The following Fedora 29 Security updates need testing:
Age URL
262
https://bodhi.fedoraproject.org/updates/FEDORA-2019-fa5843e0e1
asterisk-16.2.1-1.fc29
248
https://bodhi.fedoraproject.org/updates/FEDORA-2019-c84f291592
WALinuxAgent-2.2.38-1.fc29
243
https://bodhi.fedoraproject.org/updates/FEDORA-2019-7528388823
chicken-5.0.0-2.fc29
203
https://bodhi.fedoraproject.org/updates/FEDORA-2019-9839aded3f
python-gnupg-0.4.4-1.fc29
199
https://bodhi.fedoraproject.org/updates/FEDORA-2019-35cb5a4785
kubernetes-1.13.5-1.fc29
137
https://bodhi.fedoraproject.org/updates/FEDORA-2019-32f7cd9b66
dosbox-0.74.3-2.fc29
8
https://bodhi.fedoraproject.org/updates/FEDORA-2019-bf8b97d604 koji-1.19.1-1.fc29
6
https://bodhi.fedoraproject.org/updates/FEDORA-2019-1a16af2158
thunderbird-68.2.2-1.fc29
5
https://bodhi.fedoraproject.org/updates/FEDORA-2019-6a931c8eec
oniguruma-6.9.1-3.fc29
5
https://bodhi.fedoraproject.org/updates/FEDORA-2019-941d57ed72
thunderbird-enigmail-2.1.3-4.fc29
5
https://bodhi.fedoraproject.org/updates/FEDORA-2019-52445dce42
rubygem-rubyzip-1.1.7-10.fc29
3
https://bodhi.fedoraproject.org/updates/FEDORA-2019-6dd4da1ba5
chromium-78.0.3904.97-1.fc29
3
https://bodhi.fedoraproject.org/updates/FEDORA-2019-7debdd1807
ghostscript-9.27-2.fc29
2
https://bodhi.fedoraproject.org/updates/FEDORA-2019-c5628ced32
libidn2-2.3.0-1.fc29
2
https://bodhi.fedoraproject.org/updates/FEDORA-2019-28d3cd20c0
mingw-libidn2-2.3.0-1.fc29
The following Fedora 29 Critical Path updates have yet to be approved:
Age URL
174
https://bodhi.fedoraproject.org/updates/FEDORA-2019-06a2d1c7fb
anaconda-29.24.7-3.fc29
172
https://bodhi.fedoraproject.org/updates/FEDORA-2019-4cefd3161a
nfs-utils-2.3.3-4.rc2.fc29
146
https://bodhi.fedoraproject.org/updates/FEDORA-2019-583d9d5a56
mutter-3.30.2-3.fc29
132
https://bodhi.fedoraproject.org/updates/FEDORA-2019-6f13c38d0d
python-urllib3-1.24.3-2.fc29
129
https://bodhi.fedoraproject.org/updates/FEDORA-2019-62e681b68b ipset-7.2-1.fc29
24
https://bodhi.fedoraproject.org/updates/FEDORA-2019-3bdedf56fb sssd-2.2.2-3.fc29
8
https://bodhi.fedoraproject.org/updates/FEDORA-2019-bf8b97d604 koji-1.19.1-1.fc29
8
https://bodhi.fedoraproject.org/updates/FEDORA-2019-46ca6c1f90
libosinfo-1.2.0-9.fc29
8
https://bodhi.fedoraproject.org/updates/FEDORA-2019-5caa3975e6
osinfo-db-20191108-1.fc29
6
https://bodhi.fedoraproject.org/updates/FEDORA-2019-1a16af2158
thunderbird-68.2.2-1.fc29
6
https://bodhi.fedoraproject.org/updates/FEDORA-2019-3c974c4e2a satyr-0.29-2.fc29
5
https://bodhi.fedoraproject.org/updates/FEDORA-2019-8d7fa47fd5
python-pip-18.1-2.fc29
3
https://bodhi.fedoraproject.org/updates/FEDORA-2019-14dc54e0d6
firefox-70.0.1-4.fc29
2
https://bodhi.fedoraproject.org/updates/FEDORA-2019-c5628ced32
libidn2-2.3.0-1.fc29
The following builds have been pushed to Fedora 29 updates-testing
libarchive-3.3.3-7.fc29
microcode_ctl-2.1-34.fc29
nordugrid-arc-nagios-plugins-2.0.0-1.fc29
pcre2-10.33-16.fc29
perl-DateTime-TimeZone-2.38-1.fc29
python-pycryptodomex-3.9.3-1.fc29
vdr-epg2vdr-1.1.101-2.fc29
whois-5.5.3-1.fc29
Details about builds:
================================================================================
libarchive-3.3.3-7.fc29 (FEDORA-2019-fd2a963f4b)
A library for handling streaming archive formats
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2019-18408 RAR reader: fix use after free If
read_data_compressed() returns ARCHIVE_FAILED, the caller is allowed to continue
with next archive headers. We need to set rar->start_new_table after the
ppmd7_context got freed, otherwise it won't be allocated again.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 18 2019 Ondrej Dubaj <odubaj(a)redhat.com> - 3.3.3-7
- fixed use after free in rar (#1769980)
- fixed zstd test
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1769980 - CVE-2019-18408 libarchive: use-after-free in
archive_read_format_rar_read_data in archive_read_support_format_rar.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1769980
--------------------------------------------------------------------------------
================================================================================
microcode_ctl-2.1-34.fc29 (FEDORA-2019-a9b7178716)
Tool to transform and deploy CPU microcode update for x86
--------------------------------------------------------------------------------
Update Information:
Update to upstream 2.1-25. 20191115
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 18 2019 Anton Arapov <aarapov(a)redhat.com> 2:2.1-34
- Update to upstream 2.1-25. 20191115
--------------------------------------------------------------------------------
================================================================================
nordugrid-arc-nagios-plugins-2.0.0-1.fc29 (FEDORA-2019-622dd87580)
Nagios plugins for ARC
--------------------------------------------------------------------------------
Update Information:
* ARC nagios plugins 2.0.0
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 18 2019 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 2.0.0-1
- Version 2.0.0
* Thu Oct 3 2019 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 2.0.0~rc2-1
- Version 2.0.0 rc2
- This version uses python 3
* Thu Jul 25 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.9.1-10
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Tue Mar 12 2019 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 1.9.1-9
- Update sphinx BR
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.9.1-8
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Thu Nov 22 2018 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 1.9.1-7
- Fix python shebangs
--------------------------------------------------------------------------------
================================================================================
pcre2-10.33-16.fc29 (FEDORA-2019-f0e074754a)
Perl-compatible regular expression library
--------------------------------------------------------------------------------
Update Information:
This release fixes an mismatch if the first character in a caseless pattern was
in an assertion, was non-ASCII, its other case started with a different code
unit and optimizations were enabled.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 18 2019 Petr Pisar <ppisar(a)redhat.com> - 10.33-16
- Fix optimized caseless matching of non-ASCII characters in assertions
(upstream bug #2466)
--------------------------------------------------------------------------------
================================================================================
perl-DateTime-TimeZone-2.38-1.fc29 (FEDORA-2019-fe25c0f06c)
Time zone object base class and factory
--------------------------------------------------------------------------------
Update Information:
Updated to the latest version.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 18 2019 Jitka Plesnikova <jplesnik(a)redhat.com> - 2.38-1
- 2.38 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1773104 - perl-DateTime-TimeZone-2.38 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1773104
--------------------------------------------------------------------------------
================================================================================
python-pycryptodomex-3.9.3-1.fc29 (FEDORA-2019-66a29699d9)
A self-contained cryptographic library for Python
--------------------------------------------------------------------------------
Update Information:
#3.9.3 (12 November 2019) Resolved issues --------------- * GH#308: Align stack
of functions using SSE2 intrinsics to avoid crashes, when compiled with gcc on
32-bit x86 platforms. #3.9.2 (10 November 2019) New features ------------ *
Add Python 3.8 wheels for Mac. Resolved issues --------------- * GH#308: Avoid
allocating arrays of ``__m128i`` on the stack, to cope with buggy compilers. *
GH#322: Remove blanket ``-O3`` optimization for gcc and clang, to cope with
buggy compilers. * GH#337: Fix typing stubs for signatures. * GH#338: Deal with
gcc installations that don't have ``x86intrin.h``. #3.9.1 (1 November 2019)
New features ------------ * Add Python 3.8 wheels for Linux and Windows.
Resolved issues --------------- * GH#328: minor speed-up when importing RSA.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 15 2019 Mohamed El Morabity <melmorabity(a)fedoraproject.org> - 3.9.3-1
- Update to 3.9.3
* Fri Nov 15 2019 Mohamed El Morabity <melmorabity(a)fedoraproject.org> - 3.9.2-1
- Update to 3.9.2
- Spec cleanup
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1768052 - python-pycryptodomex-3.9.3x is available
https://bugzilla.redhat.com/show_bug.cgi?id=1768052
--------------------------------------------------------------------------------
================================================================================
vdr-epg2vdr-1.1.101-2.fc29 (FEDORA-2019-f17f2c877d)
A plugin to retrieve EPG data from a mysql database into VDR
--------------------------------------------------------------------------------
Update Information:
- Add %%{name}-py38.patch
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 18 2019 Martin Gansser <martinkg(a)fedoraproject.org> - 1.1.101-2
- Add %{name}-py38.patch
--------------------------------------------------------------------------------
================================================================================
whois-5.5.3-1.fc29 (FEDORA-2019-073e8e9932)
Improved WHOIS client
--------------------------------------------------------------------------------
Update Information:
This release adds a record for a new 2630:0000::/12 network and for a new cpa.
TLD. It also updates a record for xxx. TLD.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 18 2019 Petr Pisar <ppisar(a)redhat.com> - 5.5.3-1
- 5.5.3 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1773405 - whois-5.5.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1773405
--------------------------------------------------------------------------------