The following Fedora 29 Security updates need testing: Age URL 262 https://bodhi.fedoraproject.org/updates/FEDORA-2019-fa5843e0e1 asterisk-16.2.1-1.fc29 248 https://bodhi.fedoraproject.org/updates/FEDORA-2019-c84f291592 WALinuxAgent-2.2.38-1.fc29 243 https://bodhi.fedoraproject.org/updates/FEDORA-2019-7528388823 chicken-5.0.0-2.fc29 203 https://bodhi.fedoraproject.org/updates/FEDORA-2019-9839aded3f python-gnupg-0.4.4-1.fc29 199 https://bodhi.fedoraproject.org/updates/FEDORA-2019-35cb5a4785 kubernetes-1.13.5-1.fc29 137 https://bodhi.fedoraproject.org/updates/FEDORA-2019-32f7cd9b66 dosbox-0.74.3-2.fc29 8 https://bodhi.fedoraproject.org/updates/FEDORA-2019-bf8b97d604 koji-1.19.1-1.fc29 6 https://bodhi.fedoraproject.org/updates/FEDORA-2019-1a16af2158 thunderbird-68.2.2-1.fc29 5 https://bodhi.fedoraproject.org/updates/FEDORA-2019-6a931c8eec oniguruma-6.9.1-3.fc29 5 https://bodhi.fedoraproject.org/updates/FEDORA-2019-941d57ed72 thunderbird-enigmail-2.1.3-4.fc29 5 https://bodhi.fedoraproject.org/updates/FEDORA-2019-52445dce42 rubygem-rubyzip-1.1.7-10.fc29 3 https://bodhi.fedoraproject.org/updates/FEDORA-2019-6dd4da1ba5 chromium-78.0.3904.97-1.fc29 3 https://bodhi.fedoraproject.org/updates/FEDORA-2019-7debdd1807 ghostscript-9.27-2.fc29 2 https://bodhi.fedoraproject.org/updates/FEDORA-2019-c5628ced32 libidn2-2.3.0-1.fc29 2 https://bodhi.fedoraproject.org/updates/FEDORA-2019-28d3cd20c0 mingw-libidn2-2.3.0-1.fc29 The following Fedora 29 Critical Path updates have yet to be approved: Age URL 174 https://bodhi.fedoraproject.org/updates/FEDORA-2019-06a2d1c7fb anaconda-29.24.7-3.fc29 172 https://bodhi.fedoraproject.org/updates/FEDORA-2019-4cefd3161a nfs-utils-2.3.3-4.rc2.fc29 146 https://bodhi.fedoraproject.org/updates/FEDORA-2019-583d9d5a56 mutter-3.30.2-3.fc29 132 https://bodhi.fedoraproject.org/updates/FEDORA-2019-6f13c38d0d python-urllib3-1.24.3-2.fc29 129 https://bodhi.fedoraproject.org/updates/FEDORA-2019-62e681b68b ipset-7.2-1.fc29 24 https://bodhi.fedoraproject.org/updates/FEDORA-2019-3bdedf56fb sssd-2.2.2-3.fc29 8 https://bodhi.fedoraproject.org/updates/FEDORA-2019-bf8b97d604 koji-1.19.1-1.fc29 8 https://bodhi.fedoraproject.org/updates/FEDORA-2019-46ca6c1f90 libosinfo-1.2.0-9.fc29 8 https://bodhi.fedoraproject.org/updates/FEDORA-2019-5caa3975e6 osinfo-db-20191108-1.fc29 6 https://bodhi.fedoraproject.org/updates/FEDORA-2019-1a16af2158 thunderbird-68.2.2-1.fc29 6 https://bodhi.fedoraproject.org/updates/FEDORA-2019-3c974c4e2a satyr-0.29-2.fc29 5 https://bodhi.fedoraproject.org/updates/FEDORA-2019-8d7fa47fd5 python-pip-18.1-2.fc29 3 https://bodhi.fedoraproject.org/updates/FEDORA-2019-14dc54e0d6 firefox-70.0.1-4.fc29 2 https://bodhi.fedoraproject.org/updates/FEDORA-2019-c5628ced32 libidn2-2.3.0-1.fc29 The following builds have been pushed to Fedora 29 updates-testing libarchive-3.3.3-7.fc29 microcode_ctl-2.1-34.fc29 nordugrid-arc-nagios-plugins-2.0.0-1.fc29 pcre2-10.33-16.fc29 perl-DateTime-TimeZone-2.38-1.fc29 python-pycryptodomex-3.9.3-1.fc29 vdr-epg2vdr-1.1.101-2.fc29 whois-5.5.3-1.fc29 Details about builds: ================================================================================ libarchive-3.3.3-7.fc29 (FEDORA-2019-fd2a963f4b) A library for handling streaming archive formats -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2019-18408 RAR reader: fix use after free If read_data_compressed() returns ARCHIVE_FAILED, the caller is allowed to continue with next archive headers. We need to set rar->start_new_table after the ppmd7_context got freed, otherwise it won't be allocated again. -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 18 2019 Ondrej Dubaj <odubaj@xxxxxxxxxx> - 3.3.3-7 - fixed use after free in rar (#1769980) - fixed zstd test -------------------------------------------------------------------------------- References: [ 1 ] Bug #1769980 - CVE-2019-18408 libarchive: use-after-free in archive_read_format_rar_read_data in archive_read_support_format_rar.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1769980 -------------------------------------------------------------------------------- ================================================================================ microcode_ctl-2.1-34.fc29 (FEDORA-2019-a9b7178716) Tool to transform and deploy CPU microcode update for x86 -------------------------------------------------------------------------------- Update Information: Update to upstream 2.1-25. 20191115 -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 18 2019 Anton Arapov <aarapov@xxxxxxxxxx> 2:2.1-34 - Update to upstream 2.1-25. 20191115 -------------------------------------------------------------------------------- ================================================================================ nordugrid-arc-nagios-plugins-2.0.0-1.fc29 (FEDORA-2019-622dd87580) Nagios plugins for ARC -------------------------------------------------------------------------------- Update Information: * ARC nagios plugins 2.0.0 -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 18 2019 Mattias Ellert <mattias.ellert@xxxxxxxxxxxxx> - 2.0.0-1 - Version 2.0.0 * Thu Oct 3 2019 Mattias Ellert <mattias.ellert@xxxxxxxxxxxxx> - 2.0.0~rc2-1 - Version 2.0.0 rc2 - This version uses python 3 * Thu Jul 25 2019 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.9.1-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Tue Mar 12 2019 Mattias Ellert <mattias.ellert@xxxxxxxxxxxxx> - 1.9.1-9 - Update sphinx BR * Fri Feb 1 2019 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.9.1-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Thu Nov 22 2018 Mattias Ellert <mattias.ellert@xxxxxxxxxxxxx> - 1.9.1-7 - Fix python shebangs -------------------------------------------------------------------------------- ================================================================================ pcre2-10.33-16.fc29 (FEDORA-2019-f0e074754a) Perl-compatible regular expression library -------------------------------------------------------------------------------- Update Information: This release fixes an mismatch if the first character in a caseless pattern was in an assertion, was non-ASCII, its other case started with a different code unit and optimizations were enabled. -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 18 2019 Petr Pisar <ppisar@xxxxxxxxxx> - 10.33-16 - Fix optimized caseless matching of non-ASCII characters in assertions (upstream bug #2466) -------------------------------------------------------------------------------- ================================================================================ perl-DateTime-TimeZone-2.38-1.fc29 (FEDORA-2019-fe25c0f06c) Time zone object base class and factory -------------------------------------------------------------------------------- Update Information: Updated to the latest version. -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 18 2019 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 2.38-1 - 2.38 bump -------------------------------------------------------------------------------- References: [ 1 ] Bug #1773104 - perl-DateTime-TimeZone-2.38 is available https://bugzilla.redhat.com/show_bug.cgi?id=1773104 -------------------------------------------------------------------------------- ================================================================================ python-pycryptodomex-3.9.3-1.fc29 (FEDORA-2019-66a29699d9) A self-contained cryptographic library for Python -------------------------------------------------------------------------------- Update Information: #3.9.3 (12 November 2019) Resolved issues --------------- * GH#308: Align stack of functions using SSE2 intrinsics to avoid crashes, when compiled with gcc on 32-bit x86 platforms. #3.9.2 (10 November 2019) New features ------------ * Add Python 3.8 wheels for Mac. Resolved issues --------------- * GH#308: Avoid allocating arrays of ``__m128i`` on the stack, to cope with buggy compilers. * GH#322: Remove blanket ``-O3`` optimization for gcc and clang, to cope with buggy compilers. * GH#337: Fix typing stubs for signatures. * GH#338: Deal with gcc installations that don't have ``x86intrin.h``. #3.9.1 (1 November 2019) New features ------------ * Add Python 3.8 wheels for Linux and Windows. Resolved issues --------------- * GH#328: minor speed-up when importing RSA. -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 15 2019 Mohamed El Morabity <melmorabity@xxxxxxxxxxxxxxxxx> - 3.9.3-1 - Update to 3.9.3 * Fri Nov 15 2019 Mohamed El Morabity <melmorabity@xxxxxxxxxxxxxxxxx> - 3.9.2-1 - Update to 3.9.2 - Spec cleanup -------------------------------------------------------------------------------- References: [ 1 ] Bug #1768052 - python-pycryptodomex-3.9.3x is available https://bugzilla.redhat.com/show_bug.cgi?id=1768052 -------------------------------------------------------------------------------- ================================================================================ vdr-epg2vdr-1.1.101-2.fc29 (FEDORA-2019-f17f2c877d) A plugin to retrieve EPG data from a mysql database into VDR -------------------------------------------------------------------------------- Update Information: - Add %%{name}-py38.patch -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 18 2019 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 1.1.101-2 - Add %{name}-py38.patch -------------------------------------------------------------------------------- ================================================================================ whois-5.5.3-1.fc29 (FEDORA-2019-073e8e9932) Improved WHOIS client -------------------------------------------------------------------------------- Update Information: This release adds a record for a new 2630:0000::/12 network and for a new cpa. TLD. It also updates a record for xxx. TLD. -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 18 2019 Petr Pisar <ppisar@xxxxxxxxxx> - 5.5.3-1 - 5.5.3 bump -------------------------------------------------------------------------------- References: [ 1 ] Bug #1773405 - whois-5.5.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1773405 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/test@xxxxxxxxxxxxxxxxxxxxxxx