The following Fedora 33 Security updates need testing:
Age URL
164
https://bodhi.fedoraproject.org/updates/FEDORA-2021-c3d587d52c shim-15.4-1
12
https://bodhi.fedoraproject.org/updates/FEDORA-2021-e7c8ba6301
ntfs-3g-2021.8.22-2.fc33
8
https://bodhi.fedoraproject.org/updates/FEDORA-2021-9fb6da134f
squashfs-tools-4.5-3.20210913gite048580.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-b349650e52
gifsicle-1.93-1.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-be0a93fb15
ghostscript-9.54.0-2.1.fc33
5
https://bodhi.fedoraproject.org/updates/FEDORA-2021-9998719311
fetchmail-6.4.22-1.fc33
5
https://bodhi.fedoraproject.org/updates/FEDORA-2021-fc96a3a749
curl-7.71.1-11.fc33
5
https://bodhi.fedoraproject.org/updates/FEDORA-2021-c1fef03e71
python-rsa-4.7.2-1.fc33
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-edf6957b7d
webkit2gtk3-2.32.4-1.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-55198e6804 iaito-5.3.1-3.fc33
radare2-5.4.0-1.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-87578dca12
ckeditor-4.16.2-1.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-34760089da
python2.7-2.7.18-15.fc33
The following Fedora 33 Critical Path updates have yet to be approved:
Age URL
183
https://bodhi.fedoraproject.org/updates/FEDORA-2021-2961f34ccb
PackageKit-1.2.3-1.fc33
118
https://bodhi.fedoraproject.org/updates/FEDORA-2021-4797e362b3 abrt-2.14.6-1.fc33
libreport-2.15.1-1.fc33 satyr-0.37-2.fc33
34
https://bodhi.fedoraproject.org/updates/FEDORA-2021-4ccf3840ed
gnome-shell-3.38.6-1.fc33 mutter-3.38.6-1.fc33
12
https://bodhi.fedoraproject.org/updates/FEDORA-2021-e7c8ba6301
ntfs-3g-2021.8.22-2.fc33
9
https://bodhi.fedoraproject.org/updates/FEDORA-2021-b23a9bea6a
ethtool-5.14-1.fc33
8
https://bodhi.fedoraproject.org/updates/FEDORA-2021-b45ccbe1a6
libmodulemd-2.13.0-2.fc33
8
https://bodhi.fedoraproject.org/updates/FEDORA-2021-9fb6da134f
squashfs-tools-4.5-3.20210913gite048580.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-90604978ab pungi-4.3.0-1.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-fd41bb269a
createrepo_c-0.17.5-1.fc33
5
https://bodhi.fedoraproject.org/updates/FEDORA-2021-2234494a2d
appstream-data-33-4.fc33
5
https://bodhi.fedoraproject.org/updates/FEDORA-2021-fc96a3a749
curl-7.71.1-11.fc33
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-edf6957b7d
webkit2gtk3-2.32.4-1.fc33
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-e2e8b29ae7
libxcrypt-4.4.26-2.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-31db2a6200
openssl-1.1.1l-2.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-205a6ce5ea
kernel-5.13.19-100.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-e63926a1bb
btrfs-progs-5.14.1-1.fc33
The following builds have been pushed to Fedora 33 updates-testing
charliecloud-0.25-1.fc33
cppzmq-4.8.1-1.fc33
flatpak-1.10.3-1.fc33
flatpak-builder-1.0.14-1.fc33
libspf2-1.2.11-1.20210922git4915c308.fc33
libssh-0.9.6-1.fc33
mozilla-ublock-origin-1.38.0-1.fc33
php-nikic-php-parser4-4.13.0-1.fc33
php-phpunit-php-code-coverage9-9.2.7-1.fc33
php-twig-1.44.5-1.fc33
php-twig2-2.14.7-1.fc33
php-twig3-3.3.3-1.fc33
polybar-3.5.7-1.fc33
python-dask-2021.9.1-1.fc33~bootstrap
python-flask-restx-0.2.0-4.fc33
python-iso3166-2.0.2-1.fc33
samba-4.13.12-0.fc33
wireguard-tools-1.0.20210914-1.fc33
wireshark-3.4.8-2.fc33
Details about builds:
================================================================================
charliecloud-0.25-1.fc33 (FEDORA-2021-440dc6ce92)
Lightweight user-defined software stacks for high-performance computing
--------------------------------------------------------------------------------
Update Information:
New version. Bundle working lark-parser.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 20 2021 Jordan Ogas <jogas(a)lanl.gov 0.25-1
- bundle python lark parser
- new version
--------------------------------------------------------------------------------
================================================================================
cppzmq-4.8.1-1.fc33 (FEDORA-2021-cb8a170fc9)
Header-only C++ binding for libzmq
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 22 2021 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> 4.8.1-1
- Update to latest version (#2005750)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2005750 - cppzmq-4.8.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2005750
--------------------------------------------------------------------------------
================================================================================
flatpak-1.10.3-1.fc33 (FEDORA-2021-b5e7522780)
Application deployment framework for desktop apps
--------------------------------------------------------------------------------
Update Information:
Update to 1.10.3
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 21 2021 Debarshi Ray <rishi(a)fedoraproject.org> - 1.10.3-1
- Update to 1.10.3
--------------------------------------------------------------------------------
================================================================================
flatpak-builder-1.0.14-1.fc33 (FEDORA-2021-70e594f5ef)
Tool to build flatpaks from source
--------------------------------------------------------------------------------
Update Information:
Update to 1.0.14
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 21 2021 Debarshi Ray <rishi(a)fedoraproject.org> - 1.0.14-1
- Update to 1.0.14
--------------------------------------------------------------------------------
================================================================================
libspf2-1.2.11-1.20210922git4915c308.fc33 (FEDORA-2021-044be3d54e)
An implementation of the SPF specification
--------------------------------------------------------------------------------
Update Information:
Update to latest in git.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 22 2021 Bojan Smojver <bojan(a)rexursive.com> -
1.2.11-1.20210922git4915c308
- Build latest upstream git HEAD
- CVE-2021-20314
* Thu Jul 22 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
1.2.10-30.20150405gitd57d79fd
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Fri May 21 2021 Jitka Plesnikova <jplesnik(a)redhat.com> -
1.2.10-29.20150405gitd57d79fd
- Perl 5.34 rebuild
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
1.2.10-28.20150405gitd57d79fd
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1993071 - CVE-2021-20314 libspf2: stack buffer overflow when processing SPF
explanation macros [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1993071
[ 2 ] Bug #1993072 - CVE-2021-20314 libspf2: stack buffer overflow when processing SPF
explanation macros [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1993072
--------------------------------------------------------------------------------
================================================================================
libssh-0.9.6-1.fc33 (FEDORA-2021-f2a020a065)
A library implementing the SSH protocol
--------------------------------------------------------------------------------
Update Information:
Rebase to libssh-0.9.6 Fix CVE-2021-3634
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 13 2021 Norbert Pocs <npocs(a)redhat.com> - 0.9.6-1
- Fix CVE-CVE-2021-3634 libssh: possible heap-based buffer
overflow when rekeying
- Resolves: rhbz#1994600
* Thu Jul 22 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.9.5-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.9.5-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1998135 - CVE-2021-3634 libssh: possible heap-based buffer overflow when
rekeying [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1998135
[ 2 ] Bug #1998163 - libssh-0.9.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1998163
--------------------------------------------------------------------------------
================================================================================
mozilla-ublock-origin-1.38.0-1.fc33 (FEDORA-2021-210b391666)
An efficient blocker for Firefox
--------------------------------------------------------------------------------
Update Information:
New cosmetic procedural operator, `:matches-path(...)`. See ["Add $path modifier
of Adguard or any equivalents of
this"](https://github.com/uBlockOrigin/uBlock-
issues/issues/1690). The setting *"Prevent WebRTC from leaking local IP
addresses"* has been removed since it is no longer necessary in modern browsers,
except for Firefox for Android where the issue is still present. Closed as
fixed, notable changes: * $removeparam doesn't work well with UrlEncoded gb2312
Chinese word * Scriptlets don't work randomly in Firefox * Security: comments
can be used to smuggle url() functions into css values * Prevent uBO from hiding
html or body when matched by a generic cosmetic filter * Add $path modifier of
Adguard or any equivalents of this * The overview panel will not show everything
if the uBO's icon is placed in the Firefox overflow menu * [patch by @vtriolet]
TypeError in noscript-spoof scriptlet with invalid meta refresh URL * TypeError
when trying to use element picker on plaintext resource * Split out core
functionality into separate module * Better lookup all elements under mouse
cursor in element picker * Add visual hint to grab area of element picker dialog
* Add no-xhr-if scriptlet * Refactor hntrie to avoid the need for boundary cells
* Fix bad test in WASM version of HNTrieContainer * Export the rule-based
filtering engines to the nodejs package * Rewrite logical expressions for ESLint
* [patch by @mjethani] Add Makefile * [patch by @mjethani] Make uAssets a
submodule * Ensure compiled sections are ordered in ascending id * Fix handling
of some procedural cosmetic filters with explicit `:scope`
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 21 2021 Dominik Mierzejewski <rpm(a)greysector.net> - 1.38.0-1
- update to 1.38.0 (#2005514)
- drop obsolete patch
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2005514 - mozilla-ublock-origin-1.38.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2005514
--------------------------------------------------------------------------------
================================================================================
php-nikic-php-parser4-4.13.0-1.fc33 (FEDORA-2021-b6519b02fe)
A PHP parser written in PHP - version 4
--------------------------------------------------------------------------------
Update Information:
**Version 4.13.0** (2021-09-20) Added * [PHP 8.1] Added support for
intersection types using a new `IntersectionType` node. Additionally a
`ComplexType` parent class for `NullableType`, `UnionType` and
`IntersectionType` has been added. * [PHP 8.1] Added support for explicit
octal literals. * [PHP 8.1] Added support for first-class callables. These are
represented using a call whose first argument is a `VariadicPlaceholder`. The
representation is intended to be forward-compatible with partial function
application, just like the PHP feature itself. Call nodes now extend from
`Expr\CallLike`, which provides an `isFirstClassCallable()` method to determine
whether a placeholder id present. `getArgs()` can be used to assert that the
call is not a first-class callable and returns `Arg[]` rather than
`array<Arg|VariadicPlaceholder>`. Fixed * Multiple modifiers for promoted
properties are now accepted. In particular this allows something like `public
readonly` for promoted properties. * Formatting-preserving pretty printing for
comments in array literals has been fixed.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 21 2021 Remi Collet <remi(a)remirepo.net> - 4.13.0-1
- update to 4.13.0
--------------------------------------------------------------------------------
================================================================================
php-phpunit-php-code-coverage9-9.2.7-1.fc33 (FEDORA-2021-d4faa303c9)
PHP code coverage information
--------------------------------------------------------------------------------
Update Information:
**Version 9.2.7** - 2021-09-17 Fixed *
[#860](https://github.com/sebastianbergmann/php-code-coverage/pull/860): Empty
value for `XDEBUG_MODE` environment variable is not handled correctly
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 21 2021 Remi Collet <remi(a)remirepo.net> - 9.2.7-1
- update to 9.2.7
- raise dependency on nikic/php-parser 4.12.0
--------------------------------------------------------------------------------
================================================================================
php-twig-1.44.5-1.fc33 (FEDORA-2021-3de7a5e1e2)
The flexible, fast, and secure template engine for PHP
--------------------------------------------------------------------------------
Update Information:
**Version 1.44.5** (2021-09-17) * Improve compatibility with PHP 8.1 *
Explicitly specify the encoding for mb_ord in JS escaper
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 22 2021 Remi Collet <remi(a)remirepo.net> - 1.44.5-1
- update to 1.44.5
- add patch for test suite from
https://github.com/twigphp/Twig/pull/3563
* Tue Jul 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.44.4-2
- Second attempt - Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
php-twig2-2.14.7-1.fc33 (FEDORA-2021-8e2a1b3011)
The flexible, fast, and secure template engine for PHP
--------------------------------------------------------------------------------
Update Information:
**Version 2.14.7** (2021-09-17) * Allow Symfony 6 * Improve compatibility with
PHP 8.1 * Explicitly specify the encoding for mb_ord in JS escaper
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 22 2021 Remi Collet <remi(a)remirepo.net> - 2.14.7-1
- update to 2.14.7
--------------------------------------------------------------------------------
================================================================================
php-twig3-3.3.3-1.fc33 (FEDORA-2021-86e7d4504e)
The flexible, fast, and secure template engine for PHP
--------------------------------------------------------------------------------
Update Information:
**Version 2.14.7** (2021-09-17) * Allow Symfony 6 * Improve compatibility with
PHP 8.1 * Explicitly specify the encoding for mb_ord in JS escaper
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 22 2021 Remi Collet <remi(a)remirepo.net> - 3.3.3-1
- update to 3.3.3
--------------------------------------------------------------------------------
================================================================================
polybar-3.5.7-1.fc33 (FEDORA-2021-e633938cfa)
Fast and easy-to-use status bar
--------------------------------------------------------------------------------
Update Information:
Update to 3.5.7
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 22 2021 Artem Polishchuk <ego.cordatus(a)gmail.com> - 3.5.7-1
- build(update): 3.5.7
--------------------------------------------------------------------------------
================================================================================
python-dask-2021.9.1-1.fc33~bootstrap (FEDORA-2021-99e3124daf)
Parallel PyData with Task Scheduling
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 22 2021 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> 2021.9.1-1
- Update to latest version (#2006577)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2006577 - python-dask-2021.9.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2006577
--------------------------------------------------------------------------------
================================================================================
python-flask-restx-0.2.0-4.fc33 (FEDORA-2021-67b7695f95)
Framework for fast, easy and documented API development with Flask
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2021-32838
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 22 2021 Jiri Popelka <jpopelka(a)redhat.com> - 0.2.0-4
- optimize email regex
- Fixes rhbz#2006119
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2006118 - CVE-2021-32838 python-flask-restx: Regular expression denial of
service in email_regex
https://bugzilla.redhat.com/show_bug.cgi?id=2006118
--------------------------------------------------------------------------------
================================================================================
python-iso3166-2.0.2-1.fc33 (FEDORA-2021-de6e1c2f56)
Self-contained ISO 3166-1 country definitions
--------------------------------------------------------------------------------
Update Information:
Type hint support ---- This update provides the latest release of the python-
iso3166 Python module.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 21 2021 Mohamed El Morabity <melmorabity(a)fedoraproject.org> - 2.0.2-1
- Update to 2.0.2
* Mon Sep 20 2021 Mohamed El Morabity <melmorabity(a)fedoraproject.org> - 2.0.1-1
- Update to 2.0.1
* Tue Oct 6 2020 Mohamed El Morabity <melmorabity(a)fedoraproject.org> - 1.0.1-5
- Add BuildRequires on python3-setuptools
- Spec cleanup
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2004396 - python-iso3166-2.0.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2004396
[ 2 ] Bug #2006151 - python-iso3166-2.0.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2006151
--------------------------------------------------------------------------------
================================================================================
samba-4.13.12-0.fc33 (FEDORA-2021-8b2257fc8f)
Server and Client software to interoperate with Windows machines
--------------------------------------------------------------------------------
Update Information:
Update to Samba 4.13.12
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 22 2021 Guenther Deschner <gdeschner(a)redhat.com> - 4.13.12-0
- Update to Samba 4.13.12
--------------------------------------------------------------------------------
================================================================================
wireguard-tools-1.0.20210914-1.fc33 (FEDORA-2021-80042b46d8)
Fast, modern, secure VPN tunnel
--------------------------------------------------------------------------------
Update Information:
Update to 1.0.20210914
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 21 2021 Joe Doss <joe(a)solidadmin.com> - 1.0.20210914-1
- contrib/launchd: fix xml syntax error
- wg-quick: darwin: account for "link#XX" gateways
- ipc: add wireguard-nt support
- ipc: cache windows lookups to avoid O(n^2) with nested lookups
- ipc: remove windows elevation
- ipc: windows: don't display disabled adapters
- ipc: windows: use devpkey instead of nci for name
- wg-quick: android: adjust for android 12
- wg-quick: openbsd: set DNS with resolvd(8)
* Fri Jul 23 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
1.0.20210424-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2003848 - wireguard-tools-1.0.20210914 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2003848
--------------------------------------------------------------------------------
================================================================================
wireshark-3.4.8-2.fc33 (FEDORA-2021-602fa6a595)
Network traffic analyzer
--------------------------------------------------------------------------------
Update Information:
Use system sysusers config to create groups
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 22 2021 Michal Ruprich <mruprich(a)redhat.com> - 1:3.4.8-2
- Use system sysusers config to create groups
--------------------------------------------------------------------------------