The following Fedora 31 Security updates need testing: Age URL 5 https://bodhi.fedoraproject.org/updates/FEDORA-2020-b1fa09aa64 oddjob-0.34.6-1.fc31 5 https://bodhi.fedoraproject.org/updates/FEDORA-2020-7016bb7a0d abcm2ps-8.14.7-2.fc31 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-8838d072d5 php-7.3.18-1.fc31 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-29b442f83e dnsmasq-2.80-15.fc31 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-a95706b117 ruby-2.6.6-125.fc31 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-b0acd7b66e clamav-0.102.3-1.fc31 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-7eb7eac270 json-c-0.13.1-12.fc31 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-2af15c566e openconnect-8.10-1.fc31 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-c6b9fff7f8 kernel-5.6.13-200.fc31 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-847775bf79 log4net-2.0.8-10.fc31 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-93d7305d71 exim-4.93-8.fc31 2 https://bodhi.fedoraproject.org/updates/FEDORA-2020-ab379d4b90 python-markdown2-2.3.9-1.fc31 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-4d87a62071 netdata-1.22.1-3.fc31 The following Fedora 31 Critical Path updates have yet to be approved: Age URL 46 https://bodhi.fedoraproject.org/updates/FEDORA-2020-d1092ecf15 man-pages-de-1.22-9.fc31 perl-Compress-Raw-Lzma-2.087-2.fc31 xz-5.2.5-1.fc31 33 https://bodhi.fedoraproject.org/updates/FEDORA-2020-5603c3bae4 nfs-utils-2.4.3-1.rc2.fc31 14 https://bodhi.fedoraproject.org/updates/FEDORA-2020-5d03b4051b hwdata-0.335-1.fc31 14 https://bodhi.fedoraproject.org/updates/FEDORA-2020-45539683d7 perl-Encode-3.06-444.fc31 14 https://bodhi.fedoraproject.org/updates/FEDORA-2020-2266ef5b09 libappindicator-12.10.0-29.fc31 13 https://bodhi.fedoraproject.org/updates/FEDORA-2020-1dc20051d1 pcmanfm-1.3.1-5.D20200322gitbe8c60d5.fc31 11 https://bodhi.fedoraproject.org/updates/FEDORA-2020-3b98c600ec samba-4.11.9-0.fc31 5 https://bodhi.fedoraproject.org/updates/FEDORA-2020-d975e4007e PackageKit-1.1.12-15.fc31 5 https://bodhi.fedoraproject.org/updates/FEDORA-2020-88c0d67455 ethtool-5.6-1.fc31 5 https://bodhi.fedoraproject.org/updates/FEDORA-2020-cb6151044a grub2-2.02-109.fc31 5 https://bodhi.fedoraproject.org/updates/FEDORA-2020-e13b2bb631 dash-0.5.10.2-5.fc31 5 https://bodhi.fedoraproject.org/updates/FEDORA-2020-9a959e761f boost-1.69.0-12.fc31 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-56b26af5c2 abrt-2.14.2-1.fc31 abrt-java-connector-1.1.5-1.fc31 gnome-abrt-1.3.2-1.fc31 libreport-2.13.1-3.fc31 reportd-0.7.4-1.fc31 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-7eb7eac270 json-c-0.13.1-12.fc31 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-f1ab76ceb2 vim-8.2.752-1.fc31 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-0a343674dc firewalld-0.7.4-2.fc31 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-cdd04c84cd pcre2-10.35-1.fc31 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-29b442f83e dnsmasq-2.80-15.fc31 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-c6b9fff7f8 kernel-5.6.13-200.fc31 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-620f86784a osinfo-db-20200515-1.fc31 The following builds have been pushed to Fedora 31 updates-testing bindfs-1.14.7-1.fc31 cascadia-code-fonts-2005.15-1.fc31 cpu-x-4.0.0-1.fc31 fira-code-fonts-4-1.fc31 ghostscript-9.27-5.fc31 glusterfs-7.6-1.fc31 libEMF-1.0.12-1.fc31 libuv-1.38.0-2.fc31 onedrive-2.4.0-1.fc31 perl-Metrics-Any-0.05-1.fc31 perl-PkgConfig-LibPkgConf-0.11-1.fc31 phd2-2.6.8-1.fc31 python-rasterio-1.1.4-1.fc31 rpki-client-6.7p0-1.fc31 rpminspect-data-fedora-0.10-1.fc31 sakura-3.7.1-1.fc31 transmission-2.94-9.fc31 vile-9.8u-1.fc31 xeus-0.23.14-1.fc31 Details about builds: ================================================================================ bindfs-1.14.7-1.fc31 (FEDORA-2020-d813c44770) Fuse filesystem to mirror a directory -------------------------------------------------------------------------------- Update Information: - Update to 1.14.7 fixes rhbz#1833820 -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2020 Filipe Rosset <rosset.filipe@xxxxxxxxx> - 1.14.7-1 - Update to 1.14.7 fixes rhbz#1833820 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1833820 - bindfs-1.14.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1833820 -------------------------------------------------------------------------------- ================================================================================ cascadia-code-fonts-2005.15-1.fc31 (FEDORA-2020-8b888ea9b8) A monospaced font designed for programming and terminal emulation -------------------------------------------------------------------------------- Update Information: Update to 2005.15. Switch to OTF files (from TTF files). -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2020 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 2005.15-1 - update to 2005.15 - switch to otf files * Tue Jan 28 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1911.21-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1836685 - cascadia-code-fonts-2005.15 is available https://bugzilla.redhat.com/show_bug.cgi?id=1836685 -------------------------------------------------------------------------------- ================================================================================ cpu-x-4.0.0-1.fc31 (FEDORA-2020-eb0fa1e466) Gathers information on CPU, motherboard and more -------------------------------------------------------------------------------- Update Information: Update to latest version -------------------------------------------------------------------------------- ChangeLog: * Sun May 17 2020 Artem Polishchuk <ego.cordatus@xxxxxxxxx> - 4.0.0-1 - Update to 4.0.0 -------------------------------------------------------------------------------- ================================================================================ fira-code-fonts-4-1.fc31 (FEDORA-2020-b915cd4bc7) Monospaced font with programming ligatures -------------------------------------------------------------------------------- Update Information: Update to 4 -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2020 Michael Kuhn <suraia@xxxxxxxxxxxxxxxxx> - 4-1 - Update to 4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1837098 - fira-code-fonts-4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1837098 -------------------------------------------------------------------------------- ================================================================================ ghostscript-9.27-5.fc31 (FEDORA-2020-3fa2780e1e) Interpreter for PostScript language & PDF -------------------------------------------------------------------------------- Update Information: Require the exact jbig2dec-devel version See https://bugzilla.redhat.com/show_bug.cgi?id=1818706#c5 for more info -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2020 Anna Khaitovich <akhaitov@xxxxxxxxxx> - 9.27-5 - Require the exact jbig2dec-devel version -------------------------------------------------------------------------------- ================================================================================ glusterfs-7.6-1.fc31 (FEDORA-2020-8487deed3f) Distributed File System -------------------------------------------------------------------------------- Update Information: glusterfs 7.6 GA -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2020 Kaleb S. KEITHLEY <kkeithle[at]redhat.com> - 7.6-1 - 7.6 GA -------------------------------------------------------------------------------- ================================================================================ libEMF-1.0.12-1.fc31 (FEDORA-2020-c696d8604b) A library for generating Enhanced Metafiles -------------------------------------------------------------------------------- Update Information: Latest upstream release fixing security issues. -------------------------------------------------------------------------------- ChangeLog: * Fri May 1 2020 Dominik 'Rathann' Mierzejewski <rpm@xxxxxxxxxxxxxx> 1.0.12-1 - update to 1.0.12 (#1827949) - drop obsolete patch * Wed Jan 29 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.0.9-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1835793 - CVE-2020-11866 libEMF: allows a use-after-free https://bugzilla.redhat.com/show_bug.cgi?id=1835793 [ 2 ] Bug #1835797 - CVE-2020-11863 libEMF: allows denial of service (issue 1 of 2) https://bugzilla.redhat.com/show_bug.cgi?id=1835797 [ 3 ] Bug #1835802 - CVE-2020-11864 libEMF: allows denial of service (issue 2 of 2) https://bugzilla.redhat.com/show_bug.cgi?id=1835802 [ 4 ] Bug #1835806 - CVE-2020-11865 libEMF: allows out-of-bounds memory access https://bugzilla.redhat.com/show_bug.cgi?id=1835806 -------------------------------------------------------------------------------- ================================================================================ libuv-1.38.0-2.fc31 (FEDORA-2020-4e7babed9d) Platform layer for node.js -------------------------------------------------------------------------------- Update Information: Update to 1.38.0 -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2020 Stephen Gallagher <sgallagh@xxxxxxxxxx> - 1.38.0-2 - Fix up gating tests * Mon May 18 2020 Stephen Gallagher <sgallagh@xxxxxxxxxx> - 1.38.0-1 - Update to 1.38.0 - https://github.com/libuv/libuv/blob/v1.38.0/ChangeLog -------------------------------------------------------------------------------- References: [ 1 ] Bug #1836696 - libuv-1.38.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1836696 -------------------------------------------------------------------------------- ================================================================================ onedrive-2.4.0-1.fc31 (FEDORA-2020-b45e2ad2cc) OneDrive Free Client written in D -------------------------------------------------------------------------------- Update Information: Update to 2.4.0 to fix a bunch of issues -------------------------------------------------------------------------------- ChangeLog: * Sun Apr 19 2020 Alan Pevec <alan.pevec@xxxxxxxxxx> 2.4.0-1 - Update to 2.4.0 * Mon Feb 10 2020 Kalev Lember <klember@xxxxxxxxxx> - 2.3.12-3 - Rebuilt for ldc 1.20 * Wed Jan 29 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.3.12-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ perl-Metrics-Any-0.05-1.fc31 (FEDORA-2020-ada2a9bc50) Abstract collection of monitoring metrics -------------------------------------------------------------------------------- Update Information: This package provides the Perl module Metrics::Any, a central location for modules to report monitoring metrics, such as counters of the number of times interesting events have happened, and programs to collect up and send those metrics to monitoring services. -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- ================================================================================ perl-PkgConfig-LibPkgConf-0.11-1.fc31 (FEDORA-2020-fb4f473b3f) Interface to pkg-config files via libpkgconf -------------------------------------------------------------------------------- Update Information: This release fixes a pkg-config version comparison on aarch64 platform. -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2020 Petr Pisar <ppisar@xxxxxxxxxx> - 0.11-1 - 0.11 bump -------------------------------------------------------------------------------- References: [ 1 ] Bug #1836456 - perl-PkgConfig-LibPkgConf-0.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=1836456 -------------------------------------------------------------------------------- ================================================================================ phd2-2.6.8-1.fc31 (FEDORA-2020-c73d8fbfe3) Telescope guiding software -------------------------------------------------------------------------------- Update Information: Update to 2.6.8 -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2020 Mattia Verga <mattia.verga@xxxxxxxxxxxxxx> - 2.6.8-1 - Upgrade to 2.6.8 -------------------------------------------------------------------------------- ================================================================================ python-rasterio-1.1.4-1.fc31 (FEDORA-2020-583507eb5b) Fast and direct raster I/O for use with Numpy and SciPy -------------------------------------------------------------------------------- Update Information: Update to latest version -------------------------------------------------------------------------------- ChangeLog: * Sun May 10 2020 Elliott Sales de Andrade <quantum.analyst@xxxxxxxxx> - 1.1.4-1 - Update to latest version * Tue Mar 3 2020 Sandro Mani <manisandro@xxxxxxxxx> - 1.1.3-2 - Rebuild (gdal) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1833014 - python-rasterio-1.1.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1833014 -------------------------------------------------------------------------------- ================================================================================ rpki-client-6.7p0-1.fc31 (FEDORA-2020-bbee0eeb9f) RPKI client implementation -------------------------------------------------------------------------------- Update Information: rpki-client 6.7p0 ================= * Document the suggested interval for running rpki-client in man page. * Always initialize cachedir and outputdir. * Print statistics as comments at the top of the output files which can take comments, including the date and time when the files were produced, and runtime statistics when producing them. * Improve log messages to clarify what's happening. * Fix a bug where rpki-client would not properly wait for exiting rsync processes, causing rpki-client to hang. -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2020 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 6.7p0-1 - Upgrade to 6.7p0 * Sun Apr 19 2020 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 6.6p2-1 - Upgrade to 6.6p2 * Tue Apr 14 2020 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 6.6p1-1 - Upgrade to 6.6p1 -------------------------------------------------------------------------------- ================================================================================ rpminspect-data-fedora-0.10-1.fc31 (FEDORA-2020-fee18701ef) Build deviation compliance tool data files -------------------------------------------------------------------------------- Update Information: Add F32 to stat-whitelist, fix version names -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2020 David Cantrell <dcantrell@xxxxxxxxxx> - 0.10-1 - Add F32 to stat-whitelist, fix version names - Add F33 with Java 11 default bytecode version - Add [lto] section to rpminspect.conf with lto_symbol_name_prefixes * Tue Dec 17 2019 David Cantrell <dcantrel@xxxxxxxxxx> - 0.7-1 - Add commented out [products] section to rpminspect.conf - Update product regexps so they being with '.' - Add [annocheck] section to rpminspect.conf - Update build files and helper scripts - Include generated changelog file. -------------------------------------------------------------------------------- ================================================================================ sakura-3.7.1-1.fc31 (FEDORA-2020-49d99716eb) Terminal emulator based on GTK and VTE -------------------------------------------------------------------------------- Update Information: - Update to 3.7.1 fixes rhbz#1832482 -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2020 Filipe Rosset <rosset.filipe@xxxxxxxxx> - 3.7.1-1 - Update to 3.7.1 fixes rhbz#1832482 * Thu Jan 30 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.7.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1832482 - sakura-3.7.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1832482 -------------------------------------------------------------------------------- ================================================================================ transmission-2.94-9.fc31 (FEDORA-2020-3ef028d53f) A lightweight GTK+ BitTorrent client -------------------------------------------------------------------------------- Update Information: Backported patch for CVE-2018-10756. -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2020 Gwyn Ciesla <gwync@xxxxxxxxxxxxxx> - 2.94-9 - Backported patch for CVE-2018-10756 * Fri Jan 31 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.94-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1836918 - CVE-2018-10756 transmission: use-after-free in libtransmission/variant.c allows remote attackers to cause a DoS [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1836918 -------------------------------------------------------------------------------- ================================================================================ vile-9.8u-1.fc31 (FEDORA-2020-ba4980c48d) VI Like Emacs -------------------------------------------------------------------------------- Update Information: Update to 9.8u -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2020 Mark McKinstry <mmckinst@xxxxxxxxxxxxxxxxx> - 9.8u-1 - Update to 9.8u (RHBZ#1836721) * Fri Jan 31 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 9.8t-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1836721 - vile-9.8u is available https://bugzilla.redhat.com/show_bug.cgi?id=1836721 -------------------------------------------------------------------------------- ================================================================================ xeus-0.23.14-1.fc31 (FEDORA-2020-e08ef2aa6e) C++ implementation of the Jupyter kernel protocol -------------------------------------------------------------------------------- Update Information: Update to latest version -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2020 Elliott Sales de Andrade <quantum.analyst@xxxxxxxxx> - 0.23.14-1 - Update to latest version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1818426 - xeus-0.23.13 is available https://bugzilla.redhat.com/show_bug.cgi?id=1818426 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/test@xxxxxxxxxxxxxxxxxxxxxxx
