The following Fedora 33 Security updates need testing:
Age URL
151
https://bodhi.fedoraproject.org/updates/FEDORA-2021-c3d587d52c shim-15.4-1
11
https://bodhi.fedoraproject.org/updates/FEDORA-2021-372114906d
squashfs-tools-4.5-2.fc33
9
https://bodhi.fedoraproject.org/updates/FEDORA-2021-974adcb4a6
openssl-1.1.1l-1.fc33
8
https://bodhi.fedoraproject.org/updates/FEDORA-2021-232161e4d5 lynx-2.8.9-13.fc33
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-78b9d84299
chromium-93.0.4577.63-1.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-4a43cbe0b4
vim-8.2.3404-1.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-38b51d9fd3
golang-1.15.15-1.fc33
The following Fedora 33 Critical Path updates have yet to be approved:
Age URL
170
https://bodhi.fedoraproject.org/updates/FEDORA-2021-2961f34ccb
PackageKit-1.2.3-1.fc33
105
https://bodhi.fedoraproject.org/updates/FEDORA-2021-4797e362b3 abrt-2.14.6-1.fc33
libreport-2.15.1-1.fc33 satyr-0.37-2.fc33
21
https://bodhi.fedoraproject.org/updates/FEDORA-2021-4ccf3840ed
gnome-shell-3.38.6-1.fc33 mutter-3.38.6-1.fc33
13
https://bodhi.fedoraproject.org/updates/FEDORA-2021-28fca597fb
pango-1.48.4-2.fc33
13
https://bodhi.fedoraproject.org/updates/FEDORA-2021-4d40916a30 koji-1.26.0-1.fc33
11
https://bodhi.fedoraproject.org/updates/FEDORA-2021-372114906d
squashfs-tools-4.5-2.fc33
9
https://bodhi.fedoraproject.org/updates/FEDORA-2021-974adcb4a6
openssl-1.1.1l-1.fc33
8
https://bodhi.fedoraproject.org/updates/FEDORA-2021-dac2bec579
cracklib-2.9.6-27.fc33
7
https://bodhi.fedoraproject.org/updates/FEDORA-2021-f135b880d1
gnome-software-3.38.2-3.fc33
7
https://bodhi.fedoraproject.org/updates/FEDORA-2021-5326e30d64
hwdata-0.351-1.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-9958e15ab2
perl-Digest-1.20-1.fc33
The following builds have been pushed to Fedora 33 updates-testing
acme-tiny-4.1.1-2.fc33
cockpit-252-1.fc33
dnsviz-0.9.3-1.fc33
duperemove-0.11.3-1.fc33
fuse-overlayfs-1.7.1-2.fc33
gnome-shell-extension-mediacontrols-14-1.fc33
haproxy-2.2.17-1.fc33
icecat-78.14.0-1.rh1.fc33
kernel-5.13.15-100.fc33
knot-3.1.2-1.fc33
ntfs-3g-2021.8.22-2.fc33
osbuild-36-1.fc33
php-laminas-validator-2.14.6-1.fc33
seadrive-daemon-2.0.16-1.fc33
seadrive-gui-2.0.16-1.fc33
singularity-3.8.3-1.fc33
stb-0-0.4.20210908gitc0c9826.fc33
thunderbird-91.1.0-1.fc33
urw-base35-fonts-20200910-6.fc33
wordpress-5.8.1-1.fc33
xen-4.14.2-4.fc33
Details about builds:
================================================================================
acme-tiny-4.1.1-2.fc33 (FEDORA-2021-7f0650e005)
Tiny auditable script to issue, renew Let's Encrypt certificates
--------------------------------------------------------------------------------
Update Information:
New upstream release. Add configuration in /etc/sysconfig/acme-tiny for days
before expiration to renew.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 8 2021 Stuart D. Gathman <stuart(a)gathman.org> 4.1.1-2
- Remove CLI override in acme-tiny.service (uses /etc/sysconfig/acme-tiny now)
* Tue Sep 7 2021 Stuart D. Gathman <stuart(a)gathman.org> 4.1.1-1
- New upstream release
- Set days before expiration in /etc/sysconfig
* Wed Jul 21 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.1.0-8
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1996364 - acme-tiny-4.1.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1996364
--------------------------------------------------------------------------------
================================================================================
cockpit-252-1.fc33 (FEDORA-2021-1e4687976e)
Web Console for Linux servers
--------------------------------------------------------------------------------
Update Information:
- Webserver: Drop remotectl utility - Shell: Show package version in ���About web
console��� modal - Storage: Encryption is presented as a property of a Filesystem
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 1 2021 Simon Kobyda <skobyda(a)redhat.com> - 252-1
- Webserver: Drop remotectl utility
- Shell: Show package version in ���About web console��� modal
- Storage: Encryption is presented as a property of a Filesystem
--------------------------------------------------------------------------------
================================================================================
dnsviz-0.9.3-1.fc33 (FEDORA-2021-332ba102b5)
Tools for analyzing and visualizing DNS and DNSSEC behavior
--------------------------------------------------------------------------------
Update Information:
initial package build
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1497482 - Review Request: dnsviz - Tools for analyzing and visualizing DNS
and DNSSEC behavior
https://bugzilla.redhat.com/show_bug.cgi?id=1497482
--------------------------------------------------------------------------------
================================================================================
duperemove-0.11.3-1.fc33 (FEDORA-2021-8162c3eb2e)
Tools for deduping file systems
--------------------------------------------------------------------------------
Update Information:
Fix various small bugs
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 8 2021 Jonathan Dieter <jdieter(a)gmail.com> - 0.11.3-1
- Update to 0.11.3 with bug fixes
- Remove patch to use system xxhash since upstream does that by default now
* Wed Jul 21 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.11.1-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.11.1-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
fuse-overlayfs-1.7.1-2.fc33 (FEDORA-2021-d74a3c94cb)
FUSE overlay+shiftfs implementation for rootless containers
--------------------------------------------------------------------------------
Update Information:
use correct source tarball, fix autobuild macros
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 9 2021 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 1.7.1-2
- use correct source tarball, fix autobuild macros
* Tue Aug 10 2021 RH Container Bot <rhcontainerbot(a)fedoraproject.org> - 1.7.1-1
- autobuilt v1.7.1
* Tue Aug 3 2021 RH Container Bot <rhcontainerbot(a)fedoraproject.org> - 1.7-1
- autobuilt v1.7
--------------------------------------------------------------------------------
================================================================================
gnome-shell-extension-mediacontrols-14-1.fc33 (FEDORA-2021-0d731bc3b0)
Show controls for the current playing media in the panel
--------------------------------------------------------------------------------
Update Information:
Initial package.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1999181 - Review Request: gnome-shell-extension-mediacontrols - Show controls
for the current playing media in the panel
https://bugzilla.redhat.com/show_bug.cgi?id=1999181
--------------------------------------------------------------------------------
================================================================================
haproxy-2.2.17-1.fc33 (FEDORA-2021-cd5ee418f6)
HAProxy reverse proxy for high availability environments
--------------------------------------------------------------------------------
Update Information:
Update to 2.2.17
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 9 2021 Ryan O'Hara <rohara(a)redhat.com> - 2.2.17-1
- Update to 2.2.17
- Fix request smuggling attack or response splitting (CVE-2021-40346, #2002411)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2002411 - CVE-2021-40346 haproxy: request smuggling attack or response
splitting via duplicate content-length header [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2002411
--------------------------------------------------------------------------------
================================================================================
icecat-78.14.0-1.rh1.fc33 (FEDORA-2021-3402da502f)
GNU version of Firefox browser
--------------------------------------------------------------------------------
Update Information:
- Release 78.14.0
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 7 2021 Antonio Trande <sagitter(a)fedoraproject.org> - 78.14.0-1.rh1
- Release 78.14.0
--------------------------------------------------------------------------------
================================================================================
kernel-5.13.15-100.fc33 (FEDORA-2021-60f1d2eba1)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
The 5.13.15 stable kernel update contains a number of important fixes across the
tree.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 8 2021 Justin M. Forbes <jforbes(a)fedoraproject.org> [5.13.15-100]
- kernel-5.13.15-0 (Justin M. Forbes)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2001951 - CVE-2021-40490 kernel: race condition was discovered in
ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem
https://bugzilla.redhat.com/show_bug.cgi?id=2001951
--------------------------------------------------------------------------------
================================================================================
knot-3.1.2-1.fc33 (FEDORA-2021-623f3814a4)
High-performance authoritative DNS server
--------------------------------------------------------------------------------
Update Information:
Update to upstream 3.1.2
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 9 2021 Jakub Ru��i��ka <jakub.ruzicka(a)nic.cz> - 3.1.2-1
- Update to 3.1.2
--------------------------------------------------------------------------------
================================================================================
ntfs-3g-2021.8.22-2.fc33 (FEDORA-2021-e7c8ba6301)
Linux NTFS userspace driver
--------------------------------------------------------------------------------
Update Information:
Fix issue with incorrect obsoletes.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 8 2021 Tom Callaway <spot(a)fedoraproject.org> - 2:2021.8.22-2
- remove incorrect obsoletes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2001755 - Cannot install ntfs-3g on Fedora 34: ntfs-3g-libs is already
installed
https://bugzilla.redhat.com/show_bug.cgi?id=2001755
--------------------------------------------------------------------------------
================================================================================
osbuild-36-1.fc33 (FEDORA-2021-abe17c5764)
A build system for OS images
--------------------------------------------------------------------------------
Update Information:
Update osbuild to the latest version
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 8 2021 Packit Service <user-cont-team+packit-service(a)redhat.com> - 36-1
- 36 (Diaa Sami)
- Add a new stage `org.osbuild.tmpfilesd` for configuring tmpfiles.d (Tomas Hozza)
- Add a new stage for configuring SELinux state on the system (Tomas Hozza)
- Add a new `org.osbuild.dnf.config` stage for configuring DNF (Tomas Hozza)
- Add new `org.osbuild.tuned` stage for setting active TuneD profile (Tomas Hozza)
- util/rhsm: Check if repositories is None before iterating (Sanne Raymaekers)
- stages/kickstart: set passwords with --iscrypted (Achilleas Koutsou)
* Sun Aug 29 2021 Packit Service <user-cont-team+packit-service(a)redhat.com> - 35-1
- 35 (Tom Gundersen)
- stages/kickstart: quote ssh-key (Christian Kellner)
--------------------------------------------------------------------------------
================================================================================
php-laminas-validator-2.14.6-1.fc33 (FEDORA-2021-287b362c67)
Laminas Framework Validator component
--------------------------------------------------------------------------------
Update Information:
**Version 2.14.6** Bug * 106: Fix regression in RoyalMail barcode
validation due to type mismatch in checksum verification thanks to @remicollet
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 9 2021 Remi Collet <remi(a)remirepo.net> - 2.14.6-1
- update to 2.14.6
--------------------------------------------------------------------------------
================================================================================
seadrive-daemon-2.0.16-1.fc33 (FEDORA-2021-519cffdc9b)
Daemon part of Seafile Drive client
--------------------------------------------------------------------------------
Update Information:
Update to 2.0.16
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 8 2021 Aleksei Bavshin <alebastr(a)fedoraproject.org> - 2.0.16-1
- Update to 2.0.16
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2002164 - seadrive-daemon-2.0.16 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2002164
--------------------------------------------------------------------------------
================================================================================
seadrive-gui-2.0.16-1.fc33 (FEDORA-2021-519cffdc9b)
GUI part of Seafile Drive client
--------------------------------------------------------------------------------
Update Information:
Update to 2.0.16
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 8 2021 Aleksei Bavshin <alebastr(a)fedoraproject.org> - 2.0.16-1
- Update to 2.0.16
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2002164 - seadrive-daemon-2.0.16 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2002164
--------------------------------------------------------------------------------
================================================================================
singularity-3.8.3-1.fc33 (FEDORA-2021-cd5e7d6e4d)
Application and environment virtualization
--------------------------------------------------------------------------------
Update Information:
Upgrade to upstream 3.8.3 ---- Upgrade to upstream 3.8.2
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 8 2021 Dave Dykstra <dwd(a)fedoraproject.org> - 3.8.3-1
- Upgrade to upstream 3.8.3
* Wed Sep 1 2021 Dave Dykstra <dwd(a)fedoraproject.org> - 3.8.2-1
- Upgrade to upstream 3.8.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2000194 - singularity-3.8.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2000194
[ 2 ] Bug #2002195 - singularity-3.8.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2002195
--------------------------------------------------------------------------------
================================================================================
stb-0-0.4.20210908gitc0c9826.fc33 (FEDORA-2021-7251e0ffa8)
Single-file public domain libraries for C/C++
--------------------------------------------------------------------------------
Update Information:
Update to upstream commit c0c9826 ��� Remove stb_perlin-devel subpackage, which
may be patent-encumbered ��� Update stb_truetype-devel to 1.26 (fix broken
rasterizer) ��� Bug fixes in stb_image (fix compiling with NO_HDR NO_LINEAR,
reject fractional JPEG component subsampling ratios)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 9 2021 Benjamin A. Beasley <code(a)musicinmybrain.net> 0-0.4
- Update to c0c9826 (fix RHBZ#2002436)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2002436 - The stb_perlin library may be patent-encumbered
https://bugzilla.redhat.com/show_bug.cgi?id=2002436
--------------------------------------------------------------------------------
================================================================================
thunderbird-91.1.0-1.fc33 (FEDORA-2021-7a74c98205)
Mozilla Thunderbird mail/newsgroup client
--------------------------------------------------------------------------------
Update Information:
Fixing the issue with langpacks. ---- Update to latest upstream version,
fixing langpacks issues. ---- Update to latest upstream version.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 7 2021 Jan Horak <jhorak(a)redhat.com> - 91.1.0-1
- Update to 91.1.0 build2
* Thu Aug 26 2021 Jan Horak <jhorak(a)redhat.com> - 91.0.3-2
- Update to 91.0.3 build1
* Mon Aug 23 2021 Jan Horak <jhorak(a)redhat.com> - 91.0.2-1
- Update to 91.0.2 build1
* Mon Aug 16 2021 Jan Horak <jhorak(a)redhat.com> - 91.0-1
- Update to 91.0 build1
* Fri Jul 23 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 78.12.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Wed Jul 21 2021 Jan Horak <jhorak(a)redhat.com> - 78.12.0-1
- Update to 78.12.0 build2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1997774 - thunderbird-91.0.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1997774
[ 2 ] Bug #1998665 - Impossible to install any new addons and enable existing one.
https://bugzilla.redhat.com/show_bug.cgi?id=1998665
--------------------------------------------------------------------------------
================================================================================
urw-base35-fonts-20200910-6.fc33 (FEDORA-2021-bf3a8ed729)
Core Font Set containing 35 freely distributable fonts from (URW)++
--------------------------------------------------------------------------------
Update Information:
Added GPL2.0+ license into tag (old legacy fonts), removed old
obsoletes/provides
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 8 2021 Richard Lescak <rlescak(a)redhat.com> 20200910-6
- Added GPL2.0+ license into tag (old legacy fonts), removed old obsoletes/provides from
macro
--------------------------------------------------------------------------------
================================================================================
wordpress-5.8.1-1.fc33 (FEDORA-2021-f53d1bbf50)
Blog tool and publishing platform
--------------------------------------------------------------------------------
Update Information:
Upstream annoucement: [WordPress 5.8.1 Security and Maintenance
Release](https://wordpress.org/news/2021/09/wordpress-5-8-1-security-and-
maintenance-release/)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 9 2021 Remi Collet <remi(a)remirepo.net> - 5.8.1-1
- WordPress 5.8.1 Security and Maintenance Release
--------------------------------------------------------------------------------
================================================================================
xen-4.14.2-4.fc33 (FEDORA-2021-fed53cbc7d)
Xen is a virtual machine monitor
--------------------------------------------------------------------------------
Update Information:
Another race in XENMAPSPACE_grant_table handling [XSA-384, CVE-2021-28701]
bugfix for XSA-380
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 8 2021 Michael Young <m.a.young(a)durham.ac.uk> - 4.14.2-4
- Another race in XENMAPSPACE_grant_table handling [XSA-384, CVE-2021-28701]
- bugfix for XSA-380
- stop editing grub files in /boot/efi/EFI/fedora on Fedora 34
--------------------------------------------------------------------------------