The following Fedora 31 Security updates need testing:
Age URL
6
https://bodhi.fedoraproject.org/updates/FEDORA-2020-ed9487876d upx-3.95-5.fc31
6
https://bodhi.fedoraproject.org/updates/FEDORA-2020-dd79b615cd
mingw-podofo-0.9.6-13.fc31 podofo-0.9.6-9.fc31
6
https://bodhi.fedoraproject.org/updates/FEDORA-2020-ab8553f302
mingw-openjpeg2-2.3.1-5.fc31 openjpeg2-2.3.1-4.fc31
6
https://bodhi.fedoraproject.org/updates/FEDORA-2020-df444e464e
python-pillow-6.2.2-1.fc31
6
https://bodhi.fedoraproject.org/updates/FEDORA-2020-f3e0ba2f79
python-reportlab-3.5.34-2.fc31
3
https://bodhi.fedoraproject.org/updates/FEDORA-2020-3eef0246a7
links-2.20.2-1.fc31
3
https://bodhi.fedoraproject.org/updates/FEDORA-2020-caf7f7d0d9
ansible-2.9.3-1.fc31
The following Fedora 31 Critical Path updates have yet to be approved:
Age URL
10
https://bodhi.fedoraproject.org/updates/FEDORA-2020-95abadb310
grub2-2.02-105.fc31
10
https://bodhi.fedoraproject.org/updates/FEDORA-2020-e4a8ad0d12
tigervnc-1.10.1-2.fc31
10
https://bodhi.fedoraproject.org/updates/FEDORA-2020-913d180f31 mdadm-4.1-1.fc31
7
https://bodhi.fedoraproject.org/updates/FEDORA-2020-eedddf479e
glusterfs-7.2-1.fc31
7
https://bodhi.fedoraproject.org/updates/FEDORA-2020-344379f4d8
langtable-0.0.51-1.fc31
6
https://bodhi.fedoraproject.org/updates/FEDORA-2020-ab8553f302
mingw-openjpeg2-2.3.1-5.fc31 openjpeg2-2.3.1-4.fc31
6
https://bodhi.fedoraproject.org/updates/FEDORA-2020-dc34b002e3
xfce4-panel-4.14.3-1.fc31 xfce4-panel-profiles-1.0.10-2.fc31 xfce4-session-4.14.1-1.fc31
xfce4-settings-4.14.2-1.fc31 xfdesktop-4.14.2-1.fc31
3
https://bodhi.fedoraproject.org/updates/FEDORA-2020-33c26287fc
breeze-icon-theme-5.66.0-1.fc31 extra-cmake-modules-5.66.0-1.fc31 kf5-5.66.0-1.fc31
kf5-attica-5.66.0-2.fc31 kf5-baloo-5.66.0-1.fc31 kf5-bluez-qt-5.66.0-1.fc31
kf5-frameworkintegration-5.66.0-1.fc31 kf5-kactivities-5.66.0-1.fc31
kf5-kactivities-stats-5.66.0-1.fc31 kf5-kapidox-5.66.0-1.fc31 kf5-karchive-5.66.0-1.fc31
kf5-kauth-5.66.0-1.fc31 kf5-kbookmarks-5.66.0-1.fc31 kf5-kcmutils-5.66.0-1.fc31
kf5-kcodecs-5.66.0-1.fc31 kf5-kcompletion-5.66.0-1.fc31 kf5-kconfig-5.66.0-1.fc31
kf5-kconfigwidgets-5.66.0-1.fc31 kf5-kcoreaddons-5.66.0-1.fc31 kf5-kcrash-5.66.0-1.fc31
kf5-kdbusaddons-5.66.0-1.fc31 kf5-kdeclarative-5.66.0-1.fc31 kf5-kded-5.66.0-1.fc31
kf5-kdelibs4support-5.66.0-1.fc31 kf5-kdesignerplugin-5.66.0-1.fc31
kf5-kdesu-5.66.0-1.fc31 kf5-kdewebkit-5.66.0-1.fc31 kf5-kdnssd-5.66.0-1.fc31
kf5-kdoctools-5.66.0-1.fc31 kf5-kemoticons-5.66.0-1.fc31 kf5-kfilemetadata-5.66.0-2.fc31
kf5-kglobalaccel-5.66.0-1.fc31 kf5-kguiad
dons-5.66.0-1.fc31 kf5-kholidays-5.66.0-1.fc31 kf5-khtml-5.66.0-1.fc31
kf5-ki18n-5.66.0-1.fc31 kf5-kiconthemes-5.66.0-1.fc31 kf5-kidletime-5.66.0-1.fc31
kf5-kimageformats-5.66.0-1.fc31 kf5-kinit-5.66.0-1.fc31 kf5-kio-5.66.0-1.fc31
kf5-kirigami2-5.66.0-1.fc31 kf5-kitemmodels-5.66.0-1.fc31 kf5-kitemviews-5.66.0-1.fc31
kf5-kjobwidgets-5.66.0-1.fc31 kf5-kjs-5.66.0-1.fc31 kf5-kjsembed-5.66.0-1.fc31
kf5-kmediaplayer-5.66.0-1.fc31 kf5-knewstuff-5.66.0-1.fc31
kf5-knotifications-5.66.0-1.fc31 kf5-knotifyconfig-5.66.0-1.fc31
kf5-kpackage-5.66.0-1.fc31 kf5-kparts-5.66.0-1.fc31 kf5-kpeople-5.66.0-1.fc31
kf5-kplotting-5.66.0-1.fc31 kf5-kpty-5.66.0-1.fc31 kf5-kross-5.66.0-1.fc31
kf5-krunner-5.66.0-1.fc31 kf5-kservice-5.66.0-1.fc31 kf5-ktexteditor-5.66.0-1.fc31
kf5-ktextwidgets-5.66.0-1.fc31 kf5-kunitconversion-5.66.0-1.fc31 kf5-kwallet-5.66.0-1.fc31
kf5-kwayland-5.66.0-1.fc31 kf5-kwidgetsaddons-5.66.0-1.fc31
kf5-kwindowsystem-5.66.0-1.fc31 kf5-kxmlgui-5.66.0-1.fc31 kf5-kxmlrpcclient-5.66.0-1.fc31
kf5-modemmanager-qt-5.66.0-1.fc31 kf5-networkmanager-qt-5.66.0-1.fc31
kf5-plasma-5.66.0-1.fc31 kf5-prison-5.66.0-1.fc31 kf5-purpose-5.66.0-1.fc31
kf5-solid-5.66.0-1.fc31 kf5-sonnet-5.66.0-1.fc31 kf5-syndication-5.66.0-1.fc31
kf5-syntax-highlighting-5.66.0-1.fc31 kf5-threadweaver-5.66.0-1.fc31
oxygen-icon-theme-5.66.0-1.fc31 qqc2-desktop-style-5.66.0-1.fc31
3
https://bodhi.fedoraproject.org/updates/FEDORA-2020-9260be5a56 koji-1.20.0-1.fc31
3
https://bodhi.fedoraproject.org/updates/FEDORA-2020-ddb8870ef6
perl-Exporter-5.74-1.fc31
3
https://bodhi.fedoraproject.org/updates/FEDORA-2020-2bbec59830
kdelibs-4.14.38-17.fc31
The following builds have been pushed to Fedora 31 updates-testing
SLOF-0.1.git20191022-1.fc31
abrt-server-info-page-1.8-1.fc31
alsa-firmware-1.2.1-5.fc31
ansifilter-2.15-1.fc31
cataclysm-dda-0.D.10229-1.20200121git0696252.fc31
debbuild-19.11.0-1.fc31
ephemeral-6.1.1-1.fc31
fail2ban-0.10.5-2.fc31
gamehub-0.15.0.1-1.fc31
gdb-8.3.50.20190824-27.fc31
git-filter-repo-2.25.0-2.fc31
gnucash-3.8-1.fc31
gnucash-docs-3.8-1.fc31
hub-2.14.0-1.fc31
java-latest-openjdk-13.0.2.8-1.rolling.fc31
jtc-1.75d-1.fc31
kernel-5.4.13-201.fc31
libeconf-0.3.4-1.fc31
libmongocrypt-1.0.1-2.fc31
lksctp-tools-1.0.18-3.fc31
minuet-19.12.1-1.fc31
munin-2.0.54-1.fc31
packit-0.8.1-1.fc31
perl-CPAN-Perl-Releases-5.20200120-1.fc31
perl-ExtUtils-CBuilder-0.280234-1.fc31
perl-Module-CoreList-5.20200120-1.fc31
perl-PPIx-Regexp-0.068-1.fc31
php-7.3.14-1.fc31
python-astroplan-0.6-1.fc31
python-django-configurations-2.2-2.fc31
python-gmqtt-0.5.4-1.fc31
python-identify-1.4.10-1.fc31
python-ipdb-0.12.3-1.fc31
python-play-scraper-0.6.0-2.fc31
python-rtmidi-1.3.1-1.fc31
python-siosocks-0.1.0-2.fc31
samba-4.11.5-0.fc31
vimiv-qt-0.5.0-2.fc31
yacreader-9.6.2-1.fc31
Details about builds:
================================================================================
SLOF-0.1.git20191022-1.fc31 (FEDORA-2020-cf8a0689a8)
Slimline Open Firmware
--------------------------------------------------------------------------------
Update Information:
* Update to SLOF 20191022 for qemu-4.2
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 12 2019 Cole Robinson <aintdiscole(a)gmail.com> - 0.1.git20191022-1
- Update to SLOF 20191022 for qemu-4.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1790436 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1790436
--------------------------------------------------------------------------------
================================================================================
abrt-server-info-page-1.8-1.fc31 (FEDORA-2020-854ef48947)
Web page with summary of ABRT services
--------------------------------------------------------------------------------
Update Information:
Upstream release 1.8.1.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 21 2020 Martin Kutlak <mkutlak(a)redhat.com> 1.8-1
- New upstream release 1.8.1
- FAF rename to ABRT Analytics
--------------------------------------------------------------------------------
================================================================================
alsa-firmware-1.2.1-5.fc31 (FEDORA-2020-18cc548263)
Firmware for several ALSA-supported sound cards
--------------------------------------------------------------------------------
Update Information:
Updated the Sound Open Firmware (SOF) to v1.4.2.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 21 2020 Jaroslav Kysela <perex(a)perex.cz> - 1.2.1-5
- Updated Intel SOF firmware files to 1.4.2
--------------------------------------------------------------------------------
================================================================================
ansifilter-2.15-1.fc31 (FEDORA-2020-2e77d20e7a)
ANSI terminal escape code converter
--------------------------------------------------------------------------------
Update Information:
- Update to 2.15 fixes rhbz#1771191
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 20 2020 Filipe Rosset <rosset.filipe(a)gmail.com> - 2.15-1
- Update to 2.15 fixes rhbz#1771191
--------------------------------------------------------------------------------
================================================================================
cataclysm-dda-0.D.10229-1.20200121git0696252.fc31 (FEDORA-2020-9add114d87)
Turn-based survival game set in a post-apocalyptic world
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 21 2020 Artem Polishchuk <ego.cordatus(a)gmail.com> -
0.D.10229-1.20200121git0696252
- Update to 10229
--------------------------------------------------------------------------------
================================================================================
debbuild-19.11.0-1.fc31 (FEDORA-2020-630be40ecc)
Build Debian-compatible .deb packages from RPM .spec files
--------------------------------------------------------------------------------
Update Information:
Rebased to version 19.11.0
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 21 2020 Neal Gompa <ngompa13(a)gmail.com> - 19.11.0-1
- Rebase to 19.11.0
- Update spec based on upstream spec
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1609487 - debbuild-19.11.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1609487
--------------------------------------------------------------------------------
================================================================================
ephemeral-6.1.1-1.fc31 (FEDORA-2020-5d0b7b6962)
Private-by-default, always-incognito browser
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 21 2020 Artem Polishchuk <ego.cordatus(a)gmail.com> - 6.1.1-1
- Update to 6.1.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1763002 - ephemeral-6.1.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1763002
--------------------------------------------------------------------------------
================================================================================
fail2ban-0.10.5-2.fc31 (FEDORA-2020-96a2030c7d)
Daemon to ban hosts that cause multiple authentication errors
--------------------------------------------------------------------------------
Update Information:
Move action.d/mail-whois-common.conf into fail2ban-server ---- ver. 0.10.5
(2020/01/10) - deserve-more-respect-a-jedis-weapon-must ----------- Yes,
Hrrrm... ### Fixes * [compatibility] systemd backend: default flags changed to
SYSTEM_ONLY(4), fixed in gh-2444 in order to ignore user session files per
default, so could prevent "Too many open files" errors on a lot of user
sessions
(see gh-2392) * [grave] fixed parsing of multi-line filters (`maxlines` > 1)
together with systemd backend, now systemd-filter replaces newlines in message
from systemd journal with `\n` (otherwise multi-line parsing may be broken,
because removal of matched string from multi-line buffer window is confused by
such extra new-lines, so they are retained and got matched on every followed
message, see gh-2431) * [stability] prevent race condition - no unban if the
bans occur continuously (gh-2410); now an unban-check will happen not later
than 10 tickets get banned regardless there are still active bans available
(precedence of ban over unban-check is 10 now) * fixed read of included config-
files (`.local` overwrites options of `.conf` for config-files included with
before/after) * `action.d/abuseipdb.conf`: switched to use AbuseIPDB API v2
(gh-2302) * `action.d/badips.py`: fixed start of banaction on demand (which may
be IP-family related), gh-2390 * `action.d/helpers-common.conf`: rewritten grep
arguments, now options `-wF` used to match only whole words and fixed string
(not as pattern), gh-2298 * `filter.d/apache-auth.conf`: - ignore errors from
mod_evasive in `normal` mode (mode-controlled now) (gh-2548); - extended with
option `mode` - `normal` (default) and `aggressive` * `filter.d/sshd.conf`: -
matches `Bad protocol version identification` in `ddos` and `aggressive` modes
(gh-2404). - captures `Disconnecting ...: Change of username or service not
allowed` (gh-2239, gh-2279) - captures `Disconnected from ... [preauth]`,
preauth phase only, different handling by `extra` (with supplied user only)
and `ddos`/`aggressive` mode (gh-2115, gh-2239, gh-2279) * `filter.d/mysqld-
auth.conf`: - MYSQL 8.0.13 compatibility (log-error-verbosity = 3), log-
format contains few additional words enclosed in brackets after "[Note]"
(gh-2314) * `filter.d/sendmail-reject.conf`: - `mode=extra` now captures port
IDs of `TLSMTA` and `MSA` (defaults for ports 465 and 587 on some distros) *
`files/fail2ban.service.in`: fixed systemd-unit template - missing nftables
dependency (gh-2313) * several `action.d/mail*`: fixed usage with multiple log
files (ultimate fix for gh-976, gh-2341) * `filter.d/sendmail-reject.conf`:
fixed journal usage for some systems (e. g. CentOS): if only identifier set
to `sm-mta` (no unit `sendmail`) for some messages (gh-2385) *
`filter.d/asterisk.conf`: asterisk can log additional timestamp if logs into
systemd-journal (regex extended with optional part matching this, gh-2383) *
`filter.d/postfix.conf`: - regexp's accept variable suffix code in status of
postfix for precise messages (gh-2442) - extended with new postfix filter
mode `errors` to match "too many errors" (gh-2439), also included within
modes `normal`, `more` (`extra` and `aggressive`), since postfix parameter
`smtpd_hard_error_limit` is default 20 (additionally consider `maxretry`) *
`filter.d/named-refused.conf`: - support BIND 9.11.0 log format (includes an
additional field @0xXXX..., gh-2406); - `prefregex` extended, more selective
now (denied/NOTAUTH suffix moved from failregex, so no catch-all there anymore)
* `filter.d/sendmail-auth.conf`, `filter.d/sendmail-reject.conf` : - ID in
prefix can be longer as 14 characters (gh-2563); * all filters would accept
square brackets around IPv4 addresses also (e. g. monit-filter, gh-2494) *
avoids unhandled exception during flush (gh-2588) * fixes pass2allow-ftp jail -
due to inverted handling, action should prohibit access per default for any IP,
therefore reset start on demand parameter for this action (it will be started
immediately by repair); * auto-detection of IPv6 subsystem availability
(important for not on-demand actions or jails, like pass2allow); ### New
Features * new replacement tags for failregex to match subnets in form of IP-
addresses with CIDR mask (gh-2559): - `<CIDR>` - helper regex to match CIDR
(simple integer form of net-mask); - `<SUBNET>` - regex to match sub-net
adresses (in form of IP/CIDR, also single IP is matched, so part /CIDR is
optional); * grouped tags (`<ADDR>`, `<HOST>`, `<SUBNET>`) recognize IP
addresses enclosed in square brackets * new failregex-flag tag `<F-MLFGAINED>`
for failregex, signaled that the access to service was gained (ATM used
similar to tag `<F-NOFAIL>`, but it does not add the log-line to matches,
gh-2279) * filters: introduced new configuration parameter `logtype` (default
`file` for file-backends, and `journal` for journal-backends, gh-2387); can
be also set to `rfc5424` to force filters (which include common.conf) to use
RFC 5424 conform prefix-line per default (gh-2467); * for better performance and
safety the option `logtype` can be also used to select short prefix-line for
file-backends too for all filters using `__prefix_line` (`common.conf`), if
message logged only with `hostname svc[nnnn]` prefix (often the case on several
systems): ```ini [jail] backend = auto filter = flt[logtype=short] ``` *
`filter.d/common.conf`: differentiate `__prefix_line` for file/journal logtype's
(speedup and fix parsing of systemd-journal); * `filter.d/traefik-auth.conf`:
used to ban hosts, that were failed through traefik * `filter.d/znc-
adminlog.conf`: new filter for ZNC (IRC bouncer); requires the adminlog module
to be loaded ### Enhancements * introduced new options: `dbmaxmatches`
(fail2ban.conf) and `maxmatches` (jail.conf) to contol how many matches per
ticket fail2ban can hold in memory and store in database (gh-2402, gh-2118); *
fail2ban.conf: introduced new section `[Thread]` and option `stacksize` to
configure default size of the stack for threads running in fail2ban (gh-2356),
it could be set in `fail2ban.local` to avoid runtime error "can't start new
thread" (see gh-969); * jail-reader extended (amend to gh-1622): actions support
multi-line options now (interpolations containing new-line); * fail2ban-
client: extended to ban/unban multiple tickets (see gh-2351, gh-2349); Syntax:
- `fail2ban-client set <jain> banip <ip1> ... <ipN>` -
`fail2ban-client set
<jain> unbanip [--report-absent] <ip1> ... <ipN>` * fail2ban-client:
extended
with new feature which allows to inform fail2ban about single or multiple
attempts (failure) for IP (resp. failure-ID), see gh-2351; Syntax: -
`fail2ban-client set <jail> attempt <ip> [<failure-message1> ...
<failure-
messageN>]` * `action.d/nftables.conf`: - isolate fail2ban rules into a
dedicated table and chain (gh-2254) - `nftables-allports` supports multiple
protocols in single rule now - combined nftables actions to single action
`nftables`: * `nftables-common` is removed (replaced with single action
`nftables` now) * `nftables-allports` is obsolete, superseded by
`nftables[type=allports]` * `nftables-multiport` is obsolete, superseded by
`nftables[type=multiport]` - allowed multiple protocols in
`nftables[type=multiport]` action (single set with multiple rules in chain),
following configuration in jail would replace 3 separate actions, see
https://github.com/fail2ban/fail2ban/pull/2254#issuecomment-534684675 *
`action.d/badips.py`: option `loglevel` extended with level of summary message,
following example configuration logging summary with NOTICE and rest with DEBUG
log-levels: `action = badips.py[loglevel="debug, notice"]` *
samplestestcase.py (testSampleRegexsFactory) extended: - allow coverage of
journal logtype; - new option `fileOptions` to set common filter/test options
for whole test-file; * large enhancement: auto-reban, improved invariant check
and conditional operations (gh-2588): - improves invariant check and repair
(avoid unhandled exception, consider family on conditional operations, etc),
prepared for bulk re-ban in repair case (if bulk-ban becomes implemented); -
automatic reban (repeat banning action) after repair/restore sane environment,
if already logged ticket causes new failures (via new action operation
`actionreban` or `actionban` if still not defined in action); * introduces
banning epoch for actions and tickets (to distinguish or recognize removed set
of the tickets); * invariant check avoids repair by unban/stop (unless
parameter `actionrepair_on_unban` set to `true`); * better handling for all
conditional operations (distinguish families for certain operations like
repair/flush/stop, prepared for other families, e. g. if different handling for
subnets expected, etc); * partially implements gh-980 (more breakdown safe
handling); * closes gh-1680 (better as large-scale banning implementation with
on-demand reban by failure, at least unless a bulk-ban gets implemented); *
fail2ban-regex - several enhancements and fixes: - improved usage output
(don't put a long help if an error occurs); - new option `--no-check-all` to
avoid check of all regex's (first matched only); - new option `-o`, `--out` to
set token only provided in output (disables check-all and outputs only expected
data).
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 21 2020 Orion Poplawski <orion(a)nwra.com> - 0.10.5-2
- Move action.d/mail-whois-common.conf into fail2ban-server
* Tue Jan 14 2020 Orion Poplawski <orion(a)nwra.com> - 0.10.5-1
- Update to 0.10.5
--------------------------------------------------------------------------------
================================================================================
gamehub-0.15.0.1-1.fc31 (FEDORA-2020-90bb429e59)
All your games in one place
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 21 2020 Artem Polishchuk <ego.cordatus(a)gmail.com> - 0.15.0.1-1
- Update to 0.15.0-1-master
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1761674 - gamehub-0.14.2-37-dev is available
https://bugzilla.redhat.com/show_bug.cgi?id=1761674
--------------------------------------------------------------------------------
================================================================================
gdb-8.3.50.20190824-27.fc31 (FEDORA-2020-992574ec53)
A stub package for GNU source-level debugger
--------------------------------------------------------------------------------
Update Information:
Re-enable guile support
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 14 2020 Dan ��erm��k <dan.cermak(a)cgc-instruments.com> -
8.3.50.20190824-27
- Re-enable guile support
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1793606 - Reenable guile support
https://bugzilla.redhat.com/show_bug.cgi?id=1793606
--------------------------------------------------------------------------------
================================================================================
git-filter-repo-2.25.0-2.fc31 (FEDORA-2020-0a9faa48e0)
Quickly rewrite git repository history (git-filter-branch replacement)
--------------------------------------------------------------------------------
Update Information:
Update to version 2.25.0
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 21 2020 Andreas Schneider <asn(a)redhat.com> - 2.25.0-1
- Update to version 2.25.0
- Fix installation to python3 sitelib
--------------------------------------------------------------------------------
================================================================================
gnucash-3.8-1.fc31 (FEDORA-2020-0ba2e843ca)
Finance management application
--------------------------------------------------------------------------------
Update Information:
This updates GnuCash to the latest upstream release, 3.8. For information on
what's fixed in this release, see the upstream release notes at
https://www.gnucash.org/news.phtml#n-191229-3.8.news
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 21 2020 Kalev Lember <klember(a)redhat.com> - 3.8-1
- Update to 3.8
* Fri Jan 17 2020 Jeff Law <law(a)redhat.com> - 3.7-3
- Rename one instance of struct _iterate to struct __iterate to
avoid ODR problems with LTO
* Fri Nov 1 2019 Pete Walter <pwalter(a)fedoraproject.org> - 3.7-2
- Rebuild for ICU 65
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1786888 - gnucash-3.8b is available
https://bugzilla.redhat.com/show_bug.cgi?id=1786888
--------------------------------------------------------------------------------
================================================================================
gnucash-docs-3.8-1.fc31 (FEDORA-2020-0ba2e843ca)
Help files and documentation for the GnuCash personal finance manager
--------------------------------------------------------------------------------
Update Information:
This updates GnuCash to the latest upstream release, 3.8. For information on
what's fixed in this release, see the upstream release notes at
https://www.gnucash.org/news.phtml#n-191229-3.8.news
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 21 2020 Kalev Lember <klember(a)redhat.com> - 3.8-1
- Update to 3.8
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1786888 - gnucash-3.8b is available
https://bugzilla.redhat.com/show_bug.cgi?id=1786888
--------------------------------------------------------------------------------
================================================================================
hub-2.14.0-1.fc31 (FEDORA-2020-721f4bde69)
Command-line tool that makes git easier to use with GitHub
--------------------------------------------------------------------------------
Update Information:
Update to 2.14.0
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 21 2020 Stephen Gallagher <sgallagh(a)redhat.com> - 2.14.0-1
- Update to 2.14.0
* Wed Nov 6 2019 Stephen Gallagher <sgallagh(a)redhat.com> - 2.13.0-1
- Update to 2.13.0
--------------------------------------------------------------------------------
================================================================================
java-latest-openjdk-13.0.2.8-1.rolling.fc31 (FEDORA-2020-2ed6716c30)
OpenJDK Runtime Environment 13
--------------------------------------------------------------------------------
Update Information:
This is January 2020 OpenJDK security update for java-latest-openjdk packages.
The sources are updated to the 13.0.2+8 tag.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 17 2020 Petra Alice Mikova <pmikova(a)redhat.com> - 1:13.0.2.8-1.rolling
- removed patch jdk8231405_guarantee_d_nonequals_null_failed_null_dominator_info.patch
- removed patch
jdk8231583_fix_register_clash_in_sbsa_resolve_forwarding_pointer_borrowing.patch
- updated sources to the 13.0.2+8 tag
--------------------------------------------------------------------------------
================================================================================
jtc-1.75d-1.fc31 (FEDORA-2020-fecd364c9b)
JSON processing utility
--------------------------------------------------------------------------------
Update Information:
New upstream release 1.75d
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 21 2020 Dan ��erm��k <dan.cermak(a)cgc-instruments.com> - 1.75d-1
- New upstream release 1.75d
--------------------------------------------------------------------------------
================================================================================
kernel-5.4.13-201.fc31 (FEDORA-2020-aa144b34ed)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
Update to Linux v5.4.13
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 21 2020 Jeremy Cline <jcline(a)redhat.com> - 5.4.13-201
- Re-add the Intel ASoC Sound Open Firmware driver support
* Mon Jan 20 2020 Jeremy Cline <jcline(a)redhat.com> - 5.4.13-200
- Linux v5.4.13
--------------------------------------------------------------------------------
================================================================================
libeconf-0.3.4-1.fc31 (FEDORA-2020-7188ec27f2)
Enhanced config file parser library
--------------------------------------------------------------------------------
Update Information:
- Fix parsing of quoted strings, and values starting with delimiters - Fix
buffer overflow in `econf_readDirs`
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 21 2020 Neal Gompa <ngompa13(a)gmail.com> - 0.3.4-1
- Update to 0.3.4 (RH#1793599)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1793599 - libeconf-0.3.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1793599
--------------------------------------------------------------------------------
================================================================================
libmongocrypt-1.0.1-2.fc31 (FEDORA-2020-eff246288a)
The companion C library for client side encryption in drivers
--------------------------------------------------------------------------------
Update Information:
The companion C library for client side encryption in drivers.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jan 18 2020 Remi Collet <remi(a)remirepo.net> - 1.0.1-2
- modernize spec from review #1792224
- add generated html documentation
* Fri Jan 17 2020 Remi Collet <remi(a)remirepo.net> - 1.0.1-1
- initial package
- fix installation layout using patch from
https://github.com/mongodb/libmongocrypt/pull/87
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1792224 - Review Request: libmongocrypt - The companion C library for client
side encryption in drivers
https://bugzilla.redhat.com/show_bug.cgi?id=1792224
--------------------------------------------------------------------------------
================================================================================
lksctp-tools-1.0.18-3.fc31 (FEDORA-2020-3f14ef5a84)
User-space access to Linux Kernel SCTP
--------------------------------------------------------------------------------
Update Information:
update to lksctp-tools-1.0.18-3
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 18 2019 Vit Mojzis <vmojzis(a)redhat.com> - 1.0.18-3
- Added a patch to fix netinet/sctp.h not to be installed.
- Added some fixes for kernel feature detection.
- Updated to 1.0.18. [1568622]
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1764568 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1764568
--------------------------------------------------------------------------------
================================================================================
minuet-19.12.1-1.fc31 (FEDORA-2020-c32347f1e6)
A KDE Software for Music Education
--------------------------------------------------------------------------------
Update Information:
Update to 19.12.1.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 20 2020 Vasiliy N. Glazov <vascom2(a)gmail.com> - 19.12.1-1
- Update to 19.12.1
--------------------------------------------------------------------------------
================================================================================
munin-2.0.54-1.fc31 (FEDORA-2020-8ffa92df6d)
Network-wide resource monitoring tool
--------------------------------------------------------------------------------
Update Information:
Upstream update to 2.0.54. Also uses systemd hardening options for munin-node
and munin-asyncd.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 21 2020 Kim B. Heino <b(a)bbbs.net> - 2.0.54-1
- Upgrade to 2.0.54
- Improve df's ignore list
- Use systemd hardening options for node and asyncd
--------------------------------------------------------------------------------
================================================================================
packit-0.8.1-1.fc31 (FEDORA-2020-53e7b86b2b)
A tool for integrating upstream projects with Fedora operating system
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 20 2020 Jiri Popelka <jpopelka(a)redhat.com> - 0.8.1-1
- new upstream release: 0.8.1
* Wed Jan 15 2020 Dominika Hodovska <dhodovsk(a)redhat.com> - 0.8.0-1
- new upstream release: 0.8.0
--------------------------------------------------------------------------------
================================================================================
perl-CPAN-Perl-Releases-5.20200120-1.fc31 (FEDORA-2020-2d1d01a32a)
Mapping Perl releases on CPAN to the location of the tarballs
--------------------------------------------------------------------------------
Update Information:
Updated to the latest version.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 21 2020 Jitka Plesnikova <jplesnik(a)redhat.com> - 5.20200120-1
- 5.20200120 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1793152 - perl-CPAN-Perl-Releases-5.20200120 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1793152
--------------------------------------------------------------------------------
================================================================================
perl-ExtUtils-CBuilder-0.280234-1.fc31 (FEDORA-2020-cb999ef990)
Compile and link C code for Perl modules
--------------------------------------------------------------------------------
Update Information:
This release improves a documentation and the tests.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 21 2020 Petr Pisar <ppisar(a)redhat.com> - 1:0.280234-1
- 0.280234 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1793459 - perl-ExtUtils-CBuilder-0.280234 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1793459
--------------------------------------------------------------------------------
================================================================================
perl-Module-CoreList-5.20200120-1.fc31 (FEDORA-2020-ebb35aefc3)
What modules are shipped with versions of perl
--------------------------------------------------------------------------------
Update Information:
This Release brings data about Perl 5.31.8.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 21 2020 Petr Pisar <ppisar(a)redhat.com> - 1:5.20200120-1
- 5.20200120 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1793146 - perl-Module-CoreList-5.20200120 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1793146
--------------------------------------------------------------------------------
================================================================================
perl-PPIx-Regexp-0.068-1.fc31 (FEDORA-2020-c76e5a5f53)
Represent a regular expression of some sort
--------------------------------------------------------------------------------
Update Information:
This release adds PPIx::Regexp::Util::is_ppi_regexp_element() and explain() on
[[=x=]] now calls it a Character Equivalence.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 21 2020 Petr Pisar <ppisar(a)redhat.com> - 0.068-1
- 0.068 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1793586 - perl-PPIx-Regexp-0.068 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1793586
--------------------------------------------------------------------------------
================================================================================
php-7.3.14-1.fc31 (FEDORA-2020-dca9810fd2)
PHP scripting language for creating dynamic web sites
--------------------------------------------------------------------------------
Update Information:
**PHP version 7.3.14** (23 Jan 2020) **Core** * Fixed bug php#78999 (Cycle
leak when using function result as temporary). (Dmitry) **CURL:** * Fixed bug
php#79033 (Curl timeout error with specific url and post). (cmb) **Date:** *
Fixed bug php#79015 (undefined-behavior in php_date.c). (cmb) **DBA:** * Fixed
bug php#78808 ([LMDB] MDB_MAP_FULL: Environment mapsize limit reached). (cmb)
**Fileinfo:** * Fixed bug php#74170 (locale information change after
mime_content_type). (Sergei Turchanov) **GD:** * Fixed bug php#78923
(Artifacts when convoluting image with transparency). (wilson chen) * Fixed bug
php#79067 (gdTransformAffineCopy() may use unitialized values). (cmb) * Fixed
bug php#79068 (gdTransformAffineCopy() changes interpolation method). (cmb)
**Libxml:** * Fixed bug php#79029 (Use After Free's in XMLReader / XMLWriter).
(Laruence) **Mbstring:** * Fixed bug php#79037 (global buffer-overflow in
`mbfl_filt_conv_big5_wchar`). (CVE-2020-7060) (Nikita) **OPcache:** * Fixed
bug php#79040 (Warning Opcode handlers are unusable due to ASLR). (cmb)
**Pcntl:** * Fixed bug php#78402 (Converting null to string in error message is
bad DX). (SAT�� Kentar��) **PDO_PgSQL:** * Fixed bug php#78983 (pdo_pgsql
config.w32 cannot find libpq-fe.h). (SAT�� Kentar��) * Fixed bug php#78980
(pgsqlGetNotify() overlooks dead connection). (SAT�� Kentar��) * Fixed bug
php#78982 (pdo_pgsql returns dead persistent connection). (SAT�� Kentar��)
**Session:** * Fixed bug php#79091 (heap use-after-free in
session_create_id()). (cmb, Nikita) **Shmop:** * Fixed bug php#78538 (shmop
memory leak). (cmb) **Standard:** * Fixed bug php#79099 (OOB read in
php_strip_tags_ex). (CVE-2020-7059). (cmb) * Fixed bug php#54298 (Using empty
additional_headers adding extraneous CRLF). (cmb)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 21 2020 Remi Collet <remi(a)remirepo.net> - 7.3.14-1
- Update to 7.3.14 -
http://www.php.net/releases/7_3_14.php
* Tue Jan 7 2020 Remi Collet <remi(a)remirepo.net> - 7.3.14~RC1-1
- update to 7.3.14RC1
--------------------------------------------------------------------------------
================================================================================
python-astroplan-0.6-1.fc31 (FEDORA-2020-9ba5b9cbe7)
Python package to help astronomers plan observations
--------------------------------------------------------------------------------
Update Information:
New package python-astroplan, used to to help astronomers plan observations.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 12 2019 Sergio Pascual <sergio.pasra at gmail.com> - 0.6-1
- New release 0.6
* Sat Dec 7 2019 Sergio Pascual <sergio.pasra at gmail.com> - 0.5-2
- Fix project url
- Add check section
* Mon Nov 11 2019 Sergio Pascual <sergio.pasra at gmail.com> - 0.5-1
- Initial spec file
--------------------------------------------------------------------------------
================================================================================
python-django-configurations-2.2-2.fc31 (FEDORA-2020-8e9ea20dce)
A helper for organizing Django settings
--------------------------------------------------------------------------------
Update Information:
Use var for source URL
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 7 2020 Fabian Affolter <mail(a)fabian-affolter.ch> - 2.2-2
- Use var for source URL
- Better use of wildcards (rhbz#1786875)
* Sat Dec 28 2019 Fabian Affolter <mail(a)fabian-affolter.ch> - 2.2-1
- Initial package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1786875 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1786875
--------------------------------------------------------------------------------
================================================================================
python-gmqtt-0.5.4-1.fc31 (FEDORA-2020-a4406310f5)
Client for the MQTT protocol
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release 0.5.4
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 7 2020 Fabian Affolter <mail(a)fabian-affolter.ch> - 0.5.4-1
- Update to latest upstream release 0.5.4
* Mon Dec 30 2019 Fabian Affolter <mail(a)fabian-affolter.ch> - 0.5.3-1
- Initial package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1790069 - Review Request: python-gmqtt - Client for the MQTT protocol
https://bugzilla.redhat.com/show_bug.cgi?id=1790069
--------------------------------------------------------------------------------
================================================================================
python-identify-1.4.10-1.fc31 (FEDORA-2020-9023f47566)
File identification library for Python
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 21 2020 Artem Polishchuk <ego.cordatus(a)gmail.com> - 1.4.10-1
- Update to 1.4.10
--------------------------------------------------------------------------------
================================================================================
python-ipdb-0.12.3-1.fc31 (FEDORA-2020-252c81b0bc)
IPython enabled Python debugger
--------------------------------------------------------------------------------
Update Information:
Update to [
0.12.3](https://github.com/gotcha/ipdb/blob/0.12.3/HISTORY.txt).
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 21 2020 Randy Barlow <bowlofeggs(a)fedoraproject.org> - 0.12.3-1
- Update to 0.12.3 (#1779136).
-
https://github.com/gotcha/ipdb/blob/0.12.3/HISTORY.txt
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1779136 - python-ipdb-0.12.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1779136
--------------------------------------------------------------------------------
================================================================================
python-play-scraper-0.6.0-2.fc31 (FEDORA-2020-92d4690432)
Scrapes and parses application data from Google Play Store
--------------------------------------------------------------------------------
Update Information:
Disable tests till upstream fix is available
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 7 2020 Fabian Affolter <mail(a)fabian-affolter.ch> - 0.6.0-2
- Disable tests till upstream fix is available
- Better use of wildcards (rhbz#1786656)
* Sat Dec 14 2019 Fabian Affolter <mail(a)fabian-affolter.ch> - 0.6.0-1
- Initial package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1786656 - Review Request: python-play-scraper - Scrapes and parses
application data from Google Play Store
https://bugzilla.redhat.com/show_bug.cgi?id=1786656
--------------------------------------------------------------------------------
================================================================================
python-rtmidi-1.3.1-1.fc31 (FEDORA-2020-aebe27ba90)
Python binding for the RtMidi C++ library
--------------------------------------------------------------------------------
Update Information:
Initial package
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 8 2020 Fabian Affolter <mail(a)fabian-affolter.ch> - 1.3.1-1
- Initial package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1790108 - Review Request: python-rtmidi - Python binding for the RtMidi C++
library
https://bugzilla.redhat.com/show_bug.cgi?id=1790108
--------------------------------------------------------------------------------
================================================================================
python-siosocks-0.1.0-2.fc31 (FEDORA-2020-71a58c6713)
Sans-io socks proxy client/server with couple io backends
--------------------------------------------------------------------------------
Update Information:
Use var for source URL
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 7 2020 Fabian Affolter <mail(a)fabian-affolter.ch> - 0.1.0-2
- Use var for source URL
- Better use of wildcards (rhbz#1787309)
* Wed Jan 1 2020 Fabian Affolter <mail(a)fabian-affolter.ch> - 0.1.0-1
- Initial package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1787309 - Review Request: python-siosocks - Sans-io socks proxy client/server
with couple io backends
https://bugzilla.redhat.com/show_bug.cgi?id=1787309
--------------------------------------------------------------------------------
================================================================================
samba-4.11.5-0.fc31 (FEDORA-2020-7992b6bf2a)
Server and Client software to interoperate with Windows machines
--------------------------------------------------------------------------------
Update Information:
Update to Samba 4.11.5 - Security fixes for CVE-2019-14902, CVE-2019-14907 and
CVE-2019-19344
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 21 2020 Guenther Deschner <gdeschner(a)redhat.com> - 4.11.5-0
- Update to Samba 4.11.5
- resolves: #1791201, #1793405 - Security fixes for CVE-2019-14902
- resolves: #1791207, #1793407 - Security fixes for CVE-2019-14907
- resolves: #1791204, #1793406 - Security fixes for CVE-2019-19344
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1791201 - CVE-2019-14902 samba: Replication of ACLs set to inherit down a
subtree on AD Directory not automatic
https://bugzilla.redhat.com/show_bug.cgi?id=1791201
[ 2 ] Bug #1791207 - CVE-2019-14907 samba: Crash after failed character conversion at
log level 3 or above
https://bugzilla.redhat.com/show_bug.cgi?id=1791207
[ 3 ] Bug #1791204 - CVE-2019-19344 samba: Use after free during DNS zone scavenging in
Samba AD DC
https://bugzilla.redhat.com/show_bug.cgi?id=1791204
--------------------------------------------------------------------------------
================================================================================
vimiv-qt-0.5.0-2.fc31 (FEDORA-2020-81cedc4fcc)
An image viewer with vim-like keybindings
--------------------------------------------------------------------------------
Update Information:
* Adds python3-qt5 as a dependency, required for viewing SVG files ----
Update to latest stable release: 0.5.0
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 21 2020 Ankur Sinha <ankursinha AT fedoraproject DOT org> - 0.5.0-2
- Add python3-qt5 as dependency: required for SVG
* Wed Jan 15 2020 Ankur Sinha <ankursinha AT fedoraproject DOT org> - 0.5.0-1
- Update to 0.5.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1791107 - vimiv-qt needs python3-qt5 for SVG support
https://bugzilla.redhat.com/show_bug.cgi?id=1791107
[ 2 ] Bug #1791232 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1791232
--------------------------------------------------------------------------------
================================================================================
yacreader-9.6.2-1.fc31 (FEDORA-2020-1e7ee48d12)
Cross platform comic reader and library manager
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 21 2020 Artem Polishchuk <ego.cordatus(a)gmail.com> - 9.6.2-1
- Update to 9.6.2
- Enable LTO
* Fri Jan 17 2020 Marek Kasik <mkasik(a)redhat.com> - 9.6.0-2
- Rebuild for poppler-0.84.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1761685 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1761685
--------------------------------------------------------------------------------