The following Fedora 33 Security updates need testing:
Age URL
91
https://bodhi.fedoraproject.org/updates/FEDORA-2021-c3d587d52c shim-15.4-1
10
https://bodhi.fedoraproject.org/updates/FEDORA-2021-01f851ab8d
seamonkey-2.53.8-1.fc33
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-6422a16aed
mingw-djvulibre-3.5.28-1.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-a5b584004c
linuxptp-3.1.1-1.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-ca58c57bdf
chromium-91.0.4472.114-2.fc33
The following Fedora 33 Critical Path updates have yet to be approved:
Age URL
109
https://bodhi.fedoraproject.org/updates/FEDORA-2021-2961f34ccb
PackageKit-1.2.3-1.fc33
44
https://bodhi.fedoraproject.org/updates/FEDORA-2021-4797e362b3 abrt-2.14.6-1.fc33
libreport-2.15.1-1.fc33 satyr-0.37-2.fc33
11
https://bodhi.fedoraproject.org/updates/FEDORA-2021-31b3bb27dc
mtools-4.0.31-1.fc33
8
https://bodhi.fedoraproject.org/updates/FEDORA-2021-0f36063660
appstream-data-33-3.fc33
8
https://bodhi.fedoraproject.org/updates/FEDORA-2021-3b341e9e71
selinux-policy-3.14.6-39.fc33
8
https://bodhi.fedoraproject.org/updates/FEDORA-2021-25b3e62f7d koji-1.25.1-1.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-e0aedafbc9
coreutils-8.32-21.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-47368106b3
hwdata-0.349-1.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-fe782f6705
libbytesize-2.6-1.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-de131565a6
ethtool-5.13-1.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-c09b022e8f dracut-055-3.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-abcaa79b71
libmodulemd-2.13.0-1.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-a3a4b02149
kernel-5.12.15-200.fc33
The following builds have been pushed to Fedora 33 updates-testing
ansible-collection-community-general-3.3.2-1.fc33
doctest-2.4.6-3.fc33
python-libnacl-1.7.2-3.fc33
python-nashpy-0.0.24-2.fc33
tuned-switcher-0.4.0-1.fc33
unrealircd-5.2.1-1.fc33
xrootd-5.3.0-1.fc33
Details about builds:
================================================================================
ansible-collection-community-general-3.3.2-1.fc33 (FEDORA-2021-7a64e66d57)
Modules and plugins supported by Ansible community
--------------------------------------------------------------------------------
Update Information:
Update to 3.3.2 with a number of bugfixes.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jul 10 2021 Kevin Fenzi <kevin(a)scrye.com> - 3.3.2-1
- Update to 3.3.2. Fixes rhbz#1977438
* Tue Jun 8 2021 Kevin Fenzi <kevin(a)scrye.com> - 3.2.0-1
- Update to 3.2.0. Fixes rhbz#1969570
--------------------------------------------------------------------------------
================================================================================
doctest-2.4.6-3.fc33 (FEDORA-2021-1fd73ac635)
Feature-rich header-only C++ testing framework
--------------------------------------------------------------------------------
Update Information:
Addresses FTBFS
https://bugzilla.redhat.com/show_bug.cgi?id=1981037
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jul 10 2021 Nick Black <dankamongmen(a)gmail.com> - 2.4.6-3
- Patch out -Werror to remedy FTBFS
* Sat Jun 26 2021 Nick Black <dankamongmen(a)gmail.com> - 2.4.6-1
- New upstream release
* Sun Jun 20 2021 Benjamin A. Beasley <code(a)musicinmybrain.net> - 2.4.5-3
- The virtual Provides for doctest-static is no longer arched
* Thu Feb 18 2021 Nick Black <dankamongmen(a)gmail.com> - 2.4.5-2
- Add my patch to work around recent libc blues
--------------------------------------------------------------------------------
================================================================================
python-libnacl-1.7.2-3.fc33 (FEDORA-2021-a314f6cb2f)
Python bindings for libsodium based on ctypes
--------------------------------------------------------------------------------
Update Information:
(#1820150) Fix for TestRandomBytes.test_crypto_kdf_derive_from_key fails on
32-bit x86
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 7 2021 S��rgio Basto <sergio(a)serjux.com> - 1.7.2-3
- (#1820150) Fix for TestRandomBytes.test_crypto_kdf_derive_from_key fails on
32-bit x86
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.7.2-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Nov 4 2020 Jonny Heggheim <hegjon(a)gmail.com> - 1.7.2-1
- Updated to version 1.7.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1820150 - crypto_kdf_derive_from_key segfaults on ARM
https://bugzilla.redhat.com/show_bug.cgi?id=1820150
--------------------------------------------------------------------------------
================================================================================
python-nashpy-0.0.24-2.fc33 (FEDORA-2021-20f87b94de)
A library to compute equilibria of 2 player normal form games
--------------------------------------------------------------------------------
Update Information:
Update to the latest release
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jul 10 2021 Iztok Fister Jr. <iztokf AT fedoraproject DOT org> - 0.0.24-2
- Disable building docs (dependencies not satisfied)
* Fri Jul 9 2021 Iztok Fister Jr. <iztokf AT fedoraproject DOT org> - 0.0.24-1
- Update to the latest version
* Fri Jun 4 2021 Python Maint <python-maint(a)redhat.com> - 0.0.23-3
- Rebuilt for Python 3.10
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1979967 - python-nashpy-0.0.24 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1979967
--------------------------------------------------------------------------------
================================================================================
tuned-switcher-0.4.0-1.fc33 (FEDORA-2021-718219ab1f)
Simple utility to manipulate the Tuned service
--------------------------------------------------------------------------------
Update Information:
New ====== * Added manpage. * Improved GUI widget UX: * Removed Apply button.
The selected profile will be applied automatically. * The widget can be closed
by pressing Esc button. * Updated taskbar icon and fixed scaling issues. *
Implemented native DBus notifications both for applet and widget. Changes
============ * Performed code optimizations. * Reordered C++ headers. * Reduced
the number of QString allocations.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jul 10 2021 Vitaly Zaitsev <vitaly(a)easycoding.org> - 0.4.0-1
- Updated to version 0.4.0.
--------------------------------------------------------------------------------
================================================================================
unrealircd-5.2.1-1.fc33 (FEDORA-2021-e431852643)
Open Source IRC server
--------------------------------------------------------------------------------
Update Information:
UnrealIRCd 5.2.1 ================ Enhancements ------------ * The allow
block now uses `allow::mask` instead of `allow::ip` and `allow::hostname`. Users
upgrading will receive a warning but the server will continue to boot. * New
documentation for mask items in the configuration file to show how it works with
1 or more mask items in a block. Also support for negative matching has been
improved and we now support extended server ban syntax. * Combining the new
options from above you can do things like: * `allow { mask ~a:TrustedUser;
class flooders; maxperip 100; }` If TrustedUser authenticates to services using
SASL then he gets in the special class "flooders" with a maxperip of 100. *
`allow { mask { ~S:112233etc; ~S:anotherone; }; class clients; maxperip 10; }`
Users matching one of these certificate fingerprints get a high maximum per ip
of 10. * New block `set::server-linking` * For link blocks with
autoconnect we now default to the strategy 'sequential', meaning we will try the
1st link block first, then the 2nd, then the 3rd, then the 1st again, etc. *
We now have different and lower timeouts for the connect and the handshake. So
we give up a bit more early on servers that are currently down or extremely
lagged. * New security-group block item called `include-mask`. This can be
used to put clients matching a mask into a security group. * New option `lag-
penalty` and `lag-penalty-bytes` in the `set::anti-flood` block. * known-
users can now executes commands at a slightly faster rate than unknown-users.
* It can further be used to allow really trusted users/bots to execute commands
at even higher rates, such as 20 commands per second, without making them IRCOp.
This explained in FAQ: How to allow users to send more commands per second. *
The `REHASH` command is now sufficient to reload SSL/TLS certificates. You no
longer need to use `REHASH -tls`. The same is true for `unrealircdctl rehash`
which now also does the extra steps in `unrealircdctl reloadtls`. The commands
will stay, though, in case you only want to reload the TLS certificates and not
rehash the entire configuration file. * Support for OpenSSL 3.0.0 * Show
microseconds in `TSCTL ALLTIME` * The git version id is now shown in the
`INFO` command on *NIX (ReleaseId). * Extban `~a:*` now matches all
authenticated users and `~a:0` matches all unauthenticated users. * Allow
multiple masks in the `deny link { }` block Fixes ----- * When using
persistent channel history: if you had ANY rehash error (often completely
unrelated to channel history) and you then rehashed again UnrealIRCd would
crash. * When server syncing larger channels we could accidentally skip over
or forget to send a few users. These users would then not be shown on the other
side of the link but are actually in the channel (ghosts) * When using
autoconnect on (very) big networks, the network no longer breaks down (with the
new default strategy 'sequential') * The default ban exemption on `127.*` was
too broad. It also matched hostnames that started with it, allowing such users
to bypass gline/kline/shun (but not zline/gzline). * Channel mode `+d` (so
after `-D`) never took QUITs into account properly. This should now fix things,
so the channel goes `-d` immediately once it is no longer needed. * Give a
better error message when trying to use an unconfirmed account with authprompt.
Module coders / IRC protocol ---------------------------- * We now assume all
services set the SVID field. If your services only sets umode `+r` and does not
use `SVSLOGIN` or `SVSMODE nick +d SVID` then users will not be recognized as
authenticated anymore. * In the `UID` command we now validate the UID
(parameter 6) to start with the SID and contains digits and uppercase only. *
Servers can no longer change moddata of remote clients. That is, it is disabled
by default, but modules can still allow it for certain moddata via
`mreq.remote_write=1`. You can use `#if UNREAL_VERSION_TIME >= 202125` to detect
if this new `.remote_write` option is available. * Removed `HCN` from 005,
since nobody uses this anyway.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 9 2021 Robert Scheck <robert(a)fedoraproject.org> 5.2.1-1
- Upgrade to 5.2.1 (#1978927)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1978927 - unrealircd-5.2.1.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1978927
--------------------------------------------------------------------------------
================================================================================
xrootd-5.3.0-1.fc33 (FEDORA-2021-1fdd006599)
Extended ROOT file server
--------------------------------------------------------------------------------
Update Information:
xrootd 53.0
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 9 2021 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 1:5.3.0-1
- Update to version 5.3.0
* Fri Jun 4 2021 Python Maint <python-maint(a)redhat.com> - 1:5.2.0-2
- Rebuilt for Python 3.10
--------------------------------------------------------------------------------