The following Fedora 33 Security updates need testing: Age URL 38 https://bodhi.fedoraproject.org/updates/FEDORA-2021-c3d587d52c shim-15.4-1 6 https://bodhi.fedoraproject.org/updates/FEDORA-2021-f8bb3ba3ec python-pydantic-1.6.2-1.fc33 4 https://bodhi.fedoraproject.org/updates/FEDORA-2021-b5d8c6d086 prosody-0.11.9-1.fc33 4 https://bodhi.fedoraproject.org/updates/FEDORA-2021-1bf13db941 ceph-15.2.12-1.fc33 4 https://bodhi.fedoraproject.org/updates/FEDORA-2021-b950000d2b libxml2-2.9.12-1.fc33 2 https://bodhi.fedoraproject.org/updates/FEDORA-2021-9fde3d7ab1 python-eventlet-0.31.0-1.fc33 2 https://bodhi.fedoraproject.org/updates/FEDORA-2021-4f852b79d1 kernel-5.11.21-200.fc33 2 https://bodhi.fedoraproject.org/updates/FEDORA-2021-f75a803ff3 slurm-20.11.7-1.fc33 1 https://bodhi.fedoraproject.org/updates/FEDORA-2021-8a098ecbcf composer-2.0.13-1.fc33 1 https://bodhi.fedoraproject.org/updates/FEDORA-2021-935da812d7 wordpress-5.7.2-1.fc33 1 https://bodhi.fedoraproject.org/updates/FEDORA-2021-ef6352b2a3 php-symfony3-3.4.48-1.fc33 1 https://bodhi.fedoraproject.org/updates/FEDORA-2021-af57a9565e php-symfony4-4.4.23-1.fc33 The following Fedora 33 Critical Path updates have yet to be approved: Age URL 57 https://bodhi.fedoraproject.org/updates/FEDORA-2021-2961f34ccb PackageKit-1.2.3-1.fc33 14 https://bodhi.fedoraproject.org/updates/FEDORA-2021-04e178963a libmodulemd-2.12.1-1.fc33 11 https://bodhi.fedoraproject.org/updates/FEDORA-2021-ac643a7ce9 xorg-x11-drv-nouveau-1.0.17-1.fc33 11 https://bodhi.fedoraproject.org/updates/FEDORA-2021-0e0f47f6ca xfce4-settings-4.14.4-1.fc33 10 https://bodhi.fedoraproject.org/updates/FEDORA-2021-b2b5636c1a livecd-tools-28.0-2.fc33 8 https://bodhi.fedoraproject.org/updates/FEDORA-2021-4749e8f916 webkit2gtk3-2.32.1-1.fc33 8 https://bodhi.fedoraproject.org/updates/FEDORA-2021-22d74b54e8 rdma-core-35.0-1.fc33 6 https://bodhi.fedoraproject.org/updates/FEDORA-2021-822606e337 linux-firmware-20210511-120.fc33 4 https://bodhi.fedoraproject.org/updates/FEDORA-2021-3b331c0278 wpebackend-fdo-1.8.4-1.fc33 4 https://bodhi.fedoraproject.org/updates/FEDORA-2021-b950000d2b libxml2-2.9.12-1.fc33 4 https://bodhi.fedoraproject.org/updates/FEDORA-2021-efdc2e7167 chrony-4.1-1.fc33 4 https://bodhi.fedoraproject.org/updates/FEDORA-2021-e7f17262ce libidn2-2.3.1-1.fc33 4 https://bodhi.fedoraproject.org/updates/FEDORA-2021-b00cd88aba btrfs-progs-5.12.1-1.fc33 2 https://bodhi.fedoraproject.org/updates/FEDORA-2021-4f852b79d1 kernel-5.11.21-200.fc33 2 https://bodhi.fedoraproject.org/updates/FEDORA-2021-25202922d4 systemd-246.14-1.fc33 The following builds have been pushed to Fedora 33 updates-testing ShellCheck-0.7.2-1.fc33 Thunar-1.8.17-1.fc33 biber-2.14-5.fc33 dracut-054-6.git20210518.fc33 fpaste-0.4.2.0-1.fc33 golang-github-haproxytech-dataplaneapi-2.3.0-2.fc33 highway-0.12.0-1.20210518git376a400.fc33 ibus-qt-1.3.3-30.fc33 ipv6calc-3.1.0-52.fc33 libetonyek-0.1.10-1.fc33 libmatroska-1.6.3-1.fc33 libtirpc-1.2.6-4.rc4.fc33 ne-3.3.1-1.fc33 notekit-0.1-5.fc33 python-asyncpg-0.23.0-1.fc33 qpid-dispatch-1.16.0-1.fc33 rpcbind-1.2.6-0.fc33 rpki-client-7.1-1.fc33 scitokens-cpp-0.6.0-2.fc33 slapi-nis-0.56.7-1.fc33 upx-3.96-9.fc33 xrestrict-0.8.0-2.20160730git35a944a.fc33 Details about builds: ================================================================================ ShellCheck-0.7.2-1.fc33 (FEDORA-2021-721b79250a) Shell script analysis tool -------------------------------------------------------------------------------- Update Information: https://github.com/koalaman/shellcheck/blob/v0.7.2/CHANGELOG.md -------------------------------------------------------------------------------- ChangeLog: * Tue May 18 2021 Jens Petersen <petersen@xxxxxxxxxx> - 0.7.2-1 - update to 0.7.2 * Mon Jan 25 2021 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.7.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1951382 - ShellCheck-0.7.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1951382 -------------------------------------------------------------------------------- ================================================================================ Thunar-1.8.17-1.fc33 (FEDORA-2021-a9ba702633) Thunar File Manager -------------------------------------------------------------------------------- Update Information: - Update to 1.8.17 -------------------------------------------------------------------------------- ChangeLog: * Mon May 17 2021 Mukundan Ragavan <nonamedotc@xxxxxxxxxxxxxxxxx> - 1.8.17-1 - Update to 1.8.17 -------------------------------------------------------------------------------- ================================================================================ biber-2.14-5.fc33 (FEDORA-2021-d5916963ae) Command-line bibliographic manager, BibTeX replacement -------------------------------------------------------------------------------- Update Information: This release adapt the tests to pass with Unicode::Collate 1.29 -------------------------------------------------------------------------------- ChangeLog: * Tue May 18 2021 Petr Pisar <ppisar@xxxxxxxxxx> - 2.14-5 - Adapt tests to changes in Unicode::Collate 1.29 (bug #1905190) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1905190 - biber FTBFS in Rawhide (F34): tests fail on different \field{sortinithash} values https://bugzilla.redhat.com/show_bug.cgi?id=1905190 -------------------------------------------------------------------------------- ================================================================================ dracut-054-6.git20210518.fc33 (FEDORA-2021-1794da1cb8) Initramfs generator using udev -------------------------------------------------------------------------------- Update Information: fix `dracut-dev-lib.sh: line 92: str_replace: command not found` ---- * version 054 - https://github.com/dracutdevs/dracut/releases/tag/054 -------------------------------------------------------------------------------- ChangeLog: * Tue May 18 2021 Harald Hoyer <harald@xxxxxxxxxx> - 054-6.git20210518 - fix for `str_replace: command not found` * Mon May 17 2021 Harald Hoyer <harald@xxxxxxxxxx> - 054-4.git20210517 - version 054 * Thu Apr 22 2021 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> - 053-5 - Backport: fix(90kernel-modules): add watchdog drivers for generic initrd (rhbz 1592148) * Mon Apr 19 2021 Dusty Mabe <dusty@xxxxxxxxxxxxx> - 053-4 - Backport: fix(dracut-logger.sh): double dash trigger unknown logger warnings during run - Backport: fix(network-manager): nm-run.service: don't kill forked processes - Backport: fix(network-manager): only run NetworkManager if rd.neednet=1 - Backport: fix(network-manager): use /run/NetworkManager/initrd/neednet in initqueue * Mon Apr 19 2021 Adam Williamson <awilliam@xxxxxxxxxx> - 053-3 - Fix removal of key system files when kdump enabled (thanks kasong) (#1936781) * Thu Apr 8 2021 Adam Williamson <awilliam@xxxxxxxxxx> - 053-2 - Backport upstream change reported to fix boot on some encrypted LVM setups (#1946074) * Tue Feb 23 2021 Harald Hoyer <harald@xxxxxxxxxx> - 053-1 - version 053 * Tue Jan 26 2021 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 051-1.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Tue Dec 15 2020 Harald Hoyer <harald@xxxxxxxxxx> - 051-1 - version 051 -------------------------------------------------------------------------------- ================================================================================ fpaste-0.4.2.0-1.fc33 (FEDORA-2021-6e9d2345a6) A simple tool for pasting info onto the Fedora community paste server -------------------------------------------------------------------------------- Update Information: Update to new minor release. Includes some more btrfs related information, and adds lxdm to session detection command -------------------------------------------------------------------------------- ChangeLog: * Tue May 18 2021 Ankur Sinha <ankursinha AT fedoraproject DOT org> - 0.4.2.0-1 - Update to new release * Tue Jan 26 2021 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.4.1.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1960569 - In section 'Desktop(s) Running' of 'fpaste --sysinfo', lxdm-session is missing https://bugzilla.redhat.com/show_bug.cgi?id=1960569 -------------------------------------------------------------------------------- ================================================================================ golang-github-haproxytech-dataplaneapi-2.3.0-2.fc33 (FEDORA-2021-179781615d) HAProxy Data Plane API -------------------------------------------------------------------------------- Update Information: Changes for version 2.3.0 (Fixes rhbz#1959606) ---- Update to version 2.3.0 (Fixes rhbz#1959606) -------------------------------------------------------------------------------- ChangeLog: * Tue May 18 2021 Brandon Perkins <bperkins@xxxxxxxxxx> - 2.3.0-2 - Changes for version 2.3.0 (Fixes rhbz#1959606) - Include support for new HCL/YAML configuration files - Fix logrotate.d configuration file name - Enable new syslog support - ExecStart service using HCL/YAML configuration file instead of command flags - Simplify sysconfig file to only include CONFIG and OPTIONS variables * Wed May 12 2021 Brandon Perkins <bperkins@xxxxxxxxxx> - 2.3.0-1 - Update to version 2.3.0 (Fixes rhbz#1959606) - Addition of configuration and discovery docs - Addition of numerous BuildRequires -------------------------------------------------------------------------------- References: [ 1 ] Bug #1959606 - golang-github-haproxytech-dataplaneapi-2.3.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1959606 -------------------------------------------------------------------------------- ================================================================================ highway-0.12.0-1.20210518git376a400.fc33 (FEDORA-2021-ef700ec6c4) Efficient and performance-portable SIMD -------------------------------------------------------------------------------- Update Information: Initial RPM -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- References: [ 1 ] Bug #1906980 - Review Request: highway - Efficient and performance-portable SIMD https://bugzilla.redhat.com/show_bug.cgi?id=1906980 -------------------------------------------------------------------------------- ================================================================================ ibus-qt-1.3.3-30.fc33 (FEDORA-2021-426c2064fa) Qt IBus library and Qt input method plugin -------------------------------------------------------------------------------- Update Information: Fix ibus-qt to work in Wayland desktop. -------------------------------------------------------------------------------- ChangeLog: * Mon May 17 2021 Takao Fujiwara <tfujiwar@xxxxxxxxxx> - 1.3.3-30 - Resolves: #1832098 Fix Wayland display variable * Tue Jan 26 2021 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.3.3-29 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1832098 - Due to socket path changes ibus not working in Wayland for qt4 apps https://bugzilla.redhat.com/show_bug.cgi?id=1832098 -------------------------------------------------------------------------------- ================================================================================ ipv6calc-3.1.0-52.fc33 (FEDORA-2021-17f66f47d5) IPv6 address format change and calculation utility -------------------------------------------------------------------------------- Update Information: Final release 3.1.0 -------------------------------------------------------------------------------- ChangeLog: * Tue May 18 2021 Peter Bieringer <pb@xxxxxxxxxxxx> - 3.1.0-52 - Final release 3.1.0 * Wed Jan 13 2021 Peter Bieringer <pb@xxxxxxxxxxxx> - 3.0.1-48 - Final release 3.0.1 -------------------------------------------------------------------------------- ================================================================================ libetonyek-0.1.10-1.fc33 (FEDORA-2021-9d0f1504c2) A library for import of Apple iWork documents -------------------------------------------------------------------------------- Update Information: new upstream release -------------------------------------------------------------------------------- ChangeLog: * Tue May 18 2021 David Tardon <dtardon@xxxxxxxxxx> - 0.1.10-1 - new upstream release * Tue Jan 26 2021 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.1.9-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ libmatroska-1.6.3-1.fc33 (FEDORA-2021-8749a453bf) Open audio/video container format library -------------------------------------------------------------------------------- Update Information: * libEBML v1.4.2 is now required. * Added classes for new track header elements: `KaxFlagHearingImpaired`, `KaxFlagVisualImpaired`, `KaxFlagTextDescriptions`, `KaxFlagOriginal` and `KaxFlagCommentary`. -------------------------------------------------------------------------------- ChangeLog: * Tue May 18 2021 Dominik Mierzejewski <rpm@xxxxxxxxxxxxxx> - 1.6.3-1 - update to 1.6.3 (#1930173) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1930173 - libmatroska-1.6.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1930173 -------------------------------------------------------------------------------- ================================================================================ libtirpc-1.2.6-4.rc4.fc33 (FEDORA-2021-ae71327f68) Transport Independent RPC Library -------------------------------------------------------------------------------- Update Information: Updated non-free licenses -------------------------------------------------------------------------------- ChangeLog: * Tue May 18 2021 Steve Dickson <steved@xxxxxxxxxx> 1.2.6-4.rc4 - Updated non-free licenses (bz 1955239) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1955239 - non-free licensed files in libtirpc https://bugzilla.redhat.com/show_bug.cgi?id=1955239 -------------------------------------------------------------------------------- ================================================================================ ne-3.3.1-1.fc33 (FEDORA-2021-33f6e2fd00) ne, the nice editor -------------------------------------------------------------------------------- Update Information: First release -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- References: [ 1 ] Bug #1952927 - Review Request: ne - ne, the nice editor https://bugzilla.redhat.com/show_bug.cgi?id=1952927 -------------------------------------------------------------------------------- ================================================================================ notekit-0.1-5.fc33 (FEDORA-2021-9d0732d34d) Hierarchical markdown notetaking application with tablet support -------------------------------------------------------------------------------- Update Information: - Updating due to the addition of new important features - 66a31147f83b93542f0c53f0eda65b1576bc4756 -------------------------------------------------------------------------------- ChangeLog: * Tue May 18 2021 Lyes Saadi <fedora@xxxxxxx> - 0.1-5 - Updating due to the addition of new important features - 66a31147f83b93542f0c53f0eda65b1576bc4756 -------------------------------------------------------------------------------- ================================================================================ python-asyncpg-0.23.0-1.fc33 (FEDORA-2021-cbed2d8353) A fast PostgreSQL Database Client Library for Python/asyncio -------------------------------------------------------------------------------- Update Information: Update to 0.23.0. **Fixes** - Avoid `TypeError` in `Transaction.__repr__` (#703) - Feed `memoryview` to `writelines()` (#715) - Add `sslmode=allow` support and fix `=prefer` retry (#720) - Loosen message test in `test_invalid_input` (#751) - Support readonly and deferrable for non- serializable transactions (#747) - Fix asyncpg with `Py_DEBUG` mode (#719) - Fix `docs/Makefile` and `docs/_static/theme_overrides.css` missing from PyPI package (#708) -------------------------------------------------------------------------------- ChangeLog: * Mon May 17 2021 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.23.0-1 - Update to 0.23.0 - Drop asyncpg-0.22.0-python3.10-test_invalid_input.patch since it was merged upstream - Drop workaround (via extra sources) for missing documentation sources * Tue Apr 27 2021 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.22.0-6 - Updated patch for Python 3.10 * Mon Apr 26 2021 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 0.22.0-5 - Patch for Python 3.10 compatibility (RHBZ#1953538, upstream issue #750) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1961371 - python-asyncpg-0.23.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1961371 -------------------------------------------------------------------------------- ================================================================================ qpid-dispatch-1.16.0-1.fc33 (FEDORA-2021-bc4994dbd9) Dispatch router for Qpid -------------------------------------------------------------------------------- Update Information: Rebase to 1.16.0. -------------------------------------------------------------------------------- ChangeLog: * Mon May 17 2021 Irina Boverman <iboverma@xxxxxxxxxx> - 1.16.0-1 - Rebased to 1.16.0 -------------------------------------------------------------------------------- ================================================================================ rpcbind-1.2.6-0.fc33 (FEDORA-2021-5cc6457b38) Universal Addresses to RPC Program Number Mapper -------------------------------------------------------------------------------- Update Information: Updated to latest upstream release: rpcbind-1_2_6 -------------------------------------------------------------------------------- ChangeLog: * Mon May 17 2021 Steve Dickson <steved@xxxxxxxxxx> 1.2.6-0 - Updated to latest upstream release: rpcbind-1_2_6 (bz 1959127) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1959127 - rpcbind-1.2.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1959127 -------------------------------------------------------------------------------- ================================================================================ rpki-client-7.1-1.fc33 (FEDORA-2021-21ebe598e9) RPKI validator to support BGP Origin Validation -------------------------------------------------------------------------------- Update Information: rpki-client 7.1 =============== * Add keep-alive support to the HTTP client code for RRDP * Reference-count and delete unused files synced via RRDP, as far as possible * In the JSON output, change the AS Number from a string ("AS123") to an integer ("123") to make processing of the output easier * Add an `expires` column to CSV & JSON output, based on certificate and CRL validity times. The `expires` value can be used to avoid route selection based on stale data when generating VRP sets, when faced with loss of communication between consumer and valdiator, or validator and CA repository * Make the runtime timeout (`-s` option) also triggers in child processes * Improved RRDP support, upstream encourages testing of RRDP with the `-r` option so that RRDP can be enabled by default in a future release; please report any RRDP issues found, if possible, directly to upstream In the portable version, * Improve support for older libressl versions (although the latest stable release is recommended) * Add missing compat headers in release packages so they build on Alpine Linux and macOS -------------------------------------------------------------------------------- ChangeLog: * Tue May 18 2021 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 7.1-1 - Upgrade to 7.1 (#1961870) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1961870 - rpki-client-7.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1961870 -------------------------------------------------------------------------------- ================================================================================ scitokens-cpp-0.6.0-2.fc33 (FEDORA-2021-398d5ae003) C++ Implementation of the SciTokens Library -------------------------------------------------------------------------------- Update Information: - Fix compilation errors on c++11 - Update to jwt-cpp-0.4.0 vendor - Change scitoken profile name to match spec, scitoken:2.0 -------------------------------------------------------------------------------- ChangeLog: * Tue May 18 2021 Derek Weitzel <dweitzel@xxxxxxx> - 0.6.0-2 - Add back paren patch * Tue Mar 9 2021 Derek Weitzel <dweitzel@xxxxxxx> - 0.6.0-1 - Fix compilation errors on c++11 - Update to jwt-cpp-0.4.0 vendor - Change scitoken profile name to match spec, scitoken:2.0 * Wed Jan 27 2021 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.5.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ slapi-nis-0.56.7-1.fc33 (FEDORA-2021-a4ee3426c4) NIS Server and Schema Compatibility plugins for Directory Server -------------------------------------------------------------------------------- Update Information: CVE-2021-3480: invalid BIND DN crash -------------------------------------------------------------------------------- ChangeLog: * Tue May 18 2021 Alexander Bokovoy <abokovoy@xxxxxxxxxx> - 0.56.7-1 - CVE-2021-3480: invalid bind DN crash - New upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1961157 - CVE-2021-3480 slapi-nis: NULL dereference (DoS) with specially crafted Binding DN [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1961157 -------------------------------------------------------------------------------- ================================================================================ upx-3.96-9.fc33 (FEDORA-2021-ceb9db8de0) Ultimate Packer for eXecutables -------------------------------------------------------------------------------- Update Information: Patch for CVE-2020-24119. -------------------------------------------------------------------------------- ChangeLog: * Tue May 18 2021 Gwyn Ciesla <gwync@xxxxxxxxxxxxxx> - 3.96-9 - Patch for CVE-2020-24119 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1961592 - CVE-2020-24119 upx: heap buffer overflow in p_lx_elf.cpp [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1961592 -------------------------------------------------------------------------------- ================================================================================ xrestrict-0.8.0-2.20160730git35a944a.fc33 (FEDORA-2021-a0ad5792da) A utility to modify the "Coordinate Transformation Matrix" of an XInput2 device -------------------------------------------------------------------------------- Update Information: A utility to modify the "Coordinate Transformation Matrix" of an XInput2 device. The typical application is restricting graphical tablet drawing area to a single monitor in multi-monitor set-ups. -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- References: [ 1 ] Bug #1940900 - Review Request: xrestrict - A utility to modify the "Coordinate Transformation Matrix" of an XInput2 device https://bugzilla.redhat.com/show_bug.cgi?id=1940900 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/test@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
