The following Fedora 29 Security updates need testing:
Age URL
232
https://bodhi.fedoraproject.org/updates/FEDORA-2019-fa5843e0e1
asterisk-16.2.1-1.fc29
219
https://bodhi.fedoraproject.org/updates/FEDORA-2019-c84f291592
WALinuxAgent-2.2.38-1.fc29
214
https://bodhi.fedoraproject.org/updates/FEDORA-2019-7528388823
chicken-5.0.0-2.fc29
173
https://bodhi.fedoraproject.org/updates/FEDORA-2019-9839aded3f
python-gnupg-0.4.4-1.fc29
169
https://bodhi.fedoraproject.org/updates/FEDORA-2019-35cb5a4785
kubernetes-1.13.5-1.fc29
107
https://bodhi.fedoraproject.org/updates/FEDORA-2019-32f7cd9b66
dosbox-0.74.3-2.fc29
8
https://bodhi.fedoraproject.org/updates/FEDORA-2019-7ab0c9faf9
firefox-69.0.3-1.fc29
8
https://bodhi.fedoraproject.org/updates/FEDORA-2019-b92ce3144a
libpcap-1.9.1-1.fc29
4
https://bodhi.fedoraproject.org/updates/FEDORA-2019-e70f89fa34
wordpress-5.2.4-1.fc29
4
https://bodhi.fedoraproject.org/updates/FEDORA-2019-41e28660ae
kernel-5.3.6-100.fc29 kernel-headers-5.3.6-100.fc29 kernel-tools-5.3.6-100.fc29
4
https://bodhi.fedoraproject.org/updates/FEDORA-2019-23638d42f3
mod_auth_openidc-2.4.0.3-1.fc29
4
https://bodhi.fedoraproject.org/updates/FEDORA-2019-72755db9c7 sudo-1.8.28-1.fc29
4
https://bodhi.fedoraproject.org/updates/FEDORA-2019-4d33c62860 jss-4.6.2-1.fc29
4
https://bodhi.fedoraproject.org/updates/FEDORA-2019-fc95e6255c
chromium-77.0.3865.120-1.fc29
4
https://bodhi.fedoraproject.org/updates/FEDORA-2019-85d92df70f
tcpdump-4.9.3-1.fc29
2
https://bodhi.fedoraproject.org/updates/FEDORA-2019-01da705767 xpdf-4.02-1.fc29
2
https://bodhi.fedoraproject.org/updates/FEDORA-2019-a87aba290f
java-1.8.0-openjdk-1.8.0.232.b09-0.fc29
2
https://bodhi.fedoraproject.org/updates/FEDORA-2019-986622833f
python3-3.7.5-1.fc29
2
https://bodhi.fedoraproject.org/updates/FEDORA-2019-4bafcdb85f
java-11-openjdk-11.0.5.10-0.fc29
The following Fedora 29 Critical Path updates have yet to be approved:
Age URL
145
https://bodhi.fedoraproject.org/updates/FEDORA-2019-06a2d1c7fb
anaconda-29.24.7-3.fc29
143
https://bodhi.fedoraproject.org/updates/FEDORA-2019-4cefd3161a
nfs-utils-2.3.3-4.rc2.fc29
116
https://bodhi.fedoraproject.org/updates/FEDORA-2019-583d9d5a56
mutter-3.30.2-3.fc29
102
https://bodhi.fedoraproject.org/updates/FEDORA-2019-6f13c38d0d
python-urllib3-1.24.3-2.fc29
100
https://bodhi.fedoraproject.org/updates/FEDORA-2019-62e681b68b ipset-7.2-1.fc29
32
https://bodhi.fedoraproject.org/updates/FEDORA-2019-3bdedf56fb sssd-2.2.2-1.fc29
10
https://bodhi.fedoraproject.org/updates/FEDORA-2019-b54a9b5130 rsync-3.1.3-8.fc29
10
https://bodhi.fedoraproject.org/updates/FEDORA-2019-c15ad33a2a
glusterfs-5.10-1.fc29
8
https://bodhi.fedoraproject.org/updates/FEDORA-2019-0fc03df5c7 satyr-0.29-1.fc29
8
https://bodhi.fedoraproject.org/updates/FEDORA-2019-b92ce3144a
libpcap-1.9.1-1.fc29
8
https://bodhi.fedoraproject.org/updates/FEDORA-2019-7ab0c9faf9
firefox-69.0.3-1.fc29
6
https://bodhi.fedoraproject.org/updates/FEDORA-2019-fc68cd365a
python-rpm-macros-3-38.fc29
4
https://bodhi.fedoraproject.org/updates/FEDORA-2019-72755db9c7 sudo-1.8.28-1.fc29
4
https://bodhi.fedoraproject.org/updates/FEDORA-2019-41e28660ae
kernel-5.3.6-100.fc29 kernel-headers-5.3.6-100.fc29 kernel-tools-5.3.6-100.fc29
4
https://bodhi.fedoraproject.org/updates/FEDORA-2019-4fb3314f2e
vte291-0.54.5-1.fc29
4
https://bodhi.fedoraproject.org/updates/FEDORA-2019-a122d9c41c
appstream-data-29-16.fc29
2
https://bodhi.fedoraproject.org/updates/FEDORA-2019-6f59a13d39
vim-8.1.2168-1.fc29
2
https://bodhi.fedoraproject.org/updates/FEDORA-2019-986622833f
python3-3.7.5-1.fc29
The following builds have been pushed to Fedora 29 updates-testing
archlinux-keyring-20191018-1.fc29
calcurse-4.5.1-1.fc29
gnome-shell-extension-system-monitor-applet-38-4.20191019gitf00e248.fc29
i-nex-7.6.0-10.20170703git0c10102.fc29
ibus-typing-booster-2.7.0-1.fc29
kernel-5.3.7-100.fc29
kernel-tools-5.3.7-100.fc29
plank-0.11.89-1.fc29
proftpd-1.3.6b-1.fc29
python-yara-3.11.0-2.fc29
samdump2-3.0.0-16.fc29
vdr-tvguide-1.2.14-1.fc29
Details about builds:
================================================================================
archlinux-keyring-20191018-1.fc29 (FEDORA-2019-af9b813f89)
GPG keys used by Arch distribution to sign packages
--------------------------------------------------------------------------------
Update Information:
Update to latest version. No need to log out or reboot.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 19 2019 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> - 20191018-1
- New upstream release (#1747072).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1747072 - archlinux-keyring-20191018 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1747072
--------------------------------------------------------------------------------
================================================================================
calcurse-4.5.1-1.fc29 (FEDORA-2019-fbb9b21261)
Text-based personal organizer
--------------------------------------------------------------------------------
Update Information:
4.5.1
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 20 2019 Gwyn Ciesla <gwync(a)protonmail.com> - 4.5.1-1
- 4.5.1
* Wed Jul 24 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.5.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1763358 - calcurse-4.5.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1763358
--------------------------------------------------------------------------------
================================================================================
gnome-shell-extension-system-monitor-applet-38-4.20191019gitf00e248.fc29
(FEDORA-2019-2fb2f9e907)
A Gnome shell system monitor extension
--------------------------------------------------------------------------------
Update Information:
Updated to last upstream commits
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 19 2019 Nicolas Vi��ville <nicolas.vieville(a)uphf.fr> -
1:38-4.20191019gitf00e248
- Updated to last upstream commits
- Use Gio.Subprocess for cleaner child process handling
- Updated Italian Translation
- Updated Slovak translation
- Edited gpu_usage.sh to work with glxinfo
- Included GS 3.34. Fixed formatting
- Removed duplicate css class
- Added Dutch (Netherlands) translation
- Use enums (instead of magic numbers) with GLib.file_test()
* Thu Jul 25 2019 Fedora Release Engineering <releng(a)fedoraproject.org> -
1:38-3.20190515gitfc83a73
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
i-nex-7.6.0-10.20170703git0c10102.fc29 (FEDORA-2019-b8c08c8fbc)
System information tool like hardinfo, sysinfo
--------------------------------------------------------------------------------
Update Information:
- Add %%{name}-fix-compilation.patch - Add RR gambas3-gb-jit
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 19 2019 Martin Gansser <martinkg(a)fedoraproject.org> -
7.6.0-10.20170703git0c10102
- Add %{name}-fix-compilation.patch
- Add RR gambas3-gb-jit
* Tue Oct 8 2019 Petr Viktorin <pviktori(a)redhat.com> - 7.6.0-9.20170703git0c10102
- Remove unused dependency python2-configobj
* Thu Jul 25 2019 Fedora Release Engineering <releng(a)fedoraproject.org> -
7.6.0-8.20170703git0c10102
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> -
7.6.0-7.20170703git0c10102
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
ibus-typing-booster-2.7.0-1.fc29 (FEDORA-2019-4e2dde5baf)
A completion input method
--------------------------------------------------------------------------------
Update Information:
Update to 2.7.0; Add support for compose sequences
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 18 2019 Mike FABIAN <mfabian(a)redhat.com> - 2.7.0-1
- Update to 2.7.0
- Add support for compose sequences
Resolves:
https://github.com/mike-fabian/ibus-typing-booster/issues/47
Resolves:
https://github.com/mike-fabian/ibus-typing-booster/issues/36
- Test cases for compose support
- When using doctest: log to stderr and set logging level to DEBUG
- Properly close file handles when loading hunspell dictionaries
--------------------------------------------------------------------------------
================================================================================
kernel-5.3.7-100.fc29 (FEDORA-2019-1ec29947e7)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
The 5.3.7 update contains a number of important fixes across the tree
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 18 2019 Laura Abbott <labbott(a)redhat.com> - 5.3.7-100
- Linux v5.3.7
* Mon Oct 14 2019 Laura Abbott <labbott(a)redhat.com> - 5.3.6-100
- Linux v5.3.6 Rebase
- Fix disappearing cursor issue (rhbz 1738614)
* Tue Oct 8 2019 Justin M. Forbes <jforbes(a)fedoraproject.org> - 5.2.20-100
- Linux v5.2.20
* Wed Oct 2 2019 Justin M. Forbes <jforbes(a)fedoraproject.org>
- Fix CVE-2019-17052 CVE-2019-17053 CVE-2019-17054 CVE-2019-17055 CVE-2019-17056
(rhbz 1758239 1758240 1758242 1758243 1758245 1758246 1758248 1758249 1758256 1758257)
--------------------------------------------------------------------------------
================================================================================
kernel-tools-5.3.7-100.fc29 (FEDORA-2019-1ec29947e7)
Assortment of tools for the Linux kernel
--------------------------------------------------------------------------------
Update Information:
The 5.3.7 update contains a number of important fixes across the tree
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 18 2019 Laura Abbott <labbott(a)redhat.com> - 5.3.7-100
- Linux v5.3.7
* Mon Oct 14 2019 Laura Abbott <labbott(a)redhat.com> - 5.3.6-100
- Linux v5.3.6 rebase
* Tue Oct 8 2019 Justin M. Forbes <jforbes(a)fedoraproject.org> - 5.2.20-100
- Linux v5.2.20
--------------------------------------------------------------------------------
================================================================================
plank-0.11.89-1.fc29 (FEDORA-2019-7996120421)
Stupidly simple Dock
--------------------------------------------------------------------------------
Update Information:
Update to version 0.11.89. This should fix some issues and crashers. Release
notes:
https://github.com/ricotz/plank/blob/0.11.89/NEWS
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 19 2019 Fabio Valentini <decathorpe(a)gmail.com> - 0.11.89-1
- Update to version 0.11.89.
--------------------------------------------------------------------------------
================================================================================
proftpd-1.3.6b-1.fc29 (FEDORA-2019-ae019c7e9f)
Flexible, stable and highly-configurable FTP server
--------------------------------------------------------------------------------
Update Information:
This is a cumulative bug-fix update from upstream, including a fix for a pre-
authentication remote denial of service issue.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 20 2019 Paul Howarth <paul(a)city-fan.org> - 1.3.6b-1
- Update to 1.3.6b
- Fixed pre-authentication remote denial-of-service issue
(
https://github.com/proftpd/proftpd/issues/846)
* Sun Oct 13 2019 Paul Howarth <paul(a)city-fan.org> - 1.3.6a-1
- Update to 1.3.6a
- Configure script wrongly detected AIX lastlog functions
(
http://bugs.proftpd.org/show_bug.cgi?id=4304)
- AllowChrootSymlinks off could cause login failures depending on filesystem
permissions (
http://bugs.proftpd.org/show_bug.cgi?id=4306)
- mod_ctrls: error: unable to bind to local socket: Address already in use
(
https://github.com/proftpd/proftpd/issues/501)
- Failed to handle multiple %{env:...} variables in single word in
configuration (
https://github.com/proftpd/proftpd/issues/507)
- mod_sftp failed to check shadow password information when publickey
authentication used (
http://bugs.proftpd.org/show_bug.cgi?id=4308)
- Use of "AllowEmptyPasswords off" broke SFTP/SCP logins
(
http://bugs.proftpd.org/show_bug.cgi?id=4309)
- Use of mod_facl as static module caused ProFTPD to die on SIGHUP/restart
(
http://bugs.proftpd.org/show_bug.cgi?id=4310)
- Use of curve25519-sha256(a)libssh.org SSH2 key exchange sometimes failed
(
https://github.com/proftpd/proftpd/issues/556)
- Close extra file descriptors at startup
(
http://bugs.proftpd.org/show_bug.cgi?id=4312)
- <Anonymous> with AuthAliasOnly in effect did not work as expected
(
http://bugs.proftpd.org/show_bug.cgi?id=4314)
- CreateHome NoRootPrivs only worked partially
(
https://github.com/proftpd/proftpd/issues/568)
- SFTP OPEN response included attribute flags that are not actually provided
(
https://github.com/proftpd/proftpd/issues/578)
- Truncation of file while being downloaded with sendfile enabled caused
timeouts due to infinite loop (
http://bugs.proftpd.org/show_bug.cgi?id=4318)
- FTP uploads frequently broke due to "Interrupted system call" error
(
http://bugs.proftpd.org/show_bug.cgi?id=4319)
- Site-to-site transfers over TLS failed
(
https://github.com/proftpd/proftpd/issues/618)
- Can't see symlinks using any FTP client when using MLSD
(
http://bugs.proftpd.org/show_bug.cgi?id=4322)
- mod_tls 1.3.6 failed to compile using OpenSSL 0.9.8e
(
http://bugs.proftpd.org/show_bug.cgi?id=4325)
- Using MaxClientsPerHost 1 in <Anonymous> section denied logins
(
http://bugs.proftpd.org/show_bug.cgi?id=4326)
- SQLNamedConnectInfo with different backend database did not work properly
(
https://github.com/proftpd/proftpd/issues/642)
- Segfault with mod_sftp+mod_sftp_pam after successful authentication using
keyboard-interactive method (
https://github.com/proftpd/proftpd/issues/656)
- autoconf always failed to detect support for FIPS
(
https://github.com/proftpd/proftpd/issues/660)
- SFTP connections failed when using "arcfour256" cipher
(
https://github.com/proftpd/proftpd/issues/663)
- mod_auth_otp failed to build with OpenSSL 1.1.x
(
http://bugs.proftpd.org/show_bug.cgi?id=4335)
- scp broken on FreeBSD 11 (
http://bugs.proftpd.org/show_bug.cgi?id=4341)
- Update mod_sftp to handle changed APIs in OpenSSL 1.1.x releases
(
https://github.com/proftpd/proftpd/issues/674)
- Infinite loop possible in mod_sftp's set_sftphostkey() function
(
http://bugs.proftpd.org/show_bug.cgi?id=4356)
- Some ASCII text files corrupted when downloading
(
http://bugs.proftpd.org/show_bug.cgi?id=4352)
- Properly use the --includedir, --libdir configure variables in the
generated proftpd.pc pkgconfig file
(
https://github.com/proftpd/proftpd/issues/797)
- Reading invalid SSH key from database resulted in unexpected/unlogged
disconnect failures (
http://bugs.proftpd.org/show_bug.cgi?id=4350)
- Symlink navigation broken after 1.3.6 update
(
http://bugs.proftpd.org/show_bug.cgi?id=4332)
- Unable to connect to ProFTPD using TLSSessionTickets and TLSv1.3
(
https://github.com/proftpd/proftpd/issues/795)
- SITE CPFR/CPTO did not honor <Limit> configurations
(
http://bugs.proftpd.org/show_bug.cgi?id=4372)
- Using "TLSProtocol SSLv23" did not enable all protocol versions
(
https://github.com/proftpd/proftpd/issues/807)
--------------------------------------------------------------------------------
================================================================================
python-yara-3.11.0-2.fc29 (FEDORA-2019-344d5c173e)
Python binding for the YARA pattern matching tool
--------------------------------------------------------------------------------
Update Information:
update python-yara to 3.11.0
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 14 2019 Michal Ambroz <rebus at, seznam.cz> - 3.11.0-2
- fix the release number
* Mon Oct 14 2019 Michal Ambroz <rebus at, seznam.cz> - 3.11.0-1
- bump to 3.11.0, omit py2 for f30+ and epel8+
* Mon Aug 19 2019 Miro Hron��ok <mhroncok(a)redhat.com> - 3.9.0-2.2
- Rebuilt for Python 3.8
* Fri Jul 26 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.9.0-2.1
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Fri Mar 22 2019 Michal Ambroz <rebus at, seznam.cz> - 3.9.0-2
- change dependency to sphinx based on the /usr/bin/sphinx-build
* Mon Mar 18 2019 Michal Ambroz <rebus at, seznam.cz> - 3.9.0-1
- bump to 3.9.0
* Sat Feb 2 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.8.1-3.2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Fri Oct 12 2018 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> - 3.8.1-3
- Python2 binary package has been removed
See
https://fedoraproject.org/wiki/Changes/Mass_Python_2_Package_Removal
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1680204 - python-yara-3.11.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1680204
--------------------------------------------------------------------------------
================================================================================
samdump2-3.0.0-16.fc29 (FEDORA-2019-565ab2befb)
Retrieves syskey and extracts hashes from Windows 2k/NT/XP/Vista SAM
--------------------------------------------------------------------------------
Update Information:
fix samdump2 build dependencies, move to modern openssl
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 20 2019 Michal Ambroz <rebus AT seznam.cz> - 3.0.0-16
- patch from legacy to modern openssl version, add build requirement to gcc
* Sat Feb 2 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.0.0-15
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Sat Jul 14 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.0.0-14
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1606295 - samdump2: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1606295
--------------------------------------------------------------------------------
================================================================================
vdr-tvguide-1.2.14-1.fc29 (FEDORA-2019-237fd3ba3e)
TvGuide is a highly customizable 2D EPG viewer plugin
--------------------------------------------------------------------------------
Update Information:
Update to vdr-tvguide-1.2.14 ---- Update to 1.2.13-1 ---- Update to vdr-
tvguide-1.2.12-1
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 20 2019 Martin Gansser <martinkg(a)fedoraproject.org> - 1.2.14-1
- Update to 1.2.14
* Tue Oct 15 2019 Martin Gansser <martinkg(a)fedoraproject.org> - 1.2.13-1
- Update to 1.2.13
* Mon Oct 14 2019 Martin Gansser <martinkg(a)fedoraproject.org> - 1.2.12-1
- Update to 1.2.12
--------------------------------------------------------------------------------