The following Fedora 30 Security updates need testing:
Age URL
10
https://bodhi.fedoraproject.org/updates/FEDORA-2020-2b53cff132
thunderbird-68.7.0-1.fc30
10
https://bodhi.fedoraproject.org/updates/FEDORA-2020-0c71c00af4
libxml2-2.9.10-3.fc30
6
https://bodhi.fedoraproject.org/updates/FEDORA-2020-28e06b5f08
rubygem-rake-12.3.3-200.fc30
6
https://bodhi.fedoraproject.org/updates/FEDORA-2020-1b6ce91e37
ansible-2.9.7-1.fc30
6
https://bodhi.fedoraproject.org/updates/FEDORA-2020-3eaf264c4b
gnuchess-6.2.6-1.fc30
3
https://bodhi.fedoraproject.org/updates/FEDORA-2020-4e093619bb git-2.21.3-1.fc30
3
https://bodhi.fedoraproject.org/updates/FEDORA-2020-fd8761fd13
php-horde-horde-5.2.22-1.fc30
3
https://bodhi.fedoraproject.org/updates/FEDORA-2020-5a4da65166 cups-2.2.12-8.fc30
3
https://bodhi.fedoraproject.org/updates/FEDORA-2020-827b677e15
python-bleach-3.1.4-2.fc30
3
https://bodhi.fedoraproject.org/updates/FEDORA-2020-1e85425a52
sqliteodbc-0.9996-4.fc30
0
https://bodhi.fedoraproject.org/updates/FEDORA-2020-c9eb911737
pxz-4.999.9-19.beta.20200421git.fc30
0
https://bodhi.fedoraproject.org/updates/FEDORA-2020-da2d1ef2d7
openssl-1.1.1g-1.fc30
0
https://bodhi.fedoraproject.org/updates/FEDORA-2020-d171bf636d
rubygem-json-2.2.0-202.fc30
0
https://bodhi.fedoraproject.org/updates/FEDORA-2020-0e7f1b663b
chromium-81.0.4044.122-1.fc30
0
https://bodhi.fedoraproject.org/updates/FEDORA-2020-969414e05b
openvpn-2.4.9-1.fc30
The following Fedora 30 Critical Path updates have yet to be approved:
Age URL
290
https://bodhi.fedoraproject.org/updates/FEDORA-2019-c05e4425d1
dash-0.5.10.2-3.fc30
12
https://bodhi.fedoraproject.org/updates/FEDORA-2020-767953662f
json-c-0.13.1-11.fc30
10
https://bodhi.fedoraproject.org/updates/FEDORA-2020-b3aa343948
libtirpc-1.2.6-0.fc30
10
https://bodhi.fedoraproject.org/updates/FEDORA-2020-0c71c00af4
libxml2-2.9.10-3.fc30
10
https://bodhi.fedoraproject.org/updates/FEDORA-2020-2b53cff132
thunderbird-68.7.0-1.fc30
10
https://bodhi.fedoraproject.org/updates/FEDORA-2020-a7509f2334
nfs-utils-2.4.3-1.rc1.fc30
8
https://bodhi.fedoraproject.org/updates/FEDORA-2020-1208e2a2b8 vim-8.2.587-1.fc30
3
https://bodhi.fedoraproject.org/updates/FEDORA-2020-44d12740d8 ceph-14.2.9-1.fc30
3
https://bodhi.fedoraproject.org/updates/FEDORA-2020-5a4da65166 cups-2.2.12-8.fc30
3
https://bodhi.fedoraproject.org/updates/FEDORA-2020-fd4d0014e1
python2-2.7.18-1.fc30 python2-docs-2.7.18-1.fc30
3
https://bodhi.fedoraproject.org/updates/FEDORA-2020-c1dd22ce63 koji-1.21.0-1.fc30
3
https://bodhi.fedoraproject.org/updates/FEDORA-2020-9b3da9c8e7
linux-firmware-20200421-107.fc30
3
https://bodhi.fedoraproject.org/updates/FEDORA-2020-4e093619bb git-2.21.3-1.fc30
0
https://bodhi.fedoraproject.org/updates/FEDORA-2020-0f078e7280
pyproject-rpm-macros-0-14.fc30 python-pip-19.0.3-7.fc30
0
https://bodhi.fedoraproject.org/updates/FEDORA-2020-a615847091
cairo-1.16.0-6.fc30
0
https://bodhi.fedoraproject.org/updates/FEDORA-2020-06b6a23d9c
gnome-software-3.32.4-9.fc30
0
https://bodhi.fedoraproject.org/updates/FEDORA-2020-da2d1ef2d7
openssl-1.1.1g-1.fc30
0
https://bodhi.fedoraproject.org/updates/FEDORA-2020-184ff81bcd
glusterfs-6.9-1.fc30
The following builds have been pushed to Fedora 30 updates-testing
gala-3.3.1-1.fc30
golang-github-tdewolff-minify-2.7.4-1.fc30
kernel-5.6.7-100.fc30
kernel-headers-5.6.7-100.fc30
kernel-tools-5.6.7-100.fc30
libxcrypt-4.4.16-3.fc30
python-molecule-3.0.2-6.fc30
python-ruffus-2.8.4-1.fc30
root-6.20.04-2.fc30
switchboard-plug-pantheon-shell-2.8.4-1.fc30
webkit2gtk3-2.28.2-1.fc30
xen-4.11.4-1.fc30
Details about builds:
================================================================================
gala-3.3.1-1.fc30 (FEDORA-2020-c2b54d5330)
Gala window manager
--------------------------------------------------------------------------------
Update Information:
Update to version 3.3.1. Release notes:
https://github.com/elementary/gala/releases/tag/3.3.1
--------------------------------------------------------------------------------
ChangeLog:
* Sat Apr 25 2020 Fabio Valentini <decathorpe(a)gmail.com> - 3.3.1-1
- Update to version 3.3.1.
--------------------------------------------------------------------------------
================================================================================
golang-github-tdewolff-minify-2.7.4-1.fc30 (FEDORA-2020-6f8b0fc535)
Go minifiers for web formats
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Sat Apr 25 2020 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 2.7.4-1
- Update to latest version
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1827843 - golang-github-tdewolff-minify-2.7.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1827843
--------------------------------------------------------------------------------
================================================================================
kernel-5.6.7-100.fc30 (FEDORA-2020-9a6ac01ec2)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
The 5.6.7 stable kernel rebase contains new features, enhanced hardware support,
and a number of important fixes across the tree. ---- The 5.5.17 stable kernel
update contains a number of important fixes across the tree. ---- The 5.5.19
stable kernel update contains a number of important fixes across the tree. ----
The 5.5.18 stable kernel update contains a number of important fixes across the
tree.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 24 2020 Justin M. Forbes <jforbes(a)fedoraproject.org> - 5.6.7-100
- Linux v5.6.7 rebase
* Tue Apr 21 2020 Justin M. Forbes <jforbes(a)fedoraproject.org> - 5.5.19-100
- Linux v5.5.19
* Fri Apr 17 2020 Justin M. Forbes <jforbes(a)fedoraproject.org> - 5.5.18-100
- Linux v5.5.18
* Mon Apr 13 2020 Justin M. Forbes <jforbes(a)fedoraproject.org> - 5.5.17-100
- Linux v5.5.17
--------------------------------------------------------------------------------
================================================================================
kernel-headers-5.6.7-100.fc30 (FEDORA-2020-9a6ac01ec2)
Header files for the Linux kernel for use by glibc
--------------------------------------------------------------------------------
Update Information:
The 5.6.7 stable kernel rebase contains new features, enhanced hardware support,
and a number of important fixes across the tree. ---- The 5.5.17 stable kernel
update contains a number of important fixes across the tree. ---- The 5.5.19
stable kernel update contains a number of important fixes across the tree. ----
The 5.5.18 stable kernel update contains a number of important fixes across the
tree.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 24 2020 Justin M. Forbes <jforbes(a)fedoraproject.org> - 5.6.7-100
- Linux v5.6.7
* Mon Apr 13 2020 Justin M. Forbes <jforbes(a)fedoraproject.org> - 5.5.17-100
- Linux v5.5.17
--------------------------------------------------------------------------------
================================================================================
kernel-tools-5.6.7-100.fc30 (FEDORA-2020-9a6ac01ec2)
Assortment of tools for the Linux kernel
--------------------------------------------------------------------------------
Update Information:
The 5.6.7 stable kernel rebase contains new features, enhanced hardware support,
and a number of important fixes across the tree. ---- The 5.5.17 stable kernel
update contains a number of important fixes across the tree. ---- The 5.5.19
stable kernel update contains a number of important fixes across the tree. ----
The 5.5.18 stable kernel update contains a number of important fixes across the
tree.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 24 2020 Justin M. Forbes <jforbes(a)fedoraproject.org> - 5.6.7-100
- Linux v5.6.7 rebase
* Mon Apr 13 2020 Justin M. Forbes <jforbes(a)fedoraproject.org> - 5.5.17-100
- Linux v5.5.17
--------------------------------------------------------------------------------
================================================================================
libxcrypt-4.4.16-3.fc30 (FEDORA-2020-389dc1b8a4)
Extended crypt library for descrypt, md5crypt, bcrypt, and others
--------------------------------------------------------------------------------
Update Information:
- Move fipscheck hmac checksums to `%{_libdir}/fipscheck`. - Explicitly force
linking with `-Wl,-z,defs`.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Apr 25 2020 Bj��rn Esser <besser82(a)fedoraproject.org> - 4.4.16-3
- Explicitly force linking with '-Wl,-z,defs'
* Fri Apr 24 2020 Bj��rn Esser <besser82(a)fedoraproject.org> - 4.4.16-2
- Move fipscheck hmac checksums to %{_libdir}/fipscheck
--------------------------------------------------------------------------------
================================================================================
python-molecule-3.0.2-6.fc30 (FEDORA-2020-da7af6e03f)
Molecule is designed to aid in the development and testing of Ansible roles
--------------------------------------------------------------------------------
Update Information:
update to version 3.02 fixing the majority of bugs
--------------------------------------------------------------------------------
ChangeLog:
* Sat Apr 18 2020 Chedi Toueiti <chedi.toueiti(a)gmail.com> - 3.0.2-6
- adding new dependencies
* Mon Feb 24 2020 Chedi Toueiti <chedi.toueiti(a)gmail.com> - 3.0.2
- update to 3.0.2
* Fri Feb 21 2020 Chedi Toueiti <chedi.toueiti(a)gmail.com> - 3.0.1
- update to 3.0.1
* Thu Jan 30 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.22-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Mon Aug 26 2019 Chedi Toueiti <chedi.toueiti(a)gmail.com> - 2.22-1
- update to 2.22
* Mon Aug 19 2019 Miro Hron��ok <mhroncok(a)redhat.com> - 2.20.1-3
- Rebuilt for Python 3.8
* Fri Jul 26 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.20.1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Mon Jul 1 2019 Juerg Ritter <juerg_ritter(a)bluewin.ch> - 2.20.1-1
- update to 2.20.1 and disabled dependency generator
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1653467 - python-molecule is not functional, provisioner ansible directory is
missing
https://bugzilla.redhat.com/show_bug.cgi?id=1653467
[ 2 ] Bug #1653777 - python3-molecule missing dependencies
https://bugzilla.redhat.com/show_bug.cgi?id=1653777
[ 3 ] Bug #1685311 - Cannot upgrade to F30
https://bugzilla.redhat.com/show_bug.cgi?id=1685311
[ 4 ] Bug #1697041 - python-molecule-3.0.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1697041
[ 5 ] Bug #1737364 - Unable to install python3-molecule due to dependencies version
https://bugzilla.redhat.com/show_bug.cgi?id=1737364
[ 6 ] Bug #1794279 - python-molecule fails to build in Fedora 32
https://bugzilla.redhat.com/show_bug.cgi?id=1794279
[ 7 ] Bug #1806269 - python3-molecule not installable due to missing deps on fedora 32+
https://bugzilla.redhat.com/show_bug.cgi?id=1806269
--------------------------------------------------------------------------------
================================================================================
python-ruffus-2.8.4-1.fc30 (FEDORA-2020-a34f715452)
Light-weight Python computational pipeline management
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Sat Apr 25 2020 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 2.8.4-1
- Update to latest version
* Thu Jan 30 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.8.3-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Thu Oct 3 2019 Miro Hron��ok <mhroncok(a)redhat.com> - 2.8.3-2
- Rebuilt for Python 3.8.0rc1 (#1748018)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1827806 - python-ruffus-2.8.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1827806
--------------------------------------------------------------------------------
================================================================================
root-6.20.04-2.fc30 (FEDORA-2020-8f0afa3c56)
Numerical data analysis framework
--------------------------------------------------------------------------------
Update Information:
Rebuilt with gcc 9.3.1-2 to avoid runtime warnings about possible C++ standard
library mismatch,
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 10 2020 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 6.20.04-2
- Replace BR qt5-devel with qt5-qtbase-devel
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1826537 - ROOT not rebuilt after GCC upgrade
https://bugzilla.redhat.com/show_bug.cgi?id=1826537
--------------------------------------------------------------------------------
================================================================================
switchboard-plug-pantheon-shell-2.8.4-1.fc30 (FEDORA-2020-6df300fc5d)
Switchboard Pantheon Shell plug
--------------------------------------------------------------------------------
Update Information:
Update to version 2.8.4. Release notes:
https://github.com/elementary/switchboard-plug-pantheon-shell/releases/ta...
--------------------------------------------------------------------------------
ChangeLog:
* Sat Apr 25 2020 Fabio Valentini <decathorpe(a)gmail.com> - 2.8.4-1
- Update to version 2.8.4.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1827097 - switchboard-plug-pantheon-shell-2.8.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1827097
--------------------------------------------------------------------------------
================================================================================
webkit2gtk3-2.28.2-1.fc30 (FEDORA-2020-bd170e803f)
GTK Web content engine library
--------------------------------------------------------------------------------
Update Information:
Update to 2.28.2: * Fix excessive CPU usage due to GdkFrameClock not being
stopped. * Fix UI process crash when EGL_WL_bind_wayland_display extension is
not available. * Fix position of select popup menus in X11. * Fix playing of
Youtube ���live stream���/H264 URLs. * Fix several crashes and rendering issues. *
Security fixes: CVE-2020-3899
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 24 2020 Michael Catanzaro <mcatanzaro(a)redhat.com> - 2.28.2-1
- Update to 2.28.2
--------------------------------------------------------------------------------
================================================================================
xen-4.11.4-1.fc30 (FEDORA-2020-cbc3149753)
Xen is a virtual machine monitor
--------------------------------------------------------------------------------
Update Information:
update to 4.11.4 ---- multiple xenoprof issues [XSA-313, CVE-2020-11740,
CVE-2020-11741] (#1823912, #1823914) Missing memory barriers in read-write
unlock paths [XSA-314, CVE-2020-11739] (#1823784) Bad error path in
GNTTABOP_map_grant [XSA-316, CVE-2020-11743] (#1823926) Bad continuation
handling in GNTTABOP_copy [XSA-318, CVE-2020-11742] (#1823943)
--------------------------------------------------------------------------------
ChangeLog:
* Sat Apr 25 2020 Michael Young <m.a.young(a)durham.ac.uk> - 4.11.4-1
- update to 4.11.4
remove patches now fixed upstream
adjust xen.use.fedora.ipxe.patch
* Wed Apr 15 2020 Michael Young <m.a.young(a)durham.ac.uk> - 4.11.3-4
- multiple xenoprof issues [XSA-313, CVE-2020-11740, CVE-2020-11741]
(#1823912, #1823914)
- Missing memory barriers in read-write unlock paths [XSA-314,
CVE-2020-11739] (#1823784)
- Bad error path in GNTTABOP_map_grant [XSA-316, CVE-2020-11743] (#1823926)
- Bad continuation handling in GNTTABOP_copy [XSA-318, CVE-2020-11742]
(#1823943)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1823783 - CVE-2020-11739 xen: missing memory barriers in read-write unlock
paths (XSA-314)
https://bugzilla.redhat.com/show_bug.cgi?id=1823783
[ 2 ] Bug #1823911 - CVE-2020-11740 xen: xenoprof issue allows guest OS users without
active profiling to obtain sensitive information about other guests (XSA-313)
https://bugzilla.redhat.com/show_bug.cgi?id=1823911
[ 3 ] Bug #1823913 - CVE-2020-11741 xen: xenoprof issue allows guest OS users with
active profiling to obtain sensitive information about other guests (XSA-313)
https://bugzilla.redhat.com/show_bug.cgi?id=1823913
[ 4 ] Bug #1823925 - CVE-2020-11743 xen: bad error path in GNTTABOP_map_grant (XSA-316)
https://bugzilla.redhat.com/show_bug.cgi?id=1823925
[ 5 ] Bug #1823942 - CVE-2020-11742 xen: bad continuation handling in GNTTABOP_copy
(XSA-318)
https://bugzilla.redhat.com/show_bug.cgi?id=1823942
--------------------------------------------------------------------------------