The following Fedora 32 Security updates need testing:
Age URL
32
https://bodhi.fedoraproject.org/updates/FEDORA-2020-1f643c272c libntlm-1.6-1.fc32
6
https://bodhi.fedoraproject.org/updates/FEDORA-2020-50be892d25
fossil-2.12.1-1.fc32
5
https://bodhi.fedoraproject.org/updates/FEDORA-2020-c5e78886d6
tcpdump-4.9.3-4.fc32
5
https://bodhi.fedoraproject.org/updates/FEDORA-2020-bd83344365 pam-1.3.1-29.fc32
5
https://bodhi.fedoraproject.org/updates/FEDORA-2020-331e1318dd
libslirp-4.3.1-3.fc32
4
https://bodhi.fedoraproject.org/updates/FEDORA-2020-893ee10cdf
mingw-openjpeg2-2.3.1-9.fc32 openjpeg2-2.3.1-8.fc32
2
https://bodhi.fedoraproject.org/updates/FEDORA-2020-d82261f7b1 vips-8.8.4-5.fc32
2
https://bodhi.fedoraproject.org/updates/FEDORA-2020-239503f5fa
resteasy-3.0.26-6.fc32
1
https://bodhi.fedoraproject.org/updates/FEDORA-2020-5567866bb0
spice-gtk-0.39-1.fc32
1
https://bodhi.fedoraproject.org/updates/FEDORA-2020-b90dac7fc4
matrix-synapse-1.23.0-1.fc32 python-authlib-0.14.3-1.fc32
python-canonicaljson-1.4.0-1.fc32 python-signedjson-1.1.1-3.fc32
The following Fedora 32 Critical Path updates have yet to be approved:
Age URL
152
https://bodhi.fedoraproject.org/updates/FEDORA-2020-ebbe0f7b25 cpio-2.13-6.fc32
32
https://bodhi.fedoraproject.org/updates/FEDORA-2020-e049168198
iputils-20200821-1.fc32
13
https://bodhi.fedoraproject.org/updates/FEDORA-2020-352b61ce72
linux-firmware-20201118-115.fc32
13
https://bodhi.fedoraproject.org/updates/FEDORA-2020-a8a965584d
ostree-2020.8-1.fc32
13
https://bodhi.fedoraproject.org/updates/FEDORA-2020-dd772f273f
osinfo-db-20201119-1.fc32
12
https://bodhi.fedoraproject.org/updates/FEDORA-2020-79e9f139fe
gnome-control-center-3.36.5-1.fc32
10
https://bodhi.fedoraproject.org/updates/FEDORA-2020-0b40f2b935
tpm2-tss-2.4.4-1.fc32
9
https://bodhi.fedoraproject.org/updates/FEDORA-2020-1507367f2c fwupd-1.5.2-1.fc32
6
https://bodhi.fedoraproject.org/updates/FEDORA-2020-724b5027a8 yelp-3.36.2-1.fc32
6
https://bodhi.fedoraproject.org/updates/FEDORA-2020-323dcc8d0a
libsecret-0.20.4-1.fc32
6
https://bodhi.fedoraproject.org/updates/FEDORA-2020-0f4484287f
gnome-desktop3-3.36.8-1.fc32
5
https://bodhi.fedoraproject.org/updates/FEDORA-2020-331e1318dd
libslirp-4.3.1-3.fc32
5
https://bodhi.fedoraproject.org/updates/FEDORA-2020-e49210967b dnf-4.4.2-1.fc32
libdnf-0.55.0-3.fc32 microdnf-3.5.1-1.fc32
5
https://bodhi.fedoraproject.org/updates/FEDORA-2020-9e8ad5b507 gcc-10.2.1-9.fc32
5
https://bodhi.fedoraproject.org/updates/FEDORA-2020-bd83344365 pam-1.3.1-29.fc32
4
https://bodhi.fedoraproject.org/updates/FEDORA-2020-893ee10cdf
mingw-openjpeg2-2.3.1-9.fc32 openjpeg2-2.3.1-8.fc32
2
https://bodhi.fedoraproject.org/updates/FEDORA-2020-c9a62ff093
mtools-4.0.26-1.fc32
2
https://bodhi.fedoraproject.org/updates/FEDORA-2020-50f81c1ebf
evolution-3.36.5-2.fc32
1
https://bodhi.fedoraproject.org/updates/FEDORA-2020-bd572d4a83 bolt-0.9.1-1.fc32
1
https://bodhi.fedoraproject.org/updates/FEDORA-2020-4000ad34f5
hwdata-0.342-1.fc32
1
https://bodhi.fedoraproject.org/updates/FEDORA-2020-e3cff2530e koji-1.23.0-2.fc32
The following builds have been pushed to Fedora 32 updates-testing
bdii-5.2.26-1.fc32
firefox-83.0-13.fc32
hplip-3.20.11-1.fc32
kernel-5.9.12-100.fc32
libabigail-1.8-1.fc32
libxls-1.5.3-3.fc32
mongo-c-driver-1.17.3-1.fc32
mysql-selinux-1.0.2-1.fc32
php-horde-Horde-Service-Weather-2.5.5-1.fc32
polybar-3.5.0-1.fc32
python-adext-0.3-1.fc32
python-fasjson-client-0.1.1-1.fc32
python-stdiomask-0.0.1-1.fc32
sqlite-3.34.0-1.fc32
xorg-x11-server-1.20.10-1.fc32
xorgxrdp-0.2.14-4.fc32
youtube-dl-2020.12.02-1.fc32
Details about builds:
================================================================================
bdii-5.2.26-1.fc32 (FEDORA-2020-8e09f733bd)
The Berkeley Database Information Index (BDII)
--------------------------------------------------------------------------------
Update Information:
BDII 5.2.26
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 1 2020 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 5.2.26-1
- Version 5.2.26
- Update python3 patch
- Update systemd unit files
* Mon Jul 27 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 5.2.25-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
firefox-83.0-13.fc32 (FEDORA-2020-777f43619c)
Mozilla Firefox Web browser
--------------------------------------------------------------------------------
Update Information:
- Added fix for WebRender popups (mozbz#1672139) ---- - Fixef PipeWire crashes
during screen sharing under Wayland (mzbz#1678680)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 1 2020 Martin Stransky <stransky(a)redhat.com> - 83.0-13
- Added fix for mozbz#1672139
* Tue Dec 1 2020 Martin Stransky <stransky(a)redhat.com> - 83.0-12
- More mochitest fixes
* Mon Nov 30 2020 Martin Stransky <stransky(a)redhat.com> - 83.0-11
- Mochitest tweaking
* Sat Nov 28 2020 Martin Stransky <stransky(a)redhat.com> - 83.0-10
- Added fix for mzbz#1678680
--------------------------------------------------------------------------------
================================================================================
hplip-3.20.11-1.fc32 (FEDORA-2020-e0f9dc6d17)
HP Linux Imaging and Printing Project
--------------------------------------------------------------------------------
Update Information:
1903029 - hplip-3.20.11 is available
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 2 2020 Zdenek Dohnal <zdohnal(a)redhat.com> - 3.20.11-1
- 1903029 - hplip-3.20.11 is available
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1903029 - hplip-3.20.11 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1903029
--------------------------------------------------------------------------------
================================================================================
kernel-5.9.12-100.fc32 (FEDORA-2020-fe58353a43)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
The 5.9.12 stable kernel update contains a number of important fixes across the
tree.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 2 2020 Justin M. Forbes <jforbes(a)fedoraproject.org> - 5.9.12-100
- Linux v5.9.12
--------------------------------------------------------------------------------
================================================================================
libabigail-1.8-1.fc32 (FEDORA-2020-0ac0602636)
Set of ABI analysis tools
--------------------------------------------------------------------------------
Update Information:
Update to upstream 1.8
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 1 2020 Dodji Seketeli <dodji(a)redhat.com> - 1.8-1
- Update to upstream 1.8
- Add 'make check-self-compare' to the regression testing
- Add BuildRequire 'python3-koji' for the general package build
--------------------------------------------------------------------------------
================================================================================
libxls-1.5.3-3.fc32 (FEDORA-2020-688a51575a)
Read binary Excel files from C/C++
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2020-27819
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 2 2020 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 1.5.3-3
- Fix CVE-2020-27819
* Tue Jul 28 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.5.3-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1903296 - CVE-2020-27819 libxls: NULL pointer dereference via crafted xls
file
https://bugzilla.redhat.com/show_bug.cgi?id=1903296
--------------------------------------------------------------------------------
================================================================================
mongo-c-driver-1.17.3-1.fc32 (FEDORA-2020-3d4cf680dc)
Client library written in C for MongoDB
--------------------------------------------------------------------------------
Update Information:
**libbson 1.17.3** no change ---- **mong-c-driver 1.17.3** Bug fixes: *
Do not send session ID on GSSAPI auth commands. * Fix build against zlib when
zlib is installed in non-standard location. * Fix build when source directory
path contains a space. * Fix a platform-specific bug causing
mongoc_client_pool_pop to block indefinitely if all clients are checked out. *
Fix a possible buffer overflow with hostnames resolving to IPv6 addresses on
OpenSSL.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 2 2020 Remi Collet <remi(a)remirepo.net> - 1.17.3-1
- update to 1.17.3
--------------------------------------------------------------------------------
================================================================================
mysql-selinux-1.0.2-1.fc32 (FEDORA-2020-b02abadd4a)
SELinux policy modules for MySQL and MariaDB packages
--------------------------------------------------------------------------------
Update Information:
**mysql-selinux 1.0.2** Alignment with the upstream rules Rules for
"*mariadb*" named executables added
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 2 2020 Michal Schorm <mschorm(a)redhat.com> - 1.0.2-1
- Rebase to 1.0.2 release
Added context for "*mariadb*" named executables
* Tue Dec 1 2020 Michal Schorm <mschorm(a)redhat.com> - 1.0.1-1
- Rebase to 1.0.1 release
This release is just a sync-up with upstream selinux-policy
- URL changed to a new upstream repository
* Tue Jul 28 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.0.0-10
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Service-Weather-2.5.5-1.fc32 (FEDORA-2020-89c867cb9e)
Horde Weather Provider
--------------------------------------------------------------------------------
Update Information:
**Horde_Service_Weather 2.5.5** * [mjr] Remove deprecated string index
accessor.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 2 2020 Remi Collet <remi(a)remirepo.net> - 2.5.5-1
- update to 2.5.5
- drop patch merged upstream
--------------------------------------------------------------------------------
================================================================================
polybar-3.5.0-1.fc32 (FEDORA-2020-093d025cc2)
Fast and easy-to-use status bar
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 2 2020 Artem Polishchuk <ego.cordatus(a)gmail.com> - 3.5.0-1
- build(update): 3.5.0
* Tue Jul 28 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.4.3-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Thu Jun 4 2020 Bj��rn Esser <besser82(a)fedoraproject.org> - 3.4.3-4
- Update xpp snapshot with Python 3.9 fix
* Thu Jun 4 2020 Bj��rn Esser <besser82(a)fedoraproject.org> - 3.4.3-3
- Update Python 3.9 patch with upstreamed version
* Sat May 30 2020 Bj��rn Esser <besser82(a)fedoraproject.org> - 3.4.3-2
- Rebuild (jsoncpp)
- Add a patch to fix build with Python 3.9
- Small spec file optimizations
--------------------------------------------------------------------------------
================================================================================
python-adext-0.3-1.fc32 (FEDORA-2020-6d9467eb82)
Python module to extend AlarmDecoder module
--------------------------------------------------------------------------------
Update Information:
Initial package for Fedora
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
python-fasjson-client-0.1.1-1.fc32 (FEDORA-2020-abf935acdd)
An OpenAPI client for FASJSON
--------------------------------------------------------------------------------
Update Information:
Split off subpackage for CLI.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 2 2020 Nils Philippsen <nils(a)redhat.com> - 0.1.1-1
- version 0.1.1
- provide CLI subpackages (from F-33 on)
- relax cryptography and toml version requirements to accommodate EL8
--------------------------------------------------------------------------------
================================================================================
python-stdiomask-0.0.1-1.fc32 (FEDORA-2020-8a97ce43a2)
Python module for masking passwords
--------------------------------------------------------------------------------
Update Information:
Initial package for Fedora
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
sqlite-3.34.0-1.fc32 (FEDORA-2020-5515b8b40f)
Library that implements an embeddable SQL database engine
--------------------------------------------------------------------------------
Update Information:
Rebased to version 3.34.0
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 2 2020 Ondrej Dubaj <odubaj(a)redhat.com> - 3.34.0-1
- Updated to version 3.34.0 (
https://sqlite.org/releaselog/3_34_0.html)
- Enabled fts3conf.test on s390x and ppc64 architectures
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1903231 - sqlite-3.34.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1903231
--------------------------------------------------------------------------------
================================================================================
xorg-x11-server-1.20.10-1.fc32 (FEDORA-2020-c8a7df24d4)
X.Org X11 X server
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2020-14360, CVE-2020-25712
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 2 2020 Olivier Fourdan <ofourdan(a)redhat.com> - 1.20.10-1
- xserver 1.20.10 (CVE-2020-14360, CVE-2020-25712)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1903258 - CVE-2020-14360 xorg-x11-server: Out-Of-Bounds access in XkbSetMap
function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1903258
[ 2 ] Bug #1903259 - CVE-2020-25712 xorg-x11-server: XkbSetDeviceInfo Heap-based Buffer
Overflow Privilege Escalation Vulnerability [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1903259
--------------------------------------------------------------------------------
================================================================================
xorgxrdp-0.2.14-4.fc32 (FEDORA-2020-06943cab9a)
Implementation of xrdp backend as Xorg modules
--------------------------------------------------------------------------------
Update Information:
Rebuild against Xorg 1.20.10.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 3 2020 Bojan Smojver <bojan(a)rexursive.com> - 0.2.14-4
- Rebuild against xorg-x11-server 1.20.10
--------------------------------------------------------------------------------
================================================================================
youtube-dl-2020.12.02-1.fc32 (FEDORA-2020-b4b68143c3)
A small command-line program to download online videos
--------------------------------------------------------------------------------
Update Information:
Update to version 2020.12.02
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 2 2020 David Schw��rer <davidsch(a)fedoraproject.org> - 2020.12.02-1
- Update to 2020.12.02
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1903298 - youtube-dl-2020.12.02 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1903298
--------------------------------------------------------------------------------