The following Fedora 33 Security updates need testing:
Age URL
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-1bf4f2f13a
libtiff-4.1.0-8.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-067c9deff1
python3-docs-3.9.4-1.fc33 python3.9-3.9.4-1.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-2ab6f060d9
python3.8-3.8.9-1.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-67cbea4608
libpano13-2.9.20-1.fc33
5
https://bodhi.fedoraproject.org/updates/FEDORA-2021-33a1b73e48 batik-1.14-2.fc33
5
https://bodhi.fedoraproject.org/updates/FEDORA-2021-62a5062b2d
dnsmasq-2.85-1.fc33
5
https://bodhi.fedoraproject.org/updates/FEDORA-2021-2c714d311f
gnuchess-6.2.7-5.fc33
5
https://bodhi.fedoraproject.org/updates/FEDORA-2021-601ee898f7
singularity-3.7.3-1.fc33
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-6385a09efc
ruby-2.7.3-136.fc33
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-c11da301be
nodejs-14.16.1-1.fc33
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-ca1151e997 CImg-2.9.7-1.fc33
gmic-2.9.7-1.fc33
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-d1551cdb15
seamonkey-2.53.7-3.fc33
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-c3d587d52c shim-15.4-1
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-5c81cb03d0
mingw-glib2-2.66.8-1.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-9bd201dd4d
mingw-binutils-2.34-8.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-f5f2803fff
leptonica-1.80.0-3.fc33 mingw-leptonica-1.80.0-2.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-f4223b6684
mediawiki-1.35.2-1.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-eadfc56b95
rpm-ostree-2021.4-1.fc33
The following Fedora 33 Critical Path updates have yet to be approved:
Age URL
22
https://bodhi.fedoraproject.org/updates/FEDORA-2021-2961f34ccb
PackageKit-1.2.3-1.fc33
12
https://bodhi.fedoraproject.org/updates/FEDORA-2021-ae83f20d82
appstream-data-33-2.fc33
11
https://bodhi.fedoraproject.org/updates/FEDORA-2021-bf249a95a9
usbredir-0.9.0-1.fc33
10
https://bodhi.fedoraproject.org/updates/FEDORA-2021-1eee2b3970
libguestfs-1.44.1-1.fc33
8
https://bodhi.fedoraproject.org/updates/FEDORA-2021-f6b07f88e6 bluez-5.58-1.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-1bf4f2f13a
libtiff-4.1.0-8.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-70b24b94e2
graphene-1.10.6-1.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-f05e75f3b8
qt5-qtwayland-5.15.2-5.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-8d4429eb47
libwacom-1.9-2.fc33
5
https://bodhi.fedoraproject.org/updates/FEDORA-2021-5f581ba2f5
createrepo_c-0.17.1-1.fc33
5
https://bodhi.fedoraproject.org/updates/FEDORA-2021-62a5062b2d
dnsmasq-2.85-1.fc33
5
https://bodhi.fedoraproject.org/updates/FEDORA-2021-e4685c22d1
libtirpc-1.2.6-3.rc4.fc33
5
https://bodhi.fedoraproject.org/updates/FEDORA-2021-e8f2b4555f
libbluray-1.3.0-1.fc33
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-cd076fd3f3
libisoburn-1.5.4-2.fc33
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-3c4ba0f6d4
libburn-1.5.4-2.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-f6339b8be4 fwupd-1.5.9-1.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-d9402f7274
fedora-release-33-4
The following builds have been pushed to Fedora 33 updates-testing
atop-2.6.0-6.fc33
cockpit-242-1.fc33
cockpit-machines-243-1.fc33
cockpit-ostree-185-1.fc33
cockpit-podman-30-1.fc33
cups-2.3.3op2-4.fc33
gthumb-3.10.3-1.fc33
koji-1.24.1-1.fc33
logiops-0.2.3-6.fc33
mpfr-4.1.0-6.fc33
os-autoinst-4.6-35.20210326git24ec8f9.fc33
perl-Crypt-OpenSSL-ECDSA-0.09-1.fc33
php-psr-container-1.1.1-1.fc33
python-tcxreader-0.3.6-2.fc33
python-whois-0.9.9-1.fc33
spamassassin-3.4.6-1.fc33
vdr-osdteletext-2.0.2-2.fc33
volume_key-0.3.12-11.fc33
xorg-x11-server-1.20.11-1.fc33
xorgxrdp-0.2.15-3.fc33
Details about builds:
================================================================================
atop-2.6.0-6.fc33 (FEDORA-2021-9f7491e4a7)
An advanced interactive monitor to view the load on system and process level
--------------------------------------------------------------------------------
Update Information:
Upstream patch to correct service file
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 13 2021 Gwyn Ciesla <gwync(a)protonmail.com> - 2.6.0-6
- Upstream patch to fix service file.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1945494 - atop logging doesn't work
https://bugzilla.redhat.com/show_bug.cgi?id=1945494
[ 2 ] Bug #1948624 - atop service doesn't parse options correctly on RHEL7
https://bugzilla.redhat.com/show_bug.cgi?id=1948624
--------------------------------------------------------------------------------
================================================================================
cockpit-242-1.fc33 (FEDORA-2021-7a838d55a4)
Web Console for Linux servers
--------------------------------------------------------------------------------
Update Information:
- Support for pages built with snowpack - Machines: Split out to separate
project
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 14 2021 Matej Marusak <mmarusak(a)redhat.com> - 242-1
- Support for pages built with snowpack
- Machines: Split out to separate project
--------------------------------------------------------------------------------
================================================================================
cockpit-machines-243-1.fc33 (FEDORA-2021-d230b3a6a0)
Cockpit user interface for virtual machines
--------------------------------------------------------------------------------
Update Information:
- PatternFly 4 updates - Translation updates - Correctly manage editing of
unknown bus type
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 14 2021 Matej Marusak <mmarusak(a)redhat.com> - 243-1
- PatternFly 4 updates
- Translation updates
- Correctly manage editing of unknown bus type
--------------------------------------------------------------------------------
================================================================================
cockpit-ostree-185-1.fc33 (FEDORA-2021-180687db12)
Cockpit user interface for rpm-ostree
--------------------------------------------------------------------------------
Update Information:
- PatternFly 4 updates
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 14 2021 Matej Marusak <mmarusak(a)redhat.com> - 185-1
- PatternFly 4 updates
--------------------------------------------------------------------------------
================================================================================
cockpit-podman-30-1.fc33 (FEDORA-2021-433a962e75)
Cockpit component for Podman containers
--------------------------------------------------------------------------------
Update Information:
- Translation updates - PatternFly 4 updates - Fix crash with "Used Images"
links
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 14 2021 Matej Marusak <mmarusak(a)redhat.com> - 30-1
- Translation updates
- PatternFly 4 updates
- Fix crash with "Used Images" links
--------------------------------------------------------------------------------
================================================================================
cups-2.3.3op2-4.fc33 (FEDORA-2021-b84cd7da6f)
CUPS printing system
--------------------------------------------------------------------------------
Update Information:
1935318 - old samsung USB devices malfunction with the current (250ms) timeout
for usb bulk transaction 1949054 - Use nss-user-lookup.target instead of
sssd.service and ypbind.service 1949068 - Print queue is paused after ipp
backend ends with CUPS_BACKEND_STOP backport setting multi-user.target via
configure, not via drop-in
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 14 2021 Zdenek Dohnal <zdohnal(a)redhat.com> - 1:2.3.3op2-4
- 1935318 - old samsung USB devices malfunction with the current (250ms) timeout for usb
bulk transaction
- 1949054 - Use nss-user-lookup.target instead of sssd.service and ypbind.service
- 1949068 - Print queue is paused after ipp backend ends with CUPS_BACKEND_STOP
- backport setting multi-user.target via configure, not via drop-in
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1935318 - old samsung USB devices malfunction with the current (250ms)
timeout for usb bulk transaction
https://bugzilla.redhat.com/show_bug.cgi?id=1935318
[ 2 ] Bug #1949054 - Use nss-user-lookup.target instead of sssd.service and
ypbind.service
https://bugzilla.redhat.com/show_bug.cgi?id=1949054
[ 3 ] Bug #1949068 - Print queue is paused after ipp backend ends with
CUPS_BACKEND_STOP
https://bugzilla.redhat.com/show_bug.cgi?id=1949068
--------------------------------------------------------------------------------
================================================================================
gthumb-3.10.3-1.fc33 (FEDORA-2021-c7a478c45b)
Image viewer, editor, organizer
--------------------------------------------------------------------------------
Update Information:
gthumb 3.10.3 release with translations updates and build fixes.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 13 2021 Kalev Lember <klember(a)redhat.com> - 1:3.10.3-1
- Update to 3.10.3
--------------------------------------------------------------------------------
================================================================================
koji-1.24.1-1.fc33 (FEDORA-2021-fab0eb0aee)
Build system tools
--------------------------------------------------------------------------------
Update Information:
Update to 1.24.1 upstream bugfix release. See
https://lists.fedorahosted.org/archives/list/koji-
devel(a)lists.fedorahosted.org/thread/EAUPV5BAZS52BBRTWQOMISVGDAV7SAQU/ for more
information.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 13 2021 Kevin Fenzi <kevin(a)scrye.com> - 1.24.1-1
- Update to 1.24.1. Fixes rhbz#1948545
--------------------------------------------------------------------------------
================================================================================
logiops-0.2.3-6.fc33 (FEDORA-2021-15c06bd53c)
Unofficial driver for Logitech mice and keyboard
--------------------------------------------------------------------------------
Update Information:
New version 0.2.3
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 13 2021 Nicolas De Amicis <deamicis(a)bluewin.ch> - 0.2.3-6
- New version 0.2.3
* Wed Mar 31 2021 Jonathan Wakely <jwakely(a)redhat.com> - 0.2.2-5
- Rebuilt for removed libstdc++ symbols (#1937698)
* Tue Mar 2 2021 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> - 0.2.2-4
- Rebuilt for updated systemd-rpm-macros
See
https://pagure.io/fesco/issue/2583.
* Mon Feb 15 2021 Nicolas De Amicis <deamicis(a)bluewin.ch> - 0.2.2-3
- Fix build error (thread import) see bug 1923298
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.2.2-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
mpfr-4.1.0-6.fc33 (FEDORA-2021-68031d5fc7)
C library for multiple-precision floating-point computations
--------------------------------------------------------------------------------
Update Information:
This update adds upstream patches 10 and 11. See
https://www.mpfr.org/mpfr-
current/#bugs for more information. Briefly, these patches fix compilation
problems with certain mpfr macros. The library itself has no ABI changes from
the previous build.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 13 2021 Jerry James <loganjerry(a)gmail.com> - 4.1.0-6
- Add upstream patches 10-11
--------------------------------------------------------------------------------
================================================================================
os-autoinst-4.6-35.20210326git24ec8f9.fc33 (FEDORA-2021-186bca5b58)
OS-level test automation
--------------------------------------------------------------------------------
Update Information:
This update is intended to fix two bugs in os-autoinst: a crash on exit that
commonly occurs, and a problem that can occur where a dbus-broker per-UID queued
data limit is exceeded if many tap tests are running simultaneously for too
long.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 13 2021 Adam Williamson <awilliam(a)redhat.com> - 4.6-35.20210326git24ec8f9
- Backport upstream patch to hopefully fix crashes on isotovideo exit (#1667163)
- Try and fix dbus limit overflows due to persistent dbus connection (POO #90872)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1667163 - perl segfault in openqa worker process isotovideo (seems to be
related to opencv threading)
https://bugzilla.redhat.com/show_bug.cgi?id=1667163
--------------------------------------------------------------------------------
================================================================================
perl-Crypt-OpenSSL-ECDSA-0.09-1.fc33 (FEDORA-2021-601e6856e1)
Perl extension for OpenSSL ECDSA (Elliptic Curve Digital Signature Algorithm)
--------------------------------------------------------------------------------
Update Information:
This release incorporate Fedora patches. We deliver it only to provide an up-to-
date version string. We also package upstream tests in a dedicated tests
subpackage.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 14 2021 Petr Pisar <ppisar(a)redhat.com> - 0.09-1
- 1.09 bump
- Package the tests
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1949332 - perl-Crypt-OpenSSL-ECDSA-0.09 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1949332
--------------------------------------------------------------------------------
================================================================================
php-psr-container-1.1.1-1.fc33 (FEDORA-2021-50f39510e5)
Common Container Interface
--------------------------------------------------------------------------------
Update Information:
**Version 1.1.1** Removed * This release removes the extension of Throwable
by Psr\Container\ContainerInterface, as it leads to inheritance issues when
child classes implement the Throwable interface in addition to
ContainerInterface under PHP versions prior to 7.4. ---- **Version 1.1.0**
Changed * This release modifies Psr\Container\ContainerExceptionInterface to
extend the Throwable interface, ensuring that any implementation can actually be
thrown as an exception type (the original intention of the specification). *
This release adds the string typehint to the $id argument of each of the
Psr\Container\ContainerInterface::get() and
Psr\Container\ContainerInterface::has() methods. These were previously
documented in the annotations and specification, and are added to the interfaces
as part of the PSR-11 type additions errata. Removed * This release removes
support for PHP versions prior to 7.2.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 14 2021 Remi Collet <remi(a)remirepo.net> - 1.1.1-1
- update to 1.1.1
- raise dependency on PHP 7.2
--------------------------------------------------------------------------------
================================================================================
python-tcxreader-0.3.6-2.fc33 (FEDORA-2021-b9f07af32b)
tcxreader is a parser/reader for Garmin's TCX file format
--------------------------------------------------------------------------------
Update Information:
Enhancement
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 13 2021 Iztok Fister Jr. <iztokf AT fedoraproject DOT org> - 0.3.6-2
- Editing dependencies (problems with F32 and F33)
* Tue Mar 30 2021 Iztok Fister Jr. <iztokf AT fedoraproject DOT org> - 0.3.6-1
- New version - 0.3.6
- Enable tests
* Mon Mar 22 2021 Iztok Fister Jr. <iztokf AT fedoraproject DOT org> - 0.3.3-2
- Removing cosmetic macro
* Sun Mar 14 2021 Iztok Fister Jr. <iztokf AT fedoraproject DOT org> - 0.3.3-1
- New version - 0.3.3
--------------------------------------------------------------------------------
================================================================================
python-whois-0.9.9-1.fc33 (FEDORA-2021-60de34c145)
Python module for retrieving WHOIS information of domains
--------------------------------------------------------------------------------
Update Information:
Update to version 0.9.9
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 13 2021 Artur Frenszek-Iwicki <fedora(a)svgames.pl> - 0.9.9-1
- Update to version 0.9.9
--------------------------------------------------------------------------------
================================================================================
spamassassin-3.4.6-1.fc33 (FEDORA-2021-3b7917059c)
Spam filter for email which can be invoked from mail delivery agents
--------------------------------------------------------------------------------
Update Information:
New release 3.4.6 (#1948520) ---- Bump config version
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 14 2021 Pavel Zhukov <pzhukov(a)redhat.com> - 3.4.6-1
- New release 3.4.6 (#1948520)
* Tue Apr 6 2021 Pavel Zhukov <landgraf(a)fedoraproject.org> - 3.4.5-2
- Bump config version
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1946175 - requires version 3.004004 of SpamAssassin, but this is code version
3.004005
https://bugzilla.redhat.com/show_bug.cgi?id=1946175
[ 2 ] Bug #1948520 - spamassassin-3.4.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1948520
--------------------------------------------------------------------------------
================================================================================
vdr-osdteletext-2.0.2-2.fc33 (FEDORA-2021-191f467fc2)
OSD teletext plugin for VDR
--------------------------------------------------------------------------------
Update Information:
Update to 2.0.2-2 - Use correct release tag for 2.0.2 ---- Update to 2.0.2-1
---- Update to 2.0.1-1 ---- Update to 2.0.0-1
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 14 2021 Martin Gansser <martinkg(a)fedoraproject.org> - 2.0.2-2
- Use correct release tag for 2.0.2
* Wed Apr 14 2021 Martin Gansser <martinkg(a)fedoraproject.org> - 2.0.2-1
- Update to 2.0.2
* Tue Apr 13 2021 Martin Gansser <martinkg(a)fedoraproject.org> - 2.0.1-1
- Update to 2.0.1
* Mon Apr 12 2021 Martin Gansser <martinkg(a)fedoraproject.org> - 2.0.0-1
- Update to 2.0.0
--------------------------------------------------------------------------------
================================================================================
volume_key-0.3.12-11.fc33 (FEDORA-2021-6b22d88692)
An utility for manipulating storage encryption keys and passphrases
--------------------------------------------------------------------------------
Update Information:
Backport rawhide changes (resource leaks fix) to Fedora 3{4,3,2}.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 31 2021 Jiri Kucera <jkucera(a)redhat.com> - 0.3.12-11
- Fix resource leaks
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.3.12-10
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
xorg-x11-server-1.20.11-1.fc33 (FEDORA-2021-139f3fc21c)
X.Org X11 X server
--------------------------------------------------------------------------------
Update Information:
xserver 1.20.11 Security fix for CVE-2021-3472 / ZDI-CAN-1259
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 14 2021 Olivier Fourdan <ofourdan(a)redhat.com> - 1.20.11-1
- xserver 1.20.11 (CVE-2021-3472 / ZDI-CAN-1259)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1944167 - CVE-2021-3472 xorg-x11-server: XChangeFeedbackControl integer
underflow leads to privilege escalation
https://bugzilla.redhat.com/show_bug.cgi?id=1944167
--------------------------------------------------------------------------------
================================================================================
xorgxrdp-0.2.15-3.fc33 (FEDORA-2021-3c8b58bfd0)
Implementation of xrdp backend as Xorg modules
--------------------------------------------------------------------------------
Update Information:
Rebuild against xorg-x11-server 1.20.11.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 14 2021 Bojan Smojver <bojan(a)rexursive.com> - 0.2.15-2
- Rebuild against xorg-x11-server 1.20.11
* Thu Jan 28 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.2.15-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------