The following Fedora 34 Security updates need testing:
Age URL
89
https://bodhi.fedoraproject.org/updates/FEDORA-2022-6aba96e1b8
radare2-5.6.4-1.fc34
41
https://bodhi.fedoraproject.org/updates/FEDORA-2022-63de6726ce
libinput-1.19.4-1.fc34
5
https://bodhi.fedoraproject.org/updates/FEDORA-2022-8ebd42ce1c
thunderbird-91.9.1-1.fc34
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-14f7b1a698
logrotate-3.18.0-5.fc34
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-21c312c05b
dotnet3.1-3.1.419-1.fc34
The following Fedora 34 Critical Path updates have yet to be approved:
Age URL
419
https://bodhi.fedoraproject.org/updates/FEDORA-2021-1300e131b6 ddpt-0.96-4.fc34
ledmon-0.95-4.fc34 libgpod-0.8.3-38.fc34 libzfcphbaapi-2.2.0-12.fc34 lsvpd-1.7.11-6.fc34
sg3_utils-1.46-1.fc34 udisks-1.0.5-18.fc34
141
https://bodhi.fedoraproject.org/updates/FEDORA-2022-e3b891fe11 gdb-11.1-7.fc34
89
https://bodhi.fedoraproject.org/updates/FEDORA-2022-8f3103b973
hwdata-0.357-1.fc34
70
https://bodhi.fedoraproject.org/updates/FEDORA-2022-dab75a01b8
gnome-shell-40.10-1.fc34 gnome-shell-extensions-40.7-1.fc34 mutter-40.10-1.fc34
56
https://bodhi.fedoraproject.org/updates/FEDORA-2022-eb1d10aba3 libldb-2.3.3-1.fc34
samba-4.14.13-0.fc34
41
https://bodhi.fedoraproject.org/updates/FEDORA-2022-63de6726ce
libinput-1.19.4-1.fc34
11
https://bodhi.fedoraproject.org/updates/FEDORA-2022-1180dadb39
ansible-packaging-1-5.fc34 redhat-rpm-config-184-1.fc34
10
https://bodhi.fedoraproject.org/updates/FEDORA-2022-45ea77ca58
python3-docs-3.9.13-1.fc34 python3.9-3.9.13-1.fc34
5
https://bodhi.fedoraproject.org/updates/FEDORA-2022-4bb6cff5a1
libdv-1.0.0-36.fc34
5
https://bodhi.fedoraproject.org/updates/FEDORA-2022-8ebd42ce1c
thunderbird-91.9.1-1.fc34
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-14f7b1a698
logrotate-3.18.0-5.fc34
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-d46bf7581b
gnutls-3.7.6-1.fc34
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-08ae4c7a52 koji-1.29.0-1.fc34
The following builds have been pushed to Fedora 34 updates-testing
cups-2.3.3op2-18.fc34
gscan2pdf-2.12.7-1.fc34
kernel-5.17.12-100.fc34
openvpn-2.5.7-1.fc34
perl-Devel-REPL-1.003029-1.fc34
perl-Number-Tolerant-1.709-1.fc34
python-niaarm-0.2.0-1.fc34
umockdev-0.17.13-1.fc34
vim-8.2.5046-1.fc34
Details about builds:
================================================================================
cups-2.3.3op2-18.fc34 (FEDORA-2022-97b4ae7fb4)
CUPS printing system
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2022-26691
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 31 2022 Zdenek Dohnal <zdohnal(a)redhat.com> - 1:2.3.3op2-18
- CVE-2022-26691 cups: authorization bypass when using "local" authorization
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2084321 - CVE-2022-26691 cups: authorization bypass when using
"local" authorization
https://bugzilla.redhat.com/show_bug.cgi?id=2084321
--------------------------------------------------------------------------------
================================================================================
gscan2pdf-2.12.7-1.fc34 (FEDORA-2022-a332112769)
GUI for producing a multipage PDF from a scan
--------------------------------------------------------------------------------
Update Information:
This release fixes restoring a user-defined tool on a scan dialogue. It also
updates a Ukrainian translation.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 31 2022 Petr Pisar <ppisar(a)redhat.com> - 2.12.7-1
- 2.12.7 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2091405 - gscan2pdf-2.12.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2091405
--------------------------------------------------------------------------------
================================================================================
kernel-5.17.12-100.fc34 (FEDORA-2022-ef8c8a5925)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
The 5.17.12 stable kernel update contains a number of important fixes across the
tree.
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 30 2022 Justin M. Forbes <jforbes(a)fedoraproject.org> [5.17.12-0]
- Revert "crypto: rng - Override drivers/char/random in FIPS mode" (Justin M.
Forbes)
- Revert "random: Add hook to override device reads and getrandom(2)" (Justin M.
Forbes)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2090723 - CVE-2022-1789 kernel: x86/kvm: NULL pointer dereference in
kvm_mmu_invpcid_gva
https://bugzilla.redhat.com/show_bug.cgi?id=2090723
--------------------------------------------------------------------------------
================================================================================
openvpn-2.5.7-1.fc34 (FEDORA-2022-c1123ef770)
A full-featured TLS VPN solution
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream OpenVPN 2.5.7. This release can resolve connectivity
issues after upgrading to Fedora 36, which ships with OpenSSL 3. Use these
options: `--tls-cert-profile insecure` and `--providers legacy default` if you
experience connectivity issues. More details:
https://github.com/OpenVPN/openvpn/blob/release/2.5/Changes.rst
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 31 2022 David Sommerseth <davids(a)openvpn.net> - 2.5.7-1
- Update to upstream OpenVPN 2.5.7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2087181 - OpenVPN Connection stopped working after upgrade to F36
https://bugzilla.redhat.com/show_bug.cgi?id=2087181
[ 2 ] Bug #2091980 - openvpn-2.5.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2091980
--------------------------------------------------------------------------------
================================================================================
perl-Devel-REPL-1.003029-1.fc34 (FEDORA-2022-3582e42bde)
Modern perl interactive shell
--------------------------------------------------------------------------------
Update Information:
This release improves a documentation and removes a dependency on File::HomeDir
module.
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 30 2022 Petr Pisar <ppisar(a)redhat.com> - 1.003029-1
- 1.003029 bump
- Package the tests
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2091242 - perl-Devel-REPL-1.003029 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2091242
--------------------------------------------------------------------------------
================================================================================
perl-Number-Tolerant-1.709-1.fc34 (FEDORA-2022-6242cfa086)
Tolerance ranges for inexact numbers
--------------------------------------------------------------------------------
Update Information:
This release updates a documentation.
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 30 2022 Petr Pisar <ppisar(a)redhat.com> - 1.709-1
- 1.709 bump
- Package the tests
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2091432 - perl-Number-Tolerant-1.709 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2091432
--------------------------------------------------------------------------------
================================================================================
python-niaarm-0.2.0-1.fc34 (FEDORA-2022-2e36816ced)
A minimalistic framework for numerical association rule mining
--------------------------------------------------------------------------------
Update Information:
Upgrade to 0.2.0
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 30 2022 Iztok Fister Jr. <iztokf AT fedoraproject DOT org> - 0.2.0-1
- Upgrade to 0.2.0
--------------------------------------------------------------------------------
================================================================================
umockdev-0.17.13-1.fc34 (FEDORA-2022-3e54cb9c2a)
Mock hardware devices
--------------------------------------------------------------------------------
Update Information:
New upstream release: 0.17.13
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 30 2022 Packit <hello(a)packit.dev> - 0.17.13-1
- preload: Wrap fstatfs(), to work with systemd 251 also with Python tests
- Fix tests in Gentoo sandbox build
--------------------------------------------------------------------------------
================================================================================
vim-8.2.5046-1.fc34 (FEDORA-2022-d94440bf0e)
The VIM editor
--------------------------------------------------------------------------------
Update Information:
Security fixes for CVE-2022-1851, CVE-2022-1898, CVE-2022-1897, CVE-2022-1927
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 31 2022 Zdenek Dohnal <zdohnal(a)redhat.com> - 2:8.2.5046-1
- patchlevel 5046
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2091676 - CVE-2022-1851 vim: out-of-bounds read in gchar_cursor() in misc1.c
https://bugzilla.redhat.com/show_bug.cgi?id=2091676
[ 2 ] Bug #2091679 - CVE-2022-1898 vim: use-after-free in find_pattern_in_path() in
search.c
https://bugzilla.redhat.com/show_bug.cgi?id=2091679
[ 3 ] Bug #2091682 - CVE-2022-1897 vim: out-of-bounds write in vim_regsub_both() in
regexp.c
https://bugzilla.redhat.com/show_bug.cgi?id=2091682
[ 4 ] Bug #2091687 - CVE-2022-1927 vim: buffer over-read in utf_ptr2char() in mbyte.c
https://bugzilla.redhat.com/show_bug.cgi?id=2091687
--------------------------------------------------------------------------------