The following Fedora 33 Security updates need testing:
Age URL
103
https://bodhi.fedoraproject.org/updates/FEDORA-2021-c3d587d52c shim-15.4-1
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-36e10d3f9f
varnish-6.4.0-5.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-112557d2c5
buildah-1.21.3-1.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-0c53d8738d
containernetworking-plugins-1.0.0-0.2.rc1.fc33 containers-common-1-20.fc33
crun-0.20.1-1.fc33 podman-3.2.3-1.fc33 skopeo-1.3.1-1.fc33
5
https://bodhi.fedoraproject.org/updates/FEDORA-2021-30c84b4924
chromium-91.0.4472.164-1.fc33
5
https://bodhi.fedoraproject.org/updates/FEDORA-2021-4ead17c8f6
linux-firmware-20210716-121.fc33
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-1bfb61f77c
golang-1.15.14-1.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-166e461c8d
systemd-246.15-1.fc33
0
https://bodhi.fedoraproject.org/updates/FEDORA-2021-5d21b90a30
curl-7.71.1-10.fc33
0
https://bodhi.fedoraproject.org/updates/FEDORA-2021-c9c1f6e5c7
php-pear-1.10.12-9.fc33
The following Fedora 33 Critical Path updates have yet to be approved:
Age URL
121
https://bodhi.fedoraproject.org/updates/FEDORA-2021-2961f34ccb
PackageKit-1.2.3-1.fc33
56
https://bodhi.fedoraproject.org/updates/FEDORA-2021-4797e362b3 abrt-2.14.6-1.fc33
libreport-2.15.1-1.fc33 satyr-0.37-2.fc33
13
https://bodhi.fedoraproject.org/updates/FEDORA-2021-de131565a6
ethtool-5.13-1.fc33
13
https://bodhi.fedoraproject.org/updates/FEDORA-2021-c09b022e8f dracut-055-3.fc33
13
https://bodhi.fedoraproject.org/updates/FEDORA-2021-abcaa79b71
libmodulemd-2.13.0-1.fc33
9
https://bodhi.fedoraproject.org/updates/FEDORA-2021-e57bbe4837
webkit2gtk3-2.32.2-1.fc33
9
https://bodhi.fedoraproject.org/updates/FEDORA-2021-1fe1b325f5 gjs-1.66.2-7.fc33
mozjs78-78.12.0-1.fc33
7
https://bodhi.fedoraproject.org/updates/FEDORA-2021-bcea139c5d audit-3.0.3-1.fc33
7
https://bodhi.fedoraproject.org/updates/FEDORA-2021-5e6e793ad5
libedit-3.1-38.20210714cvs.fc33
5
https://bodhi.fedoraproject.org/updates/FEDORA-2021-4ead17c8f6
linux-firmware-20210716-121.fc33
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-13f06367c7
net-snmp-5.9.1-3.fc33
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-3bdb6861cb
mtools-4.0.33-1.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-49d6a73d5b
libidn2-2.3.2-1.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-166e461c8d
systemd-246.15-1.fc33
0
https://bodhi.fedoraproject.org/updates/FEDORA-2021-8339b59d17
firefox-90.0.1-1.fc33
0
https://bodhi.fedoraproject.org/updates/FEDORA-2021-5d21b90a30
curl-7.71.1-10.fc33
The following builds have been pushed to Fedora 33 updates-testing
classpathless-compiler-1.4-1.fc33
cockpit-249-1.fc33
cockpit-machines-248-1.fc33
composer-2.1.4-1.fc33
erlang-23.3.4.5-1.fc33
gnome-shell-extension-system-monitor-applet-38-14.20210722git9a96c54.fc33
kdiskmark-2.2.1-1.fc33
libcint-4.4.3-1.fc33
mock-centos-sig-configs-0.3-1.fc33
php-justinrainbow-json-schema5-5.2.11-1.fc33
php-nikic-php-parser4-4.12.0-1.fc33
qcint-4.4.3-1.fc33
redis-6.0.15-1.fc33
rubygem-sync-0.5.0-1.fc33
wine-6.13-1.fc33
Details about builds:
================================================================================
classpathless-compiler-1.4-1.fc33 (FEDORA-2021-30590b552a)
Tool for recompiling java sources with customizable class providers
--------------------------------------------------------------------------------
Update Information:
Update to upstream version 1.4 ---- Initial release
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1977799 - Review Request: classpathless-compiler - Tool for recompiling java
sources with customizable class providers
https://bugzilla.redhat.com/show_bug.cgi?id=1977799
--------------------------------------------------------------------------------
================================================================================
cockpit-249-1.fc33 (FEDORA-2021-86b86a55df)
Web Console for Linux servers
--------------------------------------------------------------------------------
Update Information:
https://bugzilla.redhat.com/show_bug.cgi?id=1983077
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 21 2021 Matej Marusak <mmarusak(a)redhat.com> - 249-1
- storage: Content table improvements
- common: Add Content-Type for wasm
- all: Port away from Moment.js
--------------------------------------------------------------------------------
================================================================================
cockpit-machines-248-1.fc33 (FEDORA-2021-7321c2fa3a)
Cockpit user interface for virtual machines
--------------------------------------------------------------------------------
Update Information:
New upstream release 248
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 21 2021 Matej Marusak <mmarusak(a)redhat.com> - 248-1
- Some nice bug fixes
--------------------------------------------------------------------------------
================================================================================
composer-2.1.4-1.fc33 (FEDORA-2021-93b7d68d44)
Dependency Manager for PHP
--------------------------------------------------------------------------------
Update Information:
**Version 2.1.4** - 2021-07-22 * Fixed PHP 8.1 deprecation warnings (#10008)
* Fixed support for working within UNC/WSL paths on Windows (#9993) * Fixed
7-zip support to also be looked up on Linux/macOS as 7z or 7zz (#9951) * Fixed
repositories' `only`/`exclude` properties to avoid matching names as sub-strings
of full package names (#10001) * Fixed open_basedir regression from #9855 *
Fixed schema errors being reported incorrectly in some conditions (#9986) *
Fixed `archive` command not working with async archive extraction * Fixed
`init` command being able to generate an invalid composer.json (#9986)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 22 2021 Remi Collet <remi(a)remirepo.net> - 2.1.4-1
- update to 2.1.4
- raise dependency on justinrainbow/json-schema 5.2.11
--------------------------------------------------------------------------------
================================================================================
erlang-23.3.4.5-1.fc33 (FEDORA-2021-d9113e5a15)
General-purpose programming language and runtime environment
--------------------------------------------------------------------------------
Update Information:
Erlang ver. 23.3.4.5
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 22 2021 Peter Lemenkov <lemenkov(a)gmail.com> - 23.3.4.5-1
- Ver. 23.3.4.5
--------------------------------------------------------------------------------
================================================================================
gnome-shell-extension-system-monitor-applet-38-14.20210722git9a96c54.fc33
(FEDORA-2021-e126f25e0c)
A Gnome shell system monitor extension
--------------------------------------------------------------------------------
Update Information:
Updated to last upstream commits
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 22 2021 Nicolas Vi��ville <nicolas.vieville(a)uphf.fr> -
1:38-14.20210722git9a96c54
- Updated to last upstream commits
- Added GPU stats for AMDGPU
- Added support for displaying GPU memory in the chart
- Add support for display scale factor
- Small fixes to thermal monitoring
- Added support for gnome-shell 40 - Removed Fedora patches (applied upstream)
- Remove clutter dependency on GNOME 40
- Improve graph settings and rendering
* Thu Jul 22 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
1:38-13.20210507gitbc38ccf
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
kdiskmark-2.2.1-1.fc33 (FEDORA-2021-575b301389)
Simple open-source disk benchmark tool for Linux distros
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 22 2021 Artem Polishchuk <ego.cordatus(a)gmail.com> - 2.2.1-1
- build(update): 2.2.1
* Thu Jul 22 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.2.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
libcint-4.4.3-1.fc33 (FEDORA-2021-c1afcd0496)
General Gaussian-type orbitals integrals for quantum chemistry
--------------------------------------------------------------------------------
Update Information:
Update to 4.4.3, solving a long-standing divide-by-zero error which led to
incorrect results in some cases.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 22 2021 Susi Lehtola <jussilehtola(a)fedoraproject.org> - 4.4.3-1
- Update to 4.4.3.
* Thu Jul 22 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.4.2-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1949331 - qcint-4.4.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1949331
[ 2 ] Bug #1950216 - libcint-4.4.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1950216
--------------------------------------------------------------------------------
================================================================================
mock-centos-sig-configs-0.3-1.fc33 (FEDORA-2021-40562d311d)
Mock configs for CentOS SIGs
--------------------------------------------------------------------------------
Update Information:
Update to 0.3
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 21 2021 Davide Cavalca <dcavalca(a)fedoraproject.org> - 0.3-1
- Update to 0.3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1984700 - mock-centos-sig-configs-0.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1984700
--------------------------------------------------------------------------------
================================================================================
php-justinrainbow-json-schema5-5.2.11-1.fc33 (FEDORA-2021-557d302bd2)
A library to validate a json schema
--------------------------------------------------------------------------------
Update Information:
**Version 5.211** * Backports PHP 8.1 support
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 22 2021 Remi Collet <remi(a)remirepo.net> - 5.2.11-1
- update to 5.2.11
--------------------------------------------------------------------------------
================================================================================
php-nikic-php-parser4-4.12.0-1.fc33 (FEDORA-2021-f619bf84e6)
A PHP parser written in PHP - version 4
--------------------------------------------------------------------------------
Update Information:
**Version 4.12.0** (2021-07-21) Added * [PHP 8.1] Added support for readonly
properties (through a new `MODIFIER_READONLY`). * [PHP 8.1] Added support for
final class constants. Fixed * Fixed compatibility with PHP 8.1. `&` tokens
are now canonicalized to the `T_AMPERSAND_FOLLOWED_BY_VAR_OR_VARARG` and
`T_AMPERSAND_NOT_FOLLOWED_BY_VAR_OR_VARARG` tokens used in PHP 8.1. This
happens unconditionally, regardless of whether the emulative lexer is used.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 21 2021 Remi Collet <remi(a)remirepo.net> - 4.12.0-1
- update to 4.12.0
--------------------------------------------------------------------------------
================================================================================
qcint-4.4.3-1.fc33 (FEDORA-2021-c1afcd0496)
An optimized libcint branch for X86 platform with SSE3 intrinsics
--------------------------------------------------------------------------------
Update Information:
Update to 4.4.3, solving a long-standing divide-by-zero error which led to
incorrect results in some cases.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 22 2021 Susi Lehtola <jussilehtola(a)fedoraproject.org> - 4.4.3-1
- Update to 4.4.3.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1949331 - qcint-4.4.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1949331
[ 2 ] Bug #1950216 - libcint-4.4.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1950216
--------------------------------------------------------------------------------
================================================================================
redis-6.0.15-1.fc33 (FEDORA-2021-76cf1653b3)
A persistent key-value database
--------------------------------------------------------------------------------
Update Information:
** Redis 6.0.15** - Released Wed Jul 21 16:32:19 IDT 2021 Upgrade urgency:
SECURITY, contains fixes to security issues that affect authenticated client
connections on 32-bit versions. MODERATE otherwise. Fix integer overflow in
BITFIELD on 32-bit versions (**CVE-2021-32761**). An integer overflow bug in
Redis version 2.2 or newer can be exploited using the BITFIELD command to
corrupt the heap and potentially result with remote code execution. Bug fixes
that involve behavior changes: * Change reply type for ZPOPMAX/MIN with
count in RESP3 to nested array (#8981). Was using a flat array like in RESP2
instead of a nested array like ZRANGE does. Bug fixes: * Fail EXEC command
in case a watched key is expired (#9194) * Fix SMOVE not to invalidate dest
key (WATCH and tracking) when member already exists (#9244) * Fix SINTERSTORE
not to delete dest key when getting a wrong type error (#9032) * Fix
overflows on 32-bit versions in GETBIT, SETBIT, BITCOUNT, BITPOS, and BITFIELD
(#9191) * Set TCP keepalive on inbound cluster bus connections (#9230) *
Fix ziplist length updates on big-endian platforms (#2080) * Fix diskless
replica loading to recover from RDB short read on module AUX data (#9199) *
Fix race in client side tracking (#9116) * If diskless repl child is killed,
make sure to reap the child pid (#7742) * Add a timeout mechanism for
replicas stuck in fullsync (#8762) CLI tools: * redis-cli cluster import
support source and target that require auth (#7994) * redis-cli cluster
import command may issue wrong MIGRATE command, sending COPY instead of REPLACE
(#8945) * redis-cli support for RESP3 set type in CSV and RAW output (#7338)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 22 2021 Remi Collet <remi(a)remirepo.net> - 6.0.15-1
- Upstream 6.0.15 release
- Fix CVE-2021-32761: 32-bit systems BITFIELD command integer overflow.
--------------------------------------------------------------------------------
================================================================================
rubygem-sync-0.5.0-1.fc33 (FEDORA-2021-226fc3740f)
A module that provides a two-phase lock with a counter
--------------------------------------------------------------------------------
Update Information:
This package was part of the standard ruby interpreter until Ruby 2.7. Since
then packages depending on it have crashed on importing the sync module. For
example, rubygem-tins.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1969253 - term_display and term_mandel: cannot load such file -- sync
(LoadError)
https://bugzilla.redhat.com/show_bug.cgi?id=1969253
[ 2 ] Bug #1969567 - require "tins" failure: cannot load such file -- sync
https://bugzilla.redhat.com/show_bug.cgi?id=1969567
--------------------------------------------------------------------------------
================================================================================
wine-6.13-1.fc33 (FEDORA-2021-8c92985566)
A compatibility layer for windows applications
--------------------------------------------------------------------------------
Update Information:
- Proper scrollbar theming. - More work towards WinSock PE conversion. -
Preparation work for the GDI syscall interface. - Some progress on the
IPHLPAPI PE conversion. - Various bug fixes.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1982937 - wine breaks
battle.net
https://bugzilla.redhat.com/show_bug.cgi?id=1982937
[ 2 ] Bug #1984190 - wine-6.13 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1984190
--------------------------------------------------------------------------------