Store module tag only if module is used (lsedlar)
- Store extended traceback for gather errors (lsedlar)
--------------------------------------------------------------------------------
================================================================================
qt5-qtwayland-5.15.2-6.fc33 (FEDORA-2021-d6696fafa9)
Qt5 - Wayland platform support and QtCompositor module
--------------------------------------------------------------------------------
Update Information:
Include fixes from
invent.kde.org repo
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 27 2021 Rex Dieter <rdieter(a)fedoraproject.org> - 5.15.2-6
- Pull in latest fixes from
https://invent.kde.org/qt/qt/qtwayland
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1940968 - Diacritics cannot be type using dead keys under Wayland
https://bugzilla.redhat.com/show_bug.cgi?id=1940968
--------------------------------------------------------------------------------
================================================================================
rpm-ostree-2021.4-3.fc33 (FEDORA-2021-b724063bdc)
Hybrid image/package system
--------------------------------------------------------------------------------
Update Information:
For
https://pagure.io/fedora-infrastructure/issue/9909
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 28 2021 Colin Walters <walters(a)verbum.org> - 2021.4-3
- Backport another patch for
https://pagure.io/fedora-infrastructure/issue/9909
* Tue Apr 27 2021 Colin Walters <walters(a)verbum.org> - 2021.4-2
- Backport patch for
https://pagure.io/fedora-infrastructure/issue/9909
--------------------------------------------------------------------------------
================================================================================
samba-4.13.8-0.fc33 (FEDORA-2021-1d0807008b)
Server and Client software to interoperate with Windows machines
--------------------------------------------------------------------------------
Update Information:
Update to Samba 4.13.8 - Security fixes for CVE-2021-20254
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 29 2021 Guenther Deschner <gdeschner(a)redhat.com> - 4.13.8-0
- Update to Samba 4.13.8
- resolves: #1949442, #1955027 - Security fixes for CVE-2021-20254
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1949442 - CVE-2021-20254 samba: Negative idmap cache entries can cause
incorrect group entries in the Samba file server process token
https://bugzilla.redhat.com/show_bug.cgi?id=1949442
--------------------------------------------------------------------------------
================================================================================
stalld-1.10-1.fc33 (FEDORA-2021-ab5498a047)
Daemon that finds starving tasks and gives them a temporary boost
--------------------------------------------------------------------------------
Update Information:
* Tue Apr 27 2021 Clark Williams <williams(a)redhat.com> - 1.10-1 - utils: Fix
bounds check on cpu and end_cpu variables - stalld: Support denylisting of tasks
in stalld - src/utils: use right argument for warning printf
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 27 2021 Clark Williams <williams(a)redhat.com> - 1.10-1
- utils: Fix bounds check on cpu and end_cpu variables
- stalld: Support denylisting of tasks in stalld
- src/utils: use right argument for warning printf
* Tue Mar 2 2021 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> - 1.9-2
- Rebuilt for updated systemd-rpm-macros
See
https://pagure.io/fesco/issue/2583.
--------------------------------------------------------------------------------
================================================================================
vdr-osdteletext-2.1.1-1.fc33 (FEDORA-2021-349ce2f443)
OSD teletext plugin for VDR
--------------------------------------------------------------------------------
Update Information:
Update to 2.1.1-1 ---- Update to 2.1.0-1
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 29 2021 Martin Gansser <martinkg(a)fedoraproject.org> - 2.1.1-1
- Udate to 2.1.1
* Sat Apr 24 2021 Martin Gansser <martinkg(a)fedoraproject.org> - 2.1.0-1
- Use correct release tag for 2.1.0
--------------------------------------------------------------------------------