The following Fedora 31 Security updates need testing: Age URL 23 https://bodhi.fedoraproject.org/updates/FEDORA-2020-c5ec22e14f libuv-1.39.0-1.fc31 nodejs-12.18.4-1.fc31 6 https://bodhi.fedoraproject.org/updates/FEDORA-2020-07c5770aa1 thunderbird-78.3.1-1.fc31 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-90e2b01f4a claws-mail-3.17.7-1.fc31 2 https://bodhi.fedoraproject.org/updates/FEDORA-2020-2f5879aeb6 kata-proxy-1.11.1-1.fc31.1 2 https://bodhi.fedoraproject.org/updates/FEDORA-2020-bc9a739f0c brotli-1.0.9-3.fc31 2 https://bodhi.fedoraproject.org/updates/FEDORA-2020-1b390bec14 wireshark-3.2.7-1.fc31 2 https://bodhi.fedoraproject.org/updates/FEDORA-2020-7a0b6071a4 kata-runtime-1.11.1-3.fc31 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-c33083813d kata-agent-1.11.1-1.fc31.1 The following Fedora 31 Critical Path updates have yet to be approved: Age URL 135 https://bodhi.fedoraproject.org/updates/FEDORA-2020-03e14f6120 dracut-050-61.git20200529.fc31 61 https://bodhi.fedoraproject.org/updates/FEDORA-2020-72bc7df001 libunwind-1.3.1-7.fc31 13 https://bodhi.fedoraproject.org/updates/FEDORA-2020-87fbd4bb9b glusterfs-7.8-1.fc31 10 https://bodhi.fedoraproject.org/updates/FEDORA-2020-aef226a2fb python-rpm-macros-3-59.fc31 6 https://bodhi.fedoraproject.org/updates/FEDORA-2020-9c331324e6 hwdata-0.340-1.fc31 6 https://bodhi.fedoraproject.org/updates/FEDORA-2020-07c5770aa1 thunderbird-78.3.1-1.fc31 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-421372e1e5 jasper-2.0.22-1.fc31 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-1eadf02f8d samba-4.11.14-0.fc31 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-e35fa0cfb3 kernel-5.8.14-100.fc31 The following builds have been pushed to Fedora 31 updates-testing ddnet-15.1.1-1.fc31 gimp-2.10.22-2.fc31 oval-graph-1.2.2-1.fc31 perftest-4.4-7.fc31 php-phpmailer6-6.1.8-1.fc31 php-phpmyadmin-twig-i18n-extension-3.0.0-1.fc31 phpMyAdmin-5.0.3-1.fc31 python-flask-compress-1.7.0-1.fc31 Details about builds: ================================================================================ ddnet-15.1.1-1.fc31 (FEDORA-2020-3fc1966f82) DDraceNetwork, a cooperative racing mod of Teeworlds -------------------------------------------------------------------------------- Update Information: Update to version 15.1.1. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 11 2020 ElXreno <elxreno@xxxxxxxxx> - 15.1.1-1 - Update to version 15.1.1 -------------------------------------------------------------------------------- ================================================================================ gimp-2.10.22-2.fc31 (FEDORA-2020-446da1ba79) GNU Image Manipulation Program -------------------------------------------------------------------------------- Update Information: Avoid runtime dependency on lcms2-devel ---- This is an upstream bugfix and enhancement update. For details, refer to the [release notes](https://www.gimp.org/news/2020/10/07/gimp-2-10-22-released/). -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 11 2020 Kalev Lember <klember@xxxxxxxxxx> - 2:2.10.22-2 - Require lcms2 instead of lcms2-devel (#1886811) * Thu Oct 8 2020 Nils Philippsen <nils@xxxxxxxxx> - 2:2.10.22-1 - version 2.10.22 * Sat Aug 1 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2:2.10.20-2.3 - Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Mon Jul 27 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2:2.10.20-2.2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Mon Jul 13 2020 Tom Stellard <tstellar@xxxxxxxxxx> - 2:2.10.20-2.1 - Use make macros - https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro * Wed Jun 24 2020 Josef Ridky <jridky@xxxxxxxxxx> - 2:2.10.20-2 - fix issue with liblcms2 in rawhide (#1850141) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1886811 - gimp-2.10.22-1.fc32.x86_64 pulls lcms2-devel https://bugzilla.redhat.com/show_bug.cgi?id=1886811 -------------------------------------------------------------------------------- ================================================================================ oval-graph-1.2.2-1.fc31 (FEDORA-2020-453a389e04) Tool for visualization of SCAP rule evaluation results -------------------------------------------------------------------------------- Update Information: new upstream release: 1.2.2 -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 12 2020 Packit Service <user-cont-team+packit-service@xxxxxxxxxx> - 1.2.2-1 - new upstream release: 1.2.2 -------------------------------------------------------------------------------- ================================================================================ perftest-4.4-7.fc31 (FEDORA-2020-190726c48a) IB Performance Tests -------------------------------------------------------------------------------- Update Information: Update to latest upstream release perftest-4.4-0.32 -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 11 2020 Honggang Li <honli@xxxxxxxxxx> - 4.4-7 - Rebase to upstream release perftest-4.4-0.32 * Fri Sep 18 2020 Honggang Li <honli@xxxxxxxxxx> - 4.4-6 - Build perftest for s390x * Tue Jul 28 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 4.4-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Tue Jul 14 2020 Tom Stellard <tstellar@xxxxxxxxxx> - 4.4-4 - Use make macros - https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro -------------------------------------------------------------------------------- ================================================================================ php-phpmailer6-6.1.8-1.fc31 (FEDORA-2020-c3a88beb13) Full-featured email creation and transfer class for PHP -------------------------------------------------------------------------------- Update Information: **Version 6.1.8** * Mark ext-hash as required in composer.json. This has long been required, but now it will cause an error at install time rather than runtime, making it easier to diagnose * Make file upload examples safer * Update links to SMTP testing servers * Avoid errors when set_time_limit is disabled (you need better hosting!) * Allow overriding auth settings for local tests; makes it easy to run tests using HELO * Recover gracefully from errors during keepalive sessions * Add AVIF MIME type mapping * Prevent duplicate To headers in BCC-only messages when using mail() * Avoid file function problems when attaching files from Windows UNC paths * Improve German, Bahasa Indonesian, Filipino translations * Add Javascript-based example * Increased test coverage -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 10 2020 Remi Collet <remi@xxxxxxxxxxxx> - 6.1.8-1 - update to 6.1.8 -------------------------------------------------------------------------------- ================================================================================ php-phpmyadmin-twig-i18n-extension-3.0.0-1.fc31 (FEDORA-2020-8d22e8693f) Internationalization support for Twig via the gettext library -------------------------------------------------------------------------------- Update Information: **Version 3.0.0** - 2020-06-14 * Add a .gitattributes file * Support Twig 3 * Remove extra field from composer.json * Add support field in composer.json * Require php >= 7.1 * Setup and apply phpmyadmin/coding-standard * Apply changes for php 8.0 compatibility (https://github.com/twigphp/Twig/issues/3327) -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 9 2020 Remi Collet <remi@xxxxxxxxxxxx> - 3.0.0-1 - update to 3.0.0 - raise dependency on PHP 7.1 - raise dependency on twig v2 and allow v3 - switch to phpunit9 -------------------------------------------------------------------------------- ================================================================================ phpMyAdmin-5.0.3-1.fc31 (FEDORA-2020-eadda524a8) A web interface for MySQL and MariaDB -------------------------------------------------------------------------------- Update Information: **Version 5.0.3** (2020-10-09) - issue #15983 Require twig ^2.9 - issue Fix option to import files locally appearing as not available - issue #16048 Fix to allow NULL as a default bit value - issue #16062 Fix "htmlspecialchars() expects parameter 1 to be string, null given" on Export xml - issue #16078 Fix no charts in monitor when using a decimal separator "," - issue #16041 Fix IN(...) clause doesn't permit multiple values on "Search" page - issue #14411 Support double tap to edit on mobile - issue #16043 Fix php error "Use of undefined constant MYSQLI_TYPE_JSON" when using the mysqlnd extension - issue #14611 Fix fatal JS error on index creation after using Enter key to submit the form - issue #16012 Set "axis-order" to swap lon and lat on MySQL >= 8.1 - issue #16104 Fixed overwriting a bookmarked query causes a PHP fatal error - issue Fix typo in a condition in the Sql class - issue #15996 Fix local setup doc links pointing to a wrong location - issue #16093 Fix error importing utf-8 with bom sql file - issue #16089 2FA UX enhancement: autofocus 2FA input - issue #16127 Fix table column description PHP error when ['DisableIS'] = true; - issue #16130 Fix local documentation links display when a PHP extension is missing - issue Fix some twig code deprecations for php 8 - issue Fix ENUM and SET display when editing procedures and functions - issue Keep full query state on "auto refresh" process list - issue Keep columns order on "auto refresh" process list - issue Fixed editing a failed query from the error message - issue #16166 Fix the alter user privileges query to make it MySQL 8.0.11+ compatible - issue Fix copy table to another database when the nbr of DBs is > $cfg['MaxDbList'] - issue #16157 Fix relations of tables having spaces or special chars not showing in the Designer - issue #16052 Fix a very rare JS error occuring on mousemove event - issue #16162 Make a foreign key link clickable in a new tab after the value was saved and replaced - issue #16163 Fixed a PHP notice "Undefined index: column_info" on views - issue #14478 Fix the data stream when exporting data in file mode - issue #16184 Fix templates/ directory not found error - issue #16184 Remove chdir logic to fix PHP fatal error "Uncaught TypeError: chdir()" - issue Support for Twig 3 - issue Allow phpmyadmin/twig-i18n-extension ^3.0 - issue #16201 Trim spaces for integer values in table search - issue #16076 Fixed cannot edit or export TIMESTAMP column with default CURRENT_TIMESTAMP in MySQL >= 8.0.13 - issue #16226 Fix error 500 after copying a table - issue #16222 Fixed can't use the search page when the table name has special characters - issue #16248 Fix zoom search is not performing input validation on INT columns - issue #16248 Fix javascript error when typing in INT fields on zoom search page - issue Fix type errors when using saved searches - issue #16261 Fix missing headings on modals of "User Accounts -> Export" - issue #16146 Fixed sorting did not keep the selector of number of rows - issue #16194 Fixed SQL query does not appear in case of editing view where definer is not you on MySQL 8 - issue #16255 Fix tinyint(1) shown as INT on Search page - issue #16256 Fix "Warning: error_reporting() has been disabled for security reasons" on php 7.x - issue #15367 Fix "Change or reconfigure primary server" link - issue #15367 Fix first replica links, start, stop, ignore links - issue #16058 Add "PMA_single_signon_HMAC_secret" for signon auths to make special links work and udate examples - issue #16269 Support ReCaptcha v2 checkbox width "$cfg['CaptchaMethod'] = 'checkbox';" - issue #14644 Use Doctum instead of Sami - issue #16086 Fix "Browse" headings shift when scrolling - issue #15328 Fix no message after import of zipped shapefile without php-zip - issue #14326 Fix PHP error when exporting without php-zip - issue #16318 Fix Profiling doesn't sum the number of calls - issue #16319 Fixed a Russian translation mistake on search results total text - issue #15634 Only use session_set_cookie_params once on PHP >= 7.3.0 versions for single signon auth - issue #14698 Fixed database named as 'New' (language variable) causes PHP fatal error - issue #16355 Make textareas both sides resizable - issue #16366 Fix column definition form not showing default value - issue #16342 Fixed multi-table query (db_multi_table_query.php) alias show the same alias for all columns - issue #15109 Fixed using ST_GeomFromText + GUI on insert throws an error - issue #16325 Fixed editing Geometry data throws error on using the GUI - issue [security] Fix XSS vulnerability with the transformation feature (**PMASA-2020-5, CVE-2020-26934**) - issue [security] Fix SQL injection vulnerability with search feature (**PMASA-2020-6, CVE-2020-26935**) -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 10 2020 Remi Collet <remi@xxxxxxxxxxxx> - 5.0.3-1 - update to 5.0.3 (2020-10-10, security release) - raise dependency on twig 2.9 and allow v3 - allow phpmyadmin/twig-i18n-extension v3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1887249 - CVE-2020-26934 phpmyadmin: XSS relating to the transformation feature https://bugzilla.redhat.com/show_bug.cgi?id=1887249 [ 2 ] Bug #1887253 - CVE-2020-26935 phpmyadmin: SQL injection vulnerability in SearchController https://bugzilla.redhat.com/show_bug.cgi?id=1887253 -------------------------------------------------------------------------------- ================================================================================ python-flask-compress-1.7.0-1.fc31 (FEDORA-2020-5926c3caa1) Compress responses in your Flask app with gzip or brotli -------------------------------------------------------------------------------- Update Information: Update to 1.7.0 -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 11 2020 Rafael Fontenelle <rafaelff@xxxxxxxxx> - 1.7.0-1 - Update to 1.7.0 * Wed Jul 29 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.5.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/test@xxxxxxxxxxxxxxxxxxxxxxx
