The following Fedora 34 Security updates need testing:
Age URL
32
https://bodhi.fedoraproject.org/updates/FEDORA-2021-ee3c072cd0
golang-1.16.4-1.fc34
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-3ffc890685
ntpsec-1.2.1-1.fc34
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-d1fc0b9d32
nettle-3.7.3-1.fc34
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-d5d263ec35 dino-0.2.1-1.fc34
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-41d4347447 xen-4.14.2-2.fc34
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-f236f9f01a isync-1.4.2-1.fc34
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-917e89c036
python-fastapi-0.65.2-1.fc34
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-54a73a7112
dogtag-pki-10.10.6-1.fc34 pki-core-10.10.6-1.fc34
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-1382b4c7f5
mosquitto-2.0.11-1.fc34
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-1e0e04958d
dotnet5.0-5.0.204-1.fc34
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-b14975e43d
mingw-python-urllib3-1.25.10-3.fc34
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-bc2a819bc5
kernel-5.12.10-300.fc34 kernel-tools-5.12.10-300.fc34
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-cb4f3ab817
dotnet3.1-3.1.116-1.fc34
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-181f29c392
mod_http2-1.15.19-1.fc34
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-25fe4291c9
mingw-openexr-2.5.5-3.fc34
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-834f900f53 iaito-5.2.2-3.fc34
radare2-5.3.1-1.fc34
The following Fedora 34 Critical Path updates have yet to be approved:
Age URL
67
https://bodhi.fedoraproject.org/updates/FEDORA-2021-1300e131b6 ddpt-0.96-4.fc34
ledmon-0.95-4.fc34 libgpod-0.8.3-38.fc34 libzfcphbaapi-2.2.0-12.fc34 lsvpd-1.7.11-6.fc34
sg3_utils-1.46-1.fc34 udisks-1.0.5-18.fc34
12
https://bodhi.fedoraproject.org/updates/FEDORA-2021-45ea175c70
osinfo-db-20210531-1.fc34
11
https://bodhi.fedoraproject.org/updates/FEDORA-2021-3d595a3c26 lorax-34.12-1.fc34
11
https://bodhi.fedoraproject.org/updates/FEDORA-2021-c71d1efd4a
mtools-4.0.29-1.fc34
11
https://bodhi.fedoraproject.org/updates/FEDORA-2021-8d2c506cee
net-snmp-5.9.1-2.fc34
10
https://bodhi.fedoraproject.org/updates/FEDORA-2021-771232f4bb
qt5-qtdeclarative-5.15.2-5.fc34
10
https://bodhi.fedoraproject.org/updates/FEDORA-2021-0bbe1b0ccf gdb-10.2-3.fc34
10
https://bodhi.fedoraproject.org/updates/FEDORA-2021-0ada4ea04f
mariadb-connector-c-3.1.13-1.fc34
9
https://bodhi.fedoraproject.org/updates/FEDORA-2021-a937a48cdd
libguestfs-1.45.6-4.fc34
9
https://bodhi.fedoraproject.org/updates/FEDORA-2021-d42c1e5851
perl-Socket-2.032-1.fc34
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-d1fc0b9d32
nettle-3.7.3-1.fc34
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-2fdd8f93d9
ModemManager-1.16.6-1.fc34 libmbim-1.24.8-1.fc34 libqmi-1.28.6-1.fc34
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-d0fbc1d426
xfce4-session-4.16.0-3.fc34
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-523ee0a81e expat-2.4.1-1.fc34
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-4b5daca395 dtc-1.6.1-1.fc34
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-bc2a819bc5
kernel-5.12.10-300.fc34 kernel-tools-5.12.10-300.fc34
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-7d0457da49 audit-3.0.2-1.fc34
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-a3ab421a63 dracut-055-2.fc34
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-e6916d6758
libxcrypt-4.4.22-2.fc34 pam-1.5.1-6.fc34
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-6ad94c9114
woff2-1.0.2-12.fc34
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-34fd70511c
redhat-rpm-config-183-1.fc34
The following builds have been pushed to Fedora 34 updates-testing
aom-3.1.1-1.fc34
azote-1.9.1-4.fc34
coq-8.13.2-1.fc34
cpufetch-0.98-1.fc34
drawing-0.8.1-1.fc34
flocq-3.4.0-5.fc34
frama-c-22.0-9.fc34
fzf-0.27.2-1.fc34
gappalib-coq-1.4.6-5.fc34
gcovr-5.0-1.fc34
gnome-chemistry-utils-0.14.17-28.fc34
gnumeric-1.12.50-1.fc34
go-avif-0.1.0-8.fc34
goffice-0.10.50-1.fc34
golang-github-gdamore-tcell-2-2.3.11-1.fc34
gstreamer1-plugins-bad-free-1.19.1-2.fc34
highway-0.12.2-1.fc34
libavif-0.9.0-2.fc34
mednafen-1.27.1-1.fc34
ocaml-menhir-20210419-1.fc34
poedit-3.0-1.fc34
python-dask-2021.6.0-1.fc34~bootstrap
python-fiona-1.8.20-1.fc34
python-fsspec-2021.6.0-1.fc34~bootstrap
rust-aom-sys-0.2.1-5.fc34
rust-cap-primitives-0.13.10-1.fc34
rust-zcomponents-0.1.1-1.fc34
seamonkey-2.53.7-5.fc34
vmaf-2.1.1-1.fc34
why3-1.3.3-8.fc34
zenon-0.8.4-23.fc34
Details about builds:
================================================================================
aom-3.1.1-1.fc34 (FEDORA-2021-1c3f7963a5)
Royalty-free next-generation video format
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2021-30473 Security fix for CVE-2021-30475 ---- Fix bug
with 100% cpu utilization on network link change (or wakeup) when websockets are
in use (well-known "github + polyfill addon and wakeup" issue), and backport
some other improvements from upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jun 13 2021 Robert-Andr�� Mauchin <zebob.m(a)gmail.com> - 3.1.1-1
- Update to 3.1.1
- Close: rhbz#1954337
- Security fix for CVE-2021-30473
- Fix: rhbz#1961375
- Fix: rhbz#1961376
- Security fix for CVE-2021-30475
- Fix: rhbz#1968017
- Fix: rhbz#1968018
* Wed Mar 10 2021 Leigh Scott <leigh123linux(a)gmail.com> - 2.0.1-5
- Rebuild for new libvmaf version
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1961375 - CVE-2021-30473 libaom: aom_image.c in libaom frees memory that is
not located on the heap
https://bugzilla.redhat.com/show_bug.cgi?id=1961375
[ 2 ] Bug #1968017 - CVE-2021-30475 libaom: Buffer overflow in aom_dsp/noise_model.c
https://bugzilla.redhat.com/show_bug.cgi?id=1968017
--------------------------------------------------------------------------------
================================================================================
azote-1.9.1-4.fc34 (FEDORA-2021-56ade68ef8)
Wallpaper and color manager for Sway, i3 and some other WMs
--------------------------------------------------------------------------------
Update Information:
depend on xrandr rather than xorg-x11-server-utils (required for f34+; OK for
f33-)
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jun 13 2021 Bob Hepple <bob.hepple(a)gmail.com> - 1.9.1-4
- depend on xrandr rather than xorg-x11-server-utils (required for f34+; OK for f33-)
* Fri Jun 4 2021 Python Maint <python-maint(a)redhat.com> - 1.9.1-3
- Rebuilt for Python 3.10
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1970228 - azote-1.9.1-2 broken dependency
https://bugzilla.redhat.com/show_bug.cgi?id=1970228
--------------------------------------------------------------------------------
================================================================================
coq-8.13.2-1.fc34 (FEDORA-2021-8b73a471c5)
Proof management system
--------------------------------------------------------------------------------
Update Information:
Changes in coq 8.13.2: - Fix crash when using `vm_compute` on an irreducible
`PArray.set` - Fix crash when loading `.vo` files containing a `vm_compute`
normalized primitive array - Fix `Ltac2.Array.init` computational complexity
Changes in ocaml-menhir 20210310: - Menhir now detects and rejects grammars
that have a cycle and grammars that exhibit hidden left recursion. A grammar
has a cycle when a nonterminal symbol `A` expands (in one or more steps) to
itself. This implies that the grammar is ambiguous. A grammar has hidden left
recursion when a nonterminal symbol `A` expands (in one step) to `B beta`, where
`B` expands (in zero or more steps) to nothing and `beta` expands (in zero or
more steps) to `A ...`. This implies that the grammar is not in the class
`LR(k)` for any value of `k`. Both of these anomalies create a shift/reduce
conflict which, if resolved in favor of reduction, leads to a nonterminating
parser. - Disallow the escape sequence `\n` in a token alias. It was allowed by
mistake. Disallowing it ensures that the `## Concrete syntax:` comments
generated as part of `.messages` files fit on a single line. - Internal changes
in the expansion of `%inline` symbols, eliminating certain useless variable
renamings that would appear in semantic actions after expansion. - Internal
changes in the code back-end, eliminating certain useless bindings of variables
to a unit value. Changes in ocaml-menhir 20210419: - Mention the demo `coq-
minicalc` in the manual. - Parsers generated with the Coq mode now have support
for non-certified basic error reporting without an additional parser. This is
supported thanks to an extension of the return type `parse_result` in the coq-
menhirlib library and thanks to the new generated helper function
`Aut.N_of_state`. See the new demo `coq-syntax-errors` and the updated manual
for more details. (Contributed by Brian Ward.) All other builds are simple
rebuilds due to the changes above.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jun 4 2021 Jerry James <loganjerry(a)gmail.com> - 8.13.2-1
- Version 8.13.2
--------------------------------------------------------------------------------
================================================================================
cpufetch-0.98-1.fc34 (FEDORA-2021-4fc114dc95)
Simple tool for determining CPU architecture
--------------------------------------------------------------------------------
Update Information:
Update to v0.98
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 14 2021 Artur Frenszek-Iwicki <fedora(a)svgames.pl> - 0.98-1
- Update to v0.98
- Use "make install" instead of copying files manually
--------------------------------------------------------------------------------
================================================================================
drawing-0.8.1-1.fc34 (FEDORA-2021-fd9f74b06f)
Drawing application for the GNOME desktop
--------------------------------------------------------------------------------
Update Information:
Update to 0.8.1
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jun 13 2021 Artem Polishchuk <ego.cordatus(a)gmail.com> - 0.8.1-1
- build(update): 0.8.1
--------------------------------------------------------------------------------
================================================================================
flocq-3.4.0-5.fc34 (FEDORA-2021-8b73a471c5)
Formalization of floating point numbers for Coq
--------------------------------------------------------------------------------
Update Information:
Changes in coq 8.13.2: - Fix crash when using `vm_compute` on an irreducible
`PArray.set` - Fix crash when loading `.vo` files containing a `vm_compute`
normalized primitive array - Fix `Ltac2.Array.init` computational complexity
Changes in ocaml-menhir 20210310: - Menhir now detects and rejects grammars
that have a cycle and grammars that exhibit hidden left recursion. A grammar
has a cycle when a nonterminal symbol `A` expands (in one or more steps) to
itself. This implies that the grammar is ambiguous. A grammar has hidden left
recursion when a nonterminal symbol `A` expands (in one step) to `B beta`, where
`B` expands (in zero or more steps) to nothing and `beta` expands (in zero or
more steps) to `A ...`. This implies that the grammar is not in the class
`LR(k)` for any value of `k`. Both of these anomalies create a shift/reduce
conflict which, if resolved in favor of reduction, leads to a nonterminating
parser. - Disallow the escape sequence `\n` in a token alias. It was allowed by
mistake. Disallowing it ensures that the `## Concrete syntax:` comments
generated as part of `.messages` files fit on a single line. - Internal changes
in the expansion of `%inline` symbols, eliminating certain useless variable
renamings that would appear in semantic actions after expansion. - Internal
changes in the code back-end, eliminating certain useless bindings of variables
to a unit value. Changes in ocaml-menhir 20210419: - Mention the demo `coq-
minicalc` in the manual. - Parsers generated with the Coq mode now have support
for non-certified basic error reporting without an additional parser. This is
supported thanks to an extension of the return type `parse_result` in the coq-
menhirlib library and thanks to the new generated helper function
`Aut.N_of_state`. See the new demo `coq-syntax-errors` and the updated manual
for more details. (Contributed by Brian Ward.) All other builds are simple
rebuilds due to the changes above.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 8 2021 Jerry James <loganjerry(a)gmail.com> - 3.4.0-5
- Rebuild for coq 8.13.2
--------------------------------------------------------------------------------
================================================================================
frama-c-22.0-9.fc34 (FEDORA-2021-8b73a471c5)
Framework for source code analysis of C software
--------------------------------------------------------------------------------
Update Information:
Changes in coq 8.13.2: - Fix crash when using `vm_compute` on an irreducible
`PArray.set` - Fix crash when loading `.vo` files containing a `vm_compute`
normalized primitive array - Fix `Ltac2.Array.init` computational complexity
Changes in ocaml-menhir 20210310: - Menhir now detects and rejects grammars
that have a cycle and grammars that exhibit hidden left recursion. A grammar
has a cycle when a nonterminal symbol `A` expands (in one or more steps) to
itself. This implies that the grammar is ambiguous. A grammar has hidden left
recursion when a nonterminal symbol `A` expands (in one step) to `B beta`, where
`B` expands (in zero or more steps) to nothing and `beta` expands (in zero or
more steps) to `A ...`. This implies that the grammar is not in the class
`LR(k)` for any value of `k`. Both of these anomalies create a shift/reduce
conflict which, if resolved in favor of reduction, leads to a nonterminating
parser. - Disallow the escape sequence `\n` in a token alias. It was allowed by
mistake. Disallowing it ensures that the `## Concrete syntax:` comments
generated as part of `.messages` files fit on a single line. - Internal changes
in the expansion of `%inline` symbols, eliminating certain useless variable
renamings that would appear in semantic actions after expansion. - Internal
changes in the code back-end, eliminating certain useless bindings of variables
to a unit value. Changes in ocaml-menhir 20210419: - Mention the demo `coq-
minicalc` in the manual. - Parsers generated with the Coq mode now have support
for non-certified basic error reporting without an additional parser. This is
supported thanks to an extension of the return type `parse_result` in the coq-
menhirlib library and thanks to the new generated helper function
`Aut.N_of_state`. See the new demo `coq-syntax-errors` and the updated manual
for more details. (Contributed by Brian Ward.) All other builds are simple
rebuilds due to the changes above.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jun 12 2021 Jerry James <loganjerry(a)gmail.com> - 22.0-9
- Rebuild for coq 8.13.2
--------------------------------------------------------------------------------
================================================================================
fzf-0.27.2-1.fc34 (FEDORA-2021-7cf54b7d1a)
A command-line fuzzy finder written in Go
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jun 12 2021 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 0.27.2-1
- Update to latest version (#1966572)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1966572 - fzf-0.27.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1966572
--------------------------------------------------------------------------------
================================================================================
gappalib-coq-1.4.6-5.fc34 (FEDORA-2021-8b73a471c5)
Coq support library for gappa
--------------------------------------------------------------------------------
Update Information:
Changes in coq 8.13.2: - Fix crash when using `vm_compute` on an irreducible
`PArray.set` - Fix crash when loading `.vo` files containing a `vm_compute`
normalized primitive array - Fix `Ltac2.Array.init` computational complexity
Changes in ocaml-menhir 20210310: - Menhir now detects and rejects grammars
that have a cycle and grammars that exhibit hidden left recursion. A grammar
has a cycle when a nonterminal symbol `A` expands (in one or more steps) to
itself. This implies that the grammar is ambiguous. A grammar has hidden left
recursion when a nonterminal symbol `A` expands (in one step) to `B beta`, where
`B` expands (in zero or more steps) to nothing and `beta` expands (in zero or
more steps) to `A ...`. This implies that the grammar is not in the class
`LR(k)` for any value of `k`. Both of these anomalies create a shift/reduce
conflict which, if resolved in favor of reduction, leads to a nonterminating
parser. - Disallow the escape sequence `\n` in a token alias. It was allowed by
mistake. Disallowing it ensures that the `## Concrete syntax:` comments
generated as part of `.messages` files fit on a single line. - Internal changes
in the expansion of `%inline` symbols, eliminating certain useless variable
renamings that would appear in semantic actions after expansion. - Internal
changes in the code back-end, eliminating certain useless bindings of variables
to a unit value. Changes in ocaml-menhir 20210419: - Mention the demo `coq-
minicalc` in the manual. - Parsers generated with the Coq mode now have support
for non-certified basic error reporting without an additional parser. This is
supported thanks to an extension of the return type `parse_result` in the coq-
menhirlib library and thanks to the new generated helper function
`Aut.N_of_state`. See the new demo `coq-syntax-errors` and the updated manual
for more details. (Contributed by Brian Ward.) All other builds are simple
rebuilds due to the changes above.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 8 2021 Jerry James <loganjerry(a)gmail.com> - 1.4.6-5
- Rebuild for coq 8.13.2
--------------------------------------------------------------------------------
================================================================================
gcovr-5.0-1.fc34 (FEDORA-2021-3fc31ef284)
A code coverage report generator using GNU gcov
--------------------------------------------------------------------------------
Update Information:
New upstream release 5.0
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jun 11 2021 Dan ��erm��k <dan.cermak(a)cgc-instruments.com> - 5.0-1
- New upstream release 5.0
- Fixes rhbz#1971113
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1971113 - gcovr-5.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1971113
--------------------------------------------------------------------------------
================================================================================
gnome-chemistry-utils-0.14.17-28.fc34 (FEDORA-2021-5494c9f0c8)
A set of chemical utilities
--------------------------------------------------------------------------------
Update Information:
Update to the latest upstream release: *
http://gnumeric.org/announcements/1.12/gnumeric-1.12.50.html
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jun 13 2021 Julian Sikorski <belegdol(a)fedoraproject.org> - 0.14.17-28
- Rebuild for gnumeric-1.12.50
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1951997 - gnumeric fails to build with Python 3.10: sys.version[0:3] returns
Python version as 3.1 instead of 3.10
https://bugzilla.redhat.com/show_bug.cgi?id=1951997
[ 2 ] Bug #1970710 - gnumeric-1.12.50 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1970710
[ 3 ] Bug #1970711 - goffice-0.10.50 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1970711
--------------------------------------------------------------------------------
================================================================================
gnumeric-1.12.50-1.fc34 (FEDORA-2021-5494c9f0c8)
Spreadsheet program for GNOME
--------------------------------------------------------------------------------
Update Information:
Update to the latest upstream release: *
http://gnumeric.org/announcements/1.12/gnumeric-1.12.50.html
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jun 13 2021 Julian Sikorski <belegdol(a)fedoraproject.org> - 1:1.12.50-1
- Update to 1.12.50
- Drop upstreamed patch
- Fix URL and Source URL
- Drop gdaif plugin
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1951997 - gnumeric fails to build with Python 3.10: sys.version[0:3] returns
Python version as 3.1 instead of 3.10
https://bugzilla.redhat.com/show_bug.cgi?id=1951997
[ 2 ] Bug #1970710 - gnumeric-1.12.50 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1970710
[ 3 ] Bug #1970711 - goffice-0.10.50 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1970711
--------------------------------------------------------------------------------
================================================================================
go-avif-0.1.0-8.fc34 (FEDORA-2021-1c3f7963a5)
AVIF (AV1 Still Image File Format) encoder for Go
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2021-30473 Security fix for CVE-2021-30475 ---- Fix bug
with 100% cpu utilization on network link change (or wakeup) when websockets are
in use (well-known "github + polyfill addon and wakeup" issue), and backport
some other improvements from upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jun 13 2021 Robert-Andr�� Mauchin <zebob.m(a)gmail.com> - 0.1.0-8
- Rebuilt for aom v3.1.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1961375 - CVE-2021-30473 libaom: aom_image.c in libaom frees memory that is
not located on the heap
https://bugzilla.redhat.com/show_bug.cgi?id=1961375
[ 2 ] Bug #1968017 - CVE-2021-30475 libaom: Buffer overflow in aom_dsp/noise_model.c
https://bugzilla.redhat.com/show_bug.cgi?id=1968017
--------------------------------------------------------------------------------
================================================================================
goffice-0.10.50-1.fc34 (FEDORA-2021-5494c9f0c8)
G Office support libraries
--------------------------------------------------------------------------------
Update Information:
Update to the latest upstream release: *
http://gnumeric.org/announcements/1.12/gnumeric-1.12.50.html
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jun 13 2021 Julian Sikorski <belegdol(a)fedoraproject.org> - 0.10.50-1
- Update to 0.10.50
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1951997 - gnumeric fails to build with Python 3.10: sys.version[0:3] returns
Python version as 3.1 instead of 3.10
https://bugzilla.redhat.com/show_bug.cgi?id=1951997
[ 2 ] Bug #1970710 - gnumeric-1.12.50 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1970710
[ 3 ] Bug #1970711 - goffice-0.10.50 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1970711
--------------------------------------------------------------------------------
================================================================================
golang-github-gdamore-tcell-2-2.3.11-1.fc34 (FEDORA-2021-e55cbece2e)
Alternate terminal package
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jun 12 2021 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 2.3.11-1
- Update to latest version (#1966473)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1966473 - golang-github-gdamore-tcell-2.3.11 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1966473
--------------------------------------------------------------------------------
================================================================================
gstreamer1-plugins-bad-free-1.19.1-2.fc34 (FEDORA-2021-1c3f7963a5)
GStreamer streaming media framework "bad" plugins
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2021-30473 Security fix for CVE-2021-30475 ---- Fix bug
with 100% cpu utilization on network link change (or wakeup) when websockets are
in use (well-known "github + polyfill addon and wakeup" issue), and backport
some other improvements from upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jun 13 2021 Robert-Andr�� Mauchin <zebob.m(a)gmail.com> - 1.19.1-2
- Rebuilt for aom v3.1.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1961375 - CVE-2021-30473 libaom: aom_image.c in libaom frees memory that is
not located on the heap
https://bugzilla.redhat.com/show_bug.cgi?id=1961375
[ 2 ] Bug #1968017 - CVE-2021-30475 libaom: Buffer overflow in aom_dsp/noise_model.c
https://bugzilla.redhat.com/show_bug.cgi?id=1968017
--------------------------------------------------------------------------------
================================================================================
highway-0.12.2-1.fc34 (FEDORA-2021-8853b1fc00)
Efficient and performance-portable SIMD
--------------------------------------------------------------------------------
Update Information:
Update to 0.12.2
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jun 13 2021 Robert-Andr�� Mauchin <zebob.m(a)gmail.com> - 0.12.2-1
- Update to 0.12.2
--------------------------------------------------------------------------------
================================================================================
libavif-0.9.0-2.fc34 (FEDORA-2021-1c3f7963a5)
Library for encoding and decoding .avif files
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2021-30473 Security fix for CVE-2021-30475 ---- Fix bug
with 100% cpu utilization on network link change (or wakeup) when websockets are
in use (well-known "github + polyfill addon and wakeup" issue), and backport
some other improvements from upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jun 13 2021 Robert-Andr�� Mauchin <zebob.m(a)gmail.com> - 0.9.0-2
- Rebuilt for aom v3.1.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1961375 - CVE-2021-30473 libaom: aom_image.c in libaom frees memory that is
not located on the heap
https://bugzilla.redhat.com/show_bug.cgi?id=1961375
[ 2 ] Bug #1968017 - CVE-2021-30475 libaom: Buffer overflow in aom_dsp/noise_model.c
https://bugzilla.redhat.com/show_bug.cgi?id=1968017
--------------------------------------------------------------------------------
================================================================================
mednafen-1.27.1-1.fc34 (FEDORA-2021-e2d4bdf543)
A multi-system emulator utilizing OpenGL and SDL
--------------------------------------------------------------------------------
Update Information:
Update to the latest upstream release: *
https://forum.fobby.net/index.php?t=rview&goto=6464
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jun 13 2021 Julian Sikorski <belegdol(a)fedoraproject.org> - 1.27.1-1
- Update to 1.27.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1971215 - mednafen-1.27.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1971215
--------------------------------------------------------------------------------
================================================================================
ocaml-menhir-20210419-1.fc34 (FEDORA-2021-8b73a471c5)
LR(1) parser generator for OCaml
--------------------------------------------------------------------------------
Update Information:
Changes in coq 8.13.2: - Fix crash when using `vm_compute` on an irreducible
`PArray.set` - Fix crash when loading `.vo` files containing a `vm_compute`
normalized primitive array - Fix `Ltac2.Array.init` computational complexity
Changes in ocaml-menhir 20210310: - Menhir now detects and rejects grammars
that have a cycle and grammars that exhibit hidden left recursion. A grammar
has a cycle when a nonterminal symbol `A` expands (in one or more steps) to
itself. This implies that the grammar is ambiguous. A grammar has hidden left
recursion when a nonterminal symbol `A` expands (in one step) to `B beta`, where
`B` expands (in zero or more steps) to nothing and `beta` expands (in zero or
more steps) to `A ...`. This implies that the grammar is not in the class
`LR(k)` for any value of `k`. Both of these anomalies create a shift/reduce
conflict which, if resolved in favor of reduction, leads to a nonterminating
parser. - Disallow the escape sequence `\n` in a token alias. It was allowed by
mistake. Disallowing it ensures that the `## Concrete syntax:` comments
generated as part of `.messages` files fit on a single line. - Internal changes
in the expansion of `%inline` symbols, eliminating certain useless variable
renamings that would appear in semantic actions after expansion. - Internal
changes in the code back-end, eliminating certain useless bindings of variables
to a unit value. Changes in ocaml-menhir 20210419: - Mention the demo `coq-
minicalc` in the manual. - Parsers generated with the Coq mode now have support
for non-certified basic error reporting without an additional parser. This is
supported thanks to an extension of the return type `parse_result` in the coq-
menhirlib library and thanks to the new generated helper function
`Aut.N_of_state`. See the new demo `coq-syntax-errors` and the updated manual
for more details. (Contributed by Brian Ward.) All other builds are simple
rebuilds due to the changes above.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 8 2021 Jerry James <loganjerry(a)gmail.com> - 20210419-1
- Version 20210419
--------------------------------------------------------------------------------
================================================================================
poedit-3.0-1.fc34 (FEDORA-2021-979faa949d)
GUI editor for GNU gettext .po files
--------------------------------------------------------------------------------
Update Information:
New upstream version 3.0
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jun 5 2021 Wolfgang St��ggl <c72578(a)yahoo.de> - 3.0-1
- New upstream version
--------------------------------------------------------------------------------
================================================================================
python-dask-2021.6.0-1.fc34~bootstrap (FEDORA-2021-f557131a01)
Parallel PyData with Task Scheduling
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jun 13 2021 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> - 2021.6.0-1
- Update to latest version (#1965698)
* Fri Jun 4 2021 Python Maint <python-maint(a)redhat.com> - 2021.5.0-2
- Rebuilt for Python 3.10
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1965698 - python-dask-2021.6.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1965698
--------------------------------------------------------------------------------
================================================================================
python-fiona-1.8.20-1.fc34 (FEDORA-2021-a958756b9d)
Fiona reads and writes spatial data files
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jun 12 2021 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 1.8.20-1
- Update to latest version (#1966356)
* Fri Jun 4 2021 Python Maint <python-maint(a)redhat.com> - 1.8.19-3
- Rebuilt for Python 3.10
* Fri May 7 2021 Sandro Mani <manisandro(a)gmail.com> - 1.8.19-2
- Rebuild (gdal)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1966356 - python-fiona-1.8.20 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1966356
--------------------------------------------------------------------------------
================================================================================
python-fsspec-2021.6.0-1.fc34~bootstrap (FEDORA-2021-3fb98eb9dd)
Specification for Pythonic file system interfaces
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jun 12 2021 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 2021.6.0-1
- Update to latest version (#1968578)
* Fri Jun 4 2021 Python Maint <python-maint(a)redhat.com> - 2021.5.0-2
- Rebuilt for Python 3.10
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1968578 - python-fsspec-2021.6.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1968578
--------------------------------------------------------------------------------
================================================================================
rust-aom-sys-0.2.1-5.fc34 (FEDORA-2021-1c3f7963a5)
FFI bindings to aom
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2021-30473 Security fix for CVE-2021-30475 ---- Fix bug
with 100% cpu utilization on network link change (or wakeup) when websockets are
in use (well-known "github + polyfill addon and wakeup" issue), and backport
some other improvements from upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jun 13 2021 Robert-Andr�� Mauchin <zebob.m(a)gmail.com> - 0.2.1-5
- Rebuilt for aom v3.1.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1961375 - CVE-2021-30473 libaom: aom_image.c in libaom frees memory that is
not located on the heap
https://bugzilla.redhat.com/show_bug.cgi?id=1961375
[ 2 ] Bug #1968017 - CVE-2021-30475 libaom: Buffer overflow in aom_dsp/noise_model.c
https://bugzilla.redhat.com/show_bug.cgi?id=1968017
--------------------------------------------------------------------------------
================================================================================
rust-cap-primitives-0.13.10-1.fc34 (FEDORA-2021-e7c408ca96)
Capability-oriented primitives
--------------------------------------------------------------------------------
Update Information:
Initial package
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1969654 - Review Request: rust-cap-primitives - Capability-oriented
primitives
https://bugzilla.redhat.com/show_bug.cgi?id=1969654
--------------------------------------------------------------------------------
================================================================================
rust-zcomponents-0.1.1-1.fc34 (FEDORA-2021-bd20b8542e)
Stupid component storage
--------------------------------------------------------------------------------
Update Information:
Initial package
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1971198 - Review Request: rust-zcomponents - ZComponents is a component
storage
https://bugzilla.redhat.com/show_bug.cgi?id=1971198
--------------------------------------------------------------------------------
================================================================================
seamonkey-2.53.7-5.fc34 (FEDORA-2021-1c3f7963a5)
Web browser, e-mail, news, IRC client, HTML editor
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2021-30473 Security fix for CVE-2021-30475 ---- Fix bug
with 100% cpu utilization on network link change (or wakeup) when websockets are
in use (well-known "github + polyfill addon and wakeup" issue), and backport
some other improvements from upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jun 13 2021 Robert-Andr�� Mauchin <zebob.m(a)gmail.com> - 2.53.7-5
- Rebuilt for aom v3.1.1
- Add patch to build against nss 3.66
* Thu May 20 2021 Dmitry Butskoy <Dmitry(a)Butskoy.name> 2.53.7-4
- move extensions' localization data into the common langpack
- fix cpu hogging on network link change when websockets are in use (mozbz#1633339)
- better support of the obsoleting javascript versioning stuff (mozbz#1702903)
- fix number formats (mozbz#1403319)
- fix build with rust >= 1.52 (mozbz#1670538)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1961375 - CVE-2021-30473 libaom: aom_image.c in libaom frees memory that is
not located on the heap
https://bugzilla.redhat.com/show_bug.cgi?id=1961375
[ 2 ] Bug #1968017 - CVE-2021-30475 libaom: Buffer overflow in aom_dsp/noise_model.c
https://bugzilla.redhat.com/show_bug.cgi?id=1968017
--------------------------------------------------------------------------------
================================================================================
vmaf-2.1.1-1.fc34 (FEDORA-2021-1c3f7963a5)
Video Multi-Method Assessment Fusion
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2021-30473 Security fix for CVE-2021-30475 ---- Fix bug
with 100% cpu utilization on network link change (or wakeup) when websockets are
in use (well-known "github + polyfill addon and wakeup" issue), and backport
some other improvements from upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 10 2021 Leigh Scott <leigh123linux(a)gmail.com> - 2.1.1-1
- Update to 2.1.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1961375 - CVE-2021-30473 libaom: aom_image.c in libaom frees memory that is
not located on the heap
https://bugzilla.redhat.com/show_bug.cgi?id=1961375
[ 2 ] Bug #1968017 - CVE-2021-30475 libaom: Buffer overflow in aom_dsp/noise_model.c
https://bugzilla.redhat.com/show_bug.cgi?id=1968017
--------------------------------------------------------------------------------
================================================================================
why3-1.3.3-8.fc34 (FEDORA-2021-8b73a471c5)
Software verification platform
--------------------------------------------------------------------------------
Update Information:
Changes in coq 8.13.2: - Fix crash when using `vm_compute` on an irreducible
`PArray.set` - Fix crash when loading `.vo` files containing a `vm_compute`
normalized primitive array - Fix `Ltac2.Array.init` computational complexity
Changes in ocaml-menhir 20210310: - Menhir now detects and rejects grammars
that have a cycle and grammars that exhibit hidden left recursion. A grammar
has a cycle when a nonterminal symbol `A` expands (in one or more steps) to
itself. This implies that the grammar is ambiguous. A grammar has hidden left
recursion when a nonterminal symbol `A` expands (in one step) to `B beta`, where
`B` expands (in zero or more steps) to nothing and `beta` expands (in zero or
more steps) to `A ...`. This implies that the grammar is not in the class
`LR(k)` for any value of `k`. Both of these anomalies create a shift/reduce
conflict which, if resolved in favor of reduction, leads to a nonterminating
parser. - Disallow the escape sequence `\n` in a token alias. It was allowed by
mistake. Disallowing it ensures that the `## Concrete syntax:` comments
generated as part of `.messages` files fit on a single line. - Internal changes
in the expansion of `%inline` symbols, eliminating certain useless variable
renamings that would appear in semantic actions after expansion. - Internal
changes in the code back-end, eliminating certain useless bindings of variables
to a unit value. Changes in ocaml-menhir 20210419: - Mention the demo `coq-
minicalc` in the manual. - Parsers generated with the Coq mode now have support
for non-certified basic error reporting without an additional parser. This is
supported thanks to an extension of the return type `parse_result` in the coq-
menhirlib library and thanks to the new generated helper function
`Aut.N_of_state`. See the new demo `coq-syntax-errors` and the updated manual
for more details. (Contributed by Brian Ward.) All other builds are simple
rebuilds due to the changes above.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 8 2021 Jerry James <loganjerry(a)gmail.com> - 1.3.3-8
- Rebuild for ocaml-menhir 20210419
--------------------------------------------------------------------------------
================================================================================
zenon-0.8.4-23.fc34 (FEDORA-2021-8b73a471c5)
Automated theorem prover for first-order classical logic
--------------------------------------------------------------------------------
Update Information:
Changes in coq 8.13.2: - Fix crash when using `vm_compute` on an irreducible
`PArray.set` - Fix crash when loading `.vo` files containing a `vm_compute`
normalized primitive array - Fix `Ltac2.Array.init` computational complexity
Changes in ocaml-menhir 20210310: - Menhir now detects and rejects grammars
that have a cycle and grammars that exhibit hidden left recursion. A grammar
has a cycle when a nonterminal symbol `A` expands (in one or more steps) to
itself. This implies that the grammar is ambiguous. A grammar has hidden left
recursion when a nonterminal symbol `A` expands (in one step) to `B beta`, where
`B` expands (in zero or more steps) to nothing and `beta` expands (in zero or
more steps) to `A ...`. This implies that the grammar is not in the class
`LR(k)` for any value of `k`. Both of these anomalies create a shift/reduce
conflict which, if resolved in favor of reduction, leads to a nonterminating
parser. - Disallow the escape sequence `\n` in a token alias. It was allowed by
mistake. Disallowing it ensures that the `## Concrete syntax:` comments
generated as part of `.messages` files fit on a single line. - Internal changes
in the expansion of `%inline` symbols, eliminating certain useless variable
renamings that would appear in semantic actions after expansion. - Internal
changes in the code back-end, eliminating certain useless bindings of variables
to a unit value. Changes in ocaml-menhir 20210419: - Mention the demo `coq-
minicalc` in the manual. - Parsers generated with the Coq mode now have support
for non-certified basic error reporting without an additional parser. This is
supported thanks to an extension of the return type `parse_result` in the coq-
menhirlib library and thanks to the new generated helper function
`Aut.N_of_state`. See the new demo `coq-syntax-errors` and the updated manual
for more details. (Contributed by Brian Ward.) All other builds are simple
rebuilds due to the changes above.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 8 2021 Jerry James <loganjerry(a)gmail.com> - 0.8.4-23
- Rebuild for coq 8.13.2
--------------------------------------------------------------------------------