The following Fedora 31 Security updates need testing: Age URL 42 https://bodhi.fedoraproject.org/updates/FEDORA-2020-c5ec22e14f libuv-1.39.0-1.fc31 nodejs-12.18.4-1.fc31 7 https://bodhi.fedoraproject.org/updates/FEDORA-2020-6b35849edd freetype-2.10.0-4.fc31 5 https://bodhi.fedoraproject.org/updates/FEDORA-2020-01dc2bc62c fastd-21-1.fc31 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-15a1bde727 kata-ksm-throttler-1.11.1-1.fc31.1 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-61fcf3ffc7 kata-osbuilder-1.11.1-1.fc31.1 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-193da8cf44 arpwatch-2.1a15-48.fc31 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-1af9cd8c87 kata-shim-1.11.1-1.fc31.1 2 https://bodhi.fedoraproject.org/updates/FEDORA-2020-d1ce381889 pngcheck-2.3.0-3.fc31 2 https://bodhi.fedoraproject.org/updates/FEDORA-2020-8aca25b5c8 chromium-86.0.4240.111-1.fc31 2 https://bodhi.fedoraproject.org/updates/FEDORA-2020-53df1c05be community-mysql-8.0.22-1.fc31 2 https://bodhi.fedoraproject.org/updates/FEDORA-2020-e083225fa1 blueman-2.1.4-1.fc31 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-42b44971a1 xen-4.12.3-7.fc31 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-09e4d062fe kernel-5.8.17-100.fc31 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-1da8aa9dd3 thunderbird-78.4.0-1.fc31 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-b0ea9e2d33 mariadb-10.3.25-1.fc31 The following Fedora 31 Critical Path updates have yet to be approved: Age URL 80 https://bodhi.fedoraproject.org/updates/FEDORA-2020-72bc7df001 libunwind-1.3.1-7.fc31 13 https://bodhi.fedoraproject.org/updates/FEDORA-2020-9bb2c6d5af ethtool-5.9-1.fc31 9 https://bodhi.fedoraproject.org/updates/FEDORA-2020-d979670533 pcre-8.44-2.fc31 9 https://bodhi.fedoraproject.org/updates/FEDORA-2020-595197a38d ceph-14.2.12-1.fc31 7 https://bodhi.fedoraproject.org/updates/FEDORA-2020-747b6fb156 linux-firmware-20201022-113.fc31 7 https://bodhi.fedoraproject.org/updates/FEDORA-2020-6b35849edd freetype-2.10.0-4.fc31 7 https://bodhi.fedoraproject.org/updates/FEDORA-2020-517bc29c3f vim-8.2.1885-1.fc31 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-df2ee7a68b nfs-utils-2.5.2-0.fc31 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-43eb9f7d6a pcre2-10.35-8.fc31 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-09e4d062fe kernel-5.8.17-100.fc31 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-42b44971a1 xen-4.12.3-7.fc31 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-1da8aa9dd3 thunderbird-78.4.0-1.fc31 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-eeb0523bd0 mtools-4.0.25-1.fc31 The following builds have been pushed to Fedora 31 updates-testing boinc-client-7.16.11-2.fc31 firefox-82.0.2-1.fc31 icewm-1.9.0-1.fc31 libbluray-1.2.1-2.fc31 mame-0.226-1.fc31 mlpack-3.4.2-1.fc31 psi-plus-1.4.1523-1.fc31 quaternion-0.0.9.4e-5.fc31 usrsctp-1.0.0-0.1.20201017gitf4925bd.fc31 wordpress-5.5.2-1.fc31 Details about builds: ================================================================================ boinc-client-7.16.11-2.fc31 (FEDORA-2020-6a5fea0017) The BOINC client -------------------------------------------------------------------------------- Update Information: 7.16.11 release. Added /etc/boinc-client/config.properties ---- 7.16.11 release -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 30 2020 Germano Massullo <germano.massullo@xxxxxxxxx> - 7.16.11-2 - Added SOURCE4: config.properties * Fri Oct 30 2020 Germano Massullo <germano.massullo@xxxxxxxxx> - 7.16.11-1 - 7.16.11 release - Added 4071.patch Read https://github.com/BOINC/boinc/pull/4071 - * Tue Oct 6 2020 Germano Massullo <germano.massullo@xxxxxxxxx> - 7.16.6-7 - Re-enabled ppc64 architecture on EPEL7. Read https://bugzilla.redhat.com/show_bug.cgi?id=1648290 -------------------------------------------------------------------------------- ================================================================================ firefox-82.0.2-1.fc31 (FEDORA-2020-871455fdcf) Mozilla Firefox Web browser -------------------------------------------------------------------------------- Update Information: - New upstream version (82.0.1) - Fixed Firefox crashes (rhbz#1888920) ---- - New upstream update (82.0.1) - Fixes fatal SHM allocation errors (rhbz#1889251) -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 29 2020 Martin Stransky <stransky@xxxxxxxxxx> - 82.0.2-1 - Updated to 82.0.2 - Removed mzbz#1668771 due to rhbz#1888920 * Wed Oct 28 2020 Martin Stransky <stransky@xxxxxxxxxx> - 82.0.1-1 - Updated to 82.0.1 * Tue Oct 27 2020 Martin Stransky <stransky@xxxxxxxxxx> - 82.0-8 - Added fix for mozbz#1673313 * Tue Oct 27 2020 Martin Stransky <stransky@xxxxxxxxxx> - 82.0-7 - Added fix for rawhide crashes (rhbz#1891234) * Sat Oct 24 2020 Martin Stransky <stransky@xxxxxxxxxx> - 82.0-6 - Enable LTO -------------------------------------------------------------------------------- References: [ 1 ] Bug #1888920 - Firefox crashes on wayland with WL: error in client communication https://bugzilla.redhat.com/show_bug.cgi?id=1888920 [ 2 ] Bug #1889251 - Firefox 81 crashes in mozilla::widget::WaylandShmPool::WaylandShmPool https://bugzilla.redhat.com/show_bug.cgi?id=1889251 [ 3 ] Bug #1891849 - Firefox 82.0.1 available https://bugzilla.redhat.com/show_bug.cgi?id=1891849 -------------------------------------------------------------------------------- ================================================================================ icewm-1.9.0-1.fc31 (FEDORA-2020-c47012fa37) Window manager designed for speed, usability, and consistency -------------------------------------------------------------------------------- Update Information: Update to 1.9.0 -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 30 2020 Artem Polishchuk <ego.cordatus@xxxxxxxxx> - 1.9.0-1 - build(update): 1.9.0 -------------------------------------------------------------------------------- ================================================================================ libbluray-1.2.1-2.fc31 (FEDORA-2020-c635688f4e) Library to access Blu-Ray disks for video playback -------------------------------------------------------------------------------- Update Information: Fix dependency issue between libbluray-devel and libudfread-devel ---- From upstream changelog: - Add initial support for .fmts files. - Improve missing/broken playlist handling ("Star Trek Beyond 4K"). - Improve UHD metadata support. - Improve BD-J compability. - Improve error resilience and stability. - Fix long delay in "Evangelion, You are (not) alone" menu. - Fix JVM bootstrap issues with some Java 9 versions. - Fix sign extended bytes when reading single bytes in BDJ. - Fix creating organization and disc specific BD-J BUDA directories. - Use external libudfread when available. - Rename list_titles to bd_list_titles and add it to installed programs. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 30 2020 Xavier Bachelot <xavier@xxxxxxxxxxxx> 1.2.1-2 - Disable external libudfread (RHBZ#1892856) * Sat Oct 24 2020 Xavier Bachelot <xavier@xxxxxxxxxxxx> 1.2.1-1 - Update to 1.2.1 (RHBZ#1891243) - Enable external libudfread - Drop most test utilities * Tue Jul 28 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.2.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Sat Jul 11 2020 Jiri Vanek <jvanek@xxxxxxxxxx> - 1.2.0-2 - Rebuilt for JDK-11, see https://fedoraproject.org/wiki/Changes/Java11 * Wed May 6 2020 Xavier Bachelot <xavier@xxxxxxxxxxxx> 1.2.0-1 - Update to 1.2.0 - Use unversioned JDK_HOME * Wed Jan 29 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.1.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1891243 - libbluray-1.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1891243 [ 2 ] Bug #1892856 - F34FailsToInstall: libbluray-devel https://bugzilla.redhat.com/show_bug.cgi?id=1892856 -------------------------------------------------------------------------------- ================================================================================ mame-0.226-1.fc31 (FEDORA-2020-81da8b3707) Multiple Arcade Machine Emulator -------------------------------------------------------------------------------- Update Information: An update to the latest upstream release: * https://www.mamedev.org/?p=488 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 29 2020 Julian Sikorski <belegdol@xxxxxxxxxxxxxxxxx> - 0.226-1 - Update to 0.226 -------------------------------------------------------------------------------- ================================================================================ mlpack-3.4.2-1.fc31 (FEDORA-2020-54b9b1e97e) Scalable, fast C++ machine learning library -------------------------------------------------------------------------------- Update Information: Update to latest stable version. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 28 2020 Ryan Curtin <ryan@xxxxxxxxx> - 3.4.2-1 - Update to latest stable version. -------------------------------------------------------------------------------- ================================================================================ psi-plus-1.4.1523-1.fc31 (FEDORA-2020-4a4fd39b9e) Jabber client based on Qt -------------------------------------------------------------------------------- Update Information: Updated to version 1.4.1523. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 30 2020 Vitaly Zaitsev <vitaly@xxxxxxxxxxxxxx> - 1:1.4.1523-1 - Updated to version 1.4.1523. -------------------------------------------------------------------------------- ================================================================================ quaternion-0.0.9.4e-5.fc31 (FEDORA-2020-152670d79d) A Qt5-based IM client for Matrix -------------------------------------------------------------------------------- Update Information: This update fixes a packaging error by explicitly declaring qtquickcontrols in requires. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 30 2020 Brendan Early <mymindstorm@xxxxxxxxxxxx> - 0.0.9.4e-5 - Add explicit requires for qtquickcontrols * Thu Aug 6 2020 Brendan Early <mymindstorm@xxxxxxxxxxxx> - 0.0.9.4e-4 - Fix build failure * Sat Aug 1 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.0.9.4e-3 - Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Wed Jul 29 2020 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.0.9.4e-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ usrsctp-1.0.0-0.1.20201017gitf4925bd.fc31 (FEDORA-2020-4a4fd39b9e) Portable SCTP userland stack -------------------------------------------------------------------------------- Update Information: Updated to version 1.4.1523. -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- ================================================================================ wordpress-5.5.2-1.fc31 (FEDORA-2020-bf266424ea) Blog tool and publishing platform -------------------------------------------------------------------------------- Update Information: **WordPress 5.5.2 Security and Maintenance Release** **Security Updates** * Props to Alex Concha of the WordPress Security Team for their work in hardening deserialization requests. * Props to David Binovec on a fix to disable spam embeds from disabled sites on a multisite network. * Thanks to Marc Montas from Sucuri for reporting an issue that could lead to XSS from global variables. * Thanks to Justin Tran who reported an issue surrounding privilege escalation in XML-RPC. He also found and disclosed an issue around privilege escalation around post commenting via XML-RPC. * Props to Omar Ganiev who reported a method where a DoS attack could lead to RCE. * Thanks to Karim El Ouerghemmi from RIPS who disclosed a method to store XSS in post slugs. * Thanks to Slavco for reporting, and confirmation from Karim El Ouerghemmi, a method to bypass protected meta that could lead to arbitrary file deletion. * Thanks to Erwan LR from WPScan who responsibly disclosed a method that could lead to CSRF. * And a special thanks to @zieladam who was integral in many of the releases and patches during this release. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 30 2020 Remi Collet <remi@xxxxxxxxxxxx> - 5.5.2-1 - WordPress 5.5.2 Security and Maintenance Release -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/test@xxxxxxxxxxxxxxxxxxxxxxx
