The following Fedora 33 Security updates need testing:
Age URL
10
https://bodhi.fedoraproject.org/updates/FEDORA-2021-f3ebd7554c
radare2-5.1.1-1.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-28f97e232d
bind-9.11.28-1.fc33
5
https://bodhi.fedoraproject.org/updates/FEDORA-2021-4e92349087
nagios-4.4.6-1.fc33
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-e9478617ae
ansible-2.9.18-1.fc33
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-b1843407ca
python3.9-3.9.2-1.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-9107eeb95c
screen-4.8.0-5.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-aa764a8531
chromium-88.0.4324.182-1.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-fba11d37ee dpdk-20.11-1.fc33
openvswitch-2.15.0-1.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-ef8c2acfce isync-1.4.1-1.fc33
0
https://bodhi.fedoraproject.org/updates/FEDORA-2021-572bb0f886 mupdf-1.18.0-5.fc33
python-PyMuPDF-1.18.8-2.fc33 zathura-pdf-mupdf-0.3.6-6.fc33
0
https://bodhi.fedoraproject.org/updates/FEDORA-2021-8349f28cb9
openscad-2019.05-13.fc33
0
https://bodhi.fedoraproject.org/updates/FEDORA-2021-93ff9e9103 ceph-15.2.9-1.fc33
The following Fedora 33 Critical Path updates have yet to be approved:
Age URL
29
https://bodhi.fedoraproject.org/updates/FEDORA-2021-039b93d5e4
dnsmasq-2.84-1.fc33
10
https://bodhi.fedoraproject.org/updates/FEDORA-2021-06e61a3c53
osinfo-db-20210215-1.fc33
9
https://bodhi.fedoraproject.org/updates/FEDORA-2021-d0cf00b5aa pungi-4.2.8-1.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-458541fd0f gjs-1.66.2-3.fc33
mozjs78-78.8.0-2.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-1240eb977c
gtk3-3.24.26-1.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-a058872d1d fwupd-1.5.7-1.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-7bf9501bb9
nfs-utils-2.5.3-0.fc33
0
https://bodhi.fedoraproject.org/updates/FEDORA-2021-4d273f94b1
pipewire-0.3.22-4.fc33
0
https://bodhi.fedoraproject.org/updates/FEDORA-2021-e071fdf850
libsndfile-1.0.31-3.fc33
0
https://bodhi.fedoraproject.org/updates/FEDORA-2021-2c3da66ad5 nss-3.62.0-1.fc33
The following builds have been pushed to Fedora 33 updates-testing
389-ds-base-1.4.4.13-2.fc33
GAPDoc-1.6.4-5.fc33
bottles-3.0.1.1-2.fc33
dogtag-pki-10.10.5-1.fc33
freeipa-4.9.2-4.fc33
giada-0.17.1-4.fc33
kata-ksm-throttler-1.12.1-1.fc33
kernel-5.10.19-200.fc33
libss7-2.0.0-7.fc33
ncmpc-0.45-1.fc33
pki-core-10.10.5-1.fc33
prosody-0.11.8-2.fc33
prusa-slicer-2.2.0-8.fc33
psi4-1.3.2-9.fc33
xrootd-5.1.0-2.fc33
Details about builds:
================================================================================
389-ds-base-1.4.4.13-2.fc33 (FEDORA-2021-7458e2d835)
389 Directory Server (base)
--------------------------------------------------------------------------------
Update Information:
- 389-ds fixes an information disclosure during unsuccessful LDAP BIND
operation, CVE-2020-35518 - Dogtag PKI adopted to work with 389-ds with the fix
- FreeIPA rebuilt to require new Dogtag and 389-ds versions
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 26 2021 Alexander Bokovoy <abokovoy(a)redhat.com> 1.4.4.13-2
- Rebuild now that Dogtag is fixed to work with a fix to Issue 4609
* Fri Feb 12 2021 Mark Reynolds <mreynolds(a)redhat.com> - 1.4.4.13-1
- Bump version to 1.4.4.13
- Update dscontainer (#4564)
- Issue 4591 - RFE - improve openldap_to_ds help and features (#4607)
- Issue 4324 - Some architectures the cache line size file does not exist
- Issue 4593 - RFE - Print help when nsSSLPersonalitySSL is not found (#4614)
- Issue 4609 - CVE - info disclosure when authenticating
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1908653 - CVE-2020-35518 389-ds-base: information disclosure during the
binding of a DN [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1908653
--------------------------------------------------------------------------------
================================================================================
GAPDoc-1.6.4-5.fc33 (FEDORA-2021-2061b2ee2d)
GAP documentation tool
--------------------------------------------------------------------------------
Update Information:
This update simply adds a dependency on amssym.tex. That dependency used to be
satisfied transitively, but must now be explicit.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 25 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.6.4-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
bottles-3.0.1.1-2.fc33 (FEDORA-2021-cb3c6a78c9)
Easily manage Wine prefix in a new way
--------------------------------------------------------------------------------
Update Information:
Update to 3.0.1.1 ---- Update to 3.0.1.1
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 26 2021 Artem Polishchuk <ego.cordatus(a)gmail.com> - 3.0.1.1-2
- build: Add libhandy1 dep
* Fri Feb 26 2021 Artem Polishchuk <ego.cordatus(a)gmail.com> - 3.0.1.1-1
- build(update): 3.0.1.1
* Mon Feb 22 2021 Artem Polishchuk <ego.cordatus(a)gmail.com> - 2.1.2-1
- build(update): 2.1.2
* Fri Feb 19 2021 Artem Polishchuk <ego.cordatus(a)gmail.com> - 2.1.1-1
- build(update): 2.1.1
--------------------------------------------------------------------------------
================================================================================
dogtag-pki-10.10.5-1.fc33 (FEDORA-2021-7458e2d835)
Dogtag PKI Package
--------------------------------------------------------------------------------
Update Information:
- 389-ds fixes an information disclosure during unsuccessful LDAP BIND
operation, CVE-2020-35518 - Dogtag PKI adopted to work with 389-ds with the fix
- FreeIPA rebuilt to require new Dogtag and 389-ds versions
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 25 2021 Dogtag PKI Team <pki-devel(a)redhat.com> - 10.10.5-1
- Rebase to upstream stable v10.10.5 release
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 10.10.3-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1908653 - CVE-2020-35518 389-ds-base: information disclosure during the
binding of a DN [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1908653
--------------------------------------------------------------------------------
================================================================================
freeipa-4.9.2-4.fc33 (FEDORA-2021-7458e2d835)
The Identity, Policy and Audit system
--------------------------------------------------------------------------------
Update Information:
- 389-ds fixes an information disclosure during unsuccessful LDAP BIND
operation, CVE-2020-35518 - Dogtag PKI adopted to work with 389-ds with the fix
- FreeIPA rebuilt to require new Dogtag and 389-ds versions
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 26 2021 Alexander Bokovoy <abokovoy(a)redhat.com> - 4.9.2-4
- Rebuild against 389-ds and PKI to fix
https://github.com/389ds/389-ds-base/issues/4609
* Tue Feb 23 2021 Alexander Bokovoy <abokovoy(a)redhat.com> - 4.9.2-3
- Only use python-platform on RHEL 8
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1908653 - CVE-2020-35518 389-ds-base: information disclosure during the
binding of a DN [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1908653
--------------------------------------------------------------------------------
================================================================================
giada-0.17.1-4.fc33 (FEDORA-2021-f94ddbdaaa)
Your hardcore loop machine
--------------------------------------------------------------------------------
Update Information:
Remove VST 3 SDK and JUCE from source tarball for legal reasons; disable all VST
support. ---- New upstream version 0.17.1. Major changes since 0.16.4 include:
* VST3 support (currently disabled on PPC64LE) * Assorted bug fixes * Assorted
UI improvements
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 25 2021 Benjamin A. Beasley <code(a)musicinmybrain.net> - 0.17.1-4
- Remove VST 3 SDK and JUCE from source tarball for legal reasons; disable all
VST support
- Update License field to reflect the removed bundled dependencies
- Remove stray debugging ���find��� commands
* Tue Feb 23 2021 Benjamin A. Beasley <code(a)musicinmybrain.net> - 0.17.1-3
- Add link to upstream issue for format-security patch
- Add commentary on forked bundled rtaudio, with a link to upstream discussion
* Tue Feb 23 2021 Benjamin A. Beasley <code(a)musicinmybrain.net> - 0.17.1-2
- Disable VST3 on PPC64LE due to a non-obvious linker error
* Mon Feb 22 2021 Benjamin A. Beasley <code(a)musicinmybrain.net> - 0.17.1-2
- New upstream release 0.17.1
- Switch to CMake build system
- Add AppData and updated desktop file from
https://github.com/monocasual/giada/pull/358
- Add virtual Provides, and update License field, for bundled dependencies
- Update summary and description from upstream
- Build Giada with tests, and run them at build time
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.17.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Tue Nov 24 2020 Erich Eickmeyer <erich(a)ericheickmeyer.com> - 0.17.0-1
- New upstream release
- Add CMake build system
- VST3 support
- Show descriptive plug-in names in Plug-in List Window
- Resizable plug-in list
- New persistence mechanism for Plug-ins state
- Improved text truncation for small buttons and text boxes
- Beautify Sample Editor window
- Resizable plug-in list window
- Show descriptive plug-in name in plug-in list
- Update JUCE, version 6.0.4
- Update Catch2 to version 2.13.2
- Replace old filesystem functions in fs.h with std::filesystem
- Add VST3 SDK as git submodule
- Set minimum macOS version to 10.14
- Statically link the MSVC runtime library on Windows
- Avoid crash on opening plug-in list with invalid plug-ins
- Rewind sample channels in loop.once.bar mode on bar, if still playing (fix #403)
- Modernize log::print() function to handle std::string arguments (PR #402)
- Fix playStatus logic for ending sample channels in loop-once-bar mode (#404)
- Fix shrinking beats that could glitch the output (#361)
--------------------------------------------------------------------------------
================================================================================
kata-ksm-throttler-1.12.1-1.fc33 (FEDORA-2021-3b7c4d60c1)
Kata KSM throttling daemon
--------------------------------------------------------------------------------
Update Information:
Update to version 1.12.1
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 25 2021 Eduardo Lima (Etrunko) <etrunko(a)redhat.com> - 1.12.1-1
- Update to version 1.12.1
--------------------------------------------------------------------------------
================================================================================
kernel-5.10.19-200.fc33 (FEDORA-2021-79396b21b2)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
The 5.10.19 stable kernel update contains a number of important fixes across the
tree.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 26 2021 Justin M. Forbes <jforbes(a)fedoraproject.org> - 5.10.19-200
- Linux v5.10.19
* Thu Feb 25 2021 Justin M. Forbes <jforbes(a)fedoraproject.org>
- Some i915 fixes for 5.10 (rhbz 1925346)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1925346 - Screen glitches after updating to Kernel 5.10.10
https://bugzilla.redhat.com/show_bug.cgi?id=1925346
--------------------------------------------------------------------------------
================================================================================
libss7-2.0.0-7.fc33 (FEDORA-2021-c63ee45158)
SS7 protocol services to applications
--------------------------------------------------------------------------------
Update Information:
Work around no -Werror=stringop-truncation on EPEL7 ---- Add source file
signature verification; assorted minor packaging improvements
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 26 2021 Benjamin A. Beasley <code(a)musicinmybrain.net> - 2.0.0-7
- Work around no -Werror=stringop-truncation on EPEL7
* Tue Feb 23 2021 Benjamin A. Beasley <code(a)musicinmybrain.net> - 2.0.0-6
- Improve keyring generation instructions
- Reflow description text
- Whitespace changes according to personal preference
- Add release summary files to documentation
- Add %_hardened_build macro, which still matters on EPEL
* Sun Feb 14 2021 Benjamin A. Beasley <code(a)musicinmybrain.net> - 2.0.0-5
- Make dependency from -devel subpackage on main package arch-specific
- Use %setup macro instead of %setup0
- Remove obsolete %ldconfig_scriptlets, except for EPEL7
- Use make macros
- Do not remove the buildroot in %install
- Remove static libraries directly with find rather than calling rm
- Remove unnecessary README from -devel, since it is installed with the main
package
- Correctly use the %license macro
- Use tighter file globs; in particular, per the packaging guidelines, specify
the current so-version so that a version bump in an update will not be missed
so easily
- Switch URLs from HTTP to HTTPS
- Add source file signature verification
- Allow build to continue past string operation truncation warnings
- Remove obsolete commented-out manual symlink command
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.0.0-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
ncmpc-0.45-1.fc33 (FEDORA-2021-9f8f3b922c)
A curses client for the Music Player Daemon (MPD)
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 18 2021 FeRD (Frank Dana) <ferdnyc(a)gmail.com> - 0.45-1
- New upstream release
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.42-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1921176 - ncmpc-0.45 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1921176
--------------------------------------------------------------------------------
================================================================================
pki-core-10.10.5-1.fc33 (FEDORA-2021-7458e2d835)
Dogtag PKI Core Package
--------------------------------------------------------------------------------
Update Information:
- 389-ds fixes an information disclosure during unsuccessful LDAP BIND
operation, CVE-2020-35518 - Dogtag PKI adopted to work with 389-ds with the fix
- FreeIPA rebuilt to require new Dogtag and 389-ds versions
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 25 2021 Alexander Scheel <ascheel(a)redhat.com> - 10.10.5-1
- Update to latest stable release 10.10.5
Resolves: rh-bz#1929940
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1908653 - CVE-2020-35518 389-ds-base: information disclosure during the
binding of a DN [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1908653
--------------------------------------------------------------------------------
================================================================================
prosody-0.11.8-2.fc33 (FEDORA-2021-160a578c2e)
Flexible communications server for Jabber/XMPP
--------------------------------------------------------------------------------
Update Information:
- Added upstream patch to unbreak Lua 5.4 support (#1933063) - Added `%check`
to run some common commands (as a small testsuite)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 26 2021 Robert Scheck <robert(a)fedoraproject.org> 0.11.8-2
- Added upstream patch to unbreak Lua 5.4 support (#1933063)
- Added %check to run some common commands (as a small testsuite)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1933063 - prosody crash /usr/lib64/prosody/util/async.lua:164: bad argument
#1 to 'close'
https://bugzilla.redhat.com/show_bug.cgi?id=1933063
--------------------------------------------------------------------------------
================================================================================
prusa-slicer-2.2.0-8.fc33 (FEDORA-2021-cd2d8b6cc8)
3D printing slicer optimized for Prusa printers
--------------------------------------------------------------------------------
Update Information:
Rebuild with openvdb 8.0.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 4 2021 Miro Hron��ok <mhroncok(a)redhat.com> - 2.2.0-8
- Rebuilt for openvdb 8.0
- Fixes: rhbz#1912499
* Fri Jan 1 2021 Richard Shaw <hobbes1069(a)gmail.com> - 2.2.0-7
- Rebuild for OpenEXR 2.5.3.
* Wed Aug 26 2020 Jan Beran <jaberan(a)redhat.com> - 2.2.0-6
- Add fixes for the flatpak build:
disable perltests by default when building flatpak
don't remove Perl modules when building without perltests
* Mon Aug 24 2020 Miro Hron��ok <mhroncok(a)redhat.com> - 2.2.0-5
- Rebuilt for openvdb 7.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1933140 - prusa-slicer breaks openvdb upgrade on F32
https://bugzilla.redhat.com/show_bug.cgi?id=1933140
--------------------------------------------------------------------------------
================================================================================
psi4-1.3.2-9.fc33 (FEDORA-2021-79264a4d95)
An ab initio quantum chemistry package
--------------------------------------------------------------------------------
Update Information:
Rebuild to fix crash.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1:1.3.2-9
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Aug 26 2020 Jeff Law <law(a)redhat.com> - 1:1.3.2-8
- Do not force C++11 mode
--------------------------------------------------------------------------------
================================================================================
xrootd-5.1.0-2.fc33 (FEDORA-2021-be83633b18)
Extended ROOT file server
--------------------------------------------------------------------------------
Update Information:
XRootD 5.1.0-
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 26 2021 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 1:5.1.0-2
- Remove debug output
* Tue Feb 23 2021 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 1:5.1.0-1
- Update to version 5.1.0
- Add scitokens plugin package
- Packages xrootd-ceph and xrdcl-http are now built as part of xrootd
replacing the packages built from separate source rpms
- Drop patches (accepted upstream or previously backported)
- Fix broken library dependency in XrdCeph cmake file
- Fix format error on 32 bit architectures
* Sat Feb 13 2021 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 1:5.0.3-5
- Drop workaround for false positive warning from gcc 11
* Tue Jan 26 2021 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 1:5.0.3-4
- Workaround false positive warning from gcc 11 (Fedora 34+)
* Tue Dec 8 2020 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 1:5.0.3-3
- Fix array length calculation (gcc 11 error)
- Fix uninitialized variable error
--------------------------------------------------------------------------------