The following Fedora 35 Security updates need testing: Age URL 80 https://bodhi.fedoraproject.org/updates/FEDORA-2022-2e85e6cfc9 libdxfrw-1.0.1-3.fc35 librecad-2.2.0-0.13.rc3.fc35 72 https://bodhi.fedoraproject.org/updates/FEDORA-2022-dfc6924a11 mysql-connector-java-8.0.28-1.fc35 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-e8b1324ec8 plantuml-1.2022.2-1.fc35 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-c07546070d moby-engine-20.10.14-1.fc35 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-cff7016d31 zchunk-1.2.2-1.fc35 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-db16b42897 gh-2.8.0-1.fc35 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-3759ebabd2 git-2.35.3-1.fc35 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-3a63897745 bettercap-2.28-9.fc35 chisel-1.7.7-2.fc35 commit-stream-0.1.2-6.fc35 containerd-1.6.2-2.fc35 doctl-1.73.0-2.fc35 gh-2.7.0-2.fc35 gobuster-3.1.0-2.fc35 golang-contrib-opencensus-resource-0.1.2-6.fc35 golang-gioui-0-7.20201225git18d4dbf.fc35 golang-github-appc-docker2aci-0.17.2-8.fc35 golang-github-appc-goaci-0.1.1-10.fc35 golang-github-appc-spec-0.8.11-13.fc35 golang-github-containerd-continuity-0.2.2-2.fc35 golang-github-containerd-stargz-snapshotter-0.7.0-4.fc35 golang-github-coredns-corefile-migration-1.0.11-5.fc35 golang-github-envoyproxy-protoc-gen-validate-0.4.1-5.fc35 golang-github-francoispqt-gojay-1.2.13-6.fc35 golang-github-gogo-googleapis-1.4.1-3.fc35 golang-github-gohugoio-testmodbuilder-0-0.9.20201030git72e1e0c.fc35 golang-github-google-slothfs-0-0.10.20200727git59c1163.fc35 golang-github-googleapis-gnostic-0.5.3-5.fc35 golang-github-googlecloudplatform-cloudsql-proxy-1.19.1-5.fc35 golang-github-grpc-e cosystem-gateway-2-2.7.3-3.fc35 golang-github-haproxytech-client-native-2.5.3-2.fc35 golang-github-haproxytech-dataplaneapi-2.4.4-3.fc35 golang-github-instrumenta-kubeval-0.15.0-7.fc35 golang-github-intel-goresctrl-0.2.0-4.fc35 golang-github-oklog-0.3.2-9.20190701gitca7cdf5.fc35 golang-github-pact-foundation-1.5.1-5.fc35 golang-github-prometheus-2.32.1-4.fc35 golang-github-prometheus-alertmanager-0.23.0-8.fc35 golang-github-prometheus-node-exporter-1.3.1-7.fc35 golang-github-redteampentesting-monsoon-0.6.0-5.fc35 golang-github-spf13-cobra-1.4.0-2.fc35 golang-github-theupdateframework-notary-0.7.0-4.fc35 golang-github-xordataexchange-crypt-0.0.2-11.20190412gitb2862e3.fc35 golang-gopkg-src-d-git-4-4.13.1-7.fc35 golang-k8s-apiextensions-apiserver-1.22.0-5.fc35 golang-k8s-code-generator-1.22.0-3.fc35 golang-k8s-kube-aggregator-1.22.0-3.fc35 golang-k8s-sample-apiserver-1.22.0-4.fc35 golang-k8s-sample-controller-1.22.0-3.fc35 golang-mongodb-mongo-driver-1.4.5-5.fc35 golang-storj-drpc-0.0. 16-5.fc35 golang-x-perf-0-0.14.20210123gitbdcc622.fc35 gopass-1.13.1-2.fc35 grpcurl-1.8.6-2.fc35 onionscan-0.2-6.fc35 shellz-1.5.0-6.fc35 shhgit-0.2-6.fc35 snowcrash-0-0.6.20201119git49b99ad.fc35 xq-0.0.7-3.fc35 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-fe84314a8e stb-0^20210910gitaf1a5bc-0.2.fc35 3 https://bodhi.fedoraproject.org/updates/FEDORA-2022-8cf0124add ruby-3.0.4-152.fc35 3 https://bodhi.fedoraproject.org/updates/FEDORA-2022-c87047f163 podman-3.4.7-1.fc35 3 https://bodhi.fedoraproject.org/updates/FEDORA-2022-ad26447c98 epiphany-41.4-1.fc35 1 https://bodhi.fedoraproject.org/updates/FEDORA-2022-61f6ee6353 usd-21.11-11.fc35 1 https://bodhi.fedoraproject.org/updates/FEDORA-2022-f6e24d96b6 esh-0.3.2-1.fc35 0 https://bodhi.fedoraproject.org/updates/FEDORA-2022-bc606b86f4 CuraEngine-4.13.1-2.fc35 The following Fedora 35 Critical Path updates have yet to be approved: Age URL 34 https://bodhi.fedoraproject.org/updates/FEDORA-2022-925ac7bfff gnome-shell-41.5-1.fc35 mutter-41.5-1.fc35 11 https://bodhi.fedoraproject.org/updates/FEDORA-2022-59b61235bf binutils-2.37-17.fc35 11 https://bodhi.fedoraproject.org/updates/FEDORA-2022-20c77a3dce mtools-4.0.39-1.fc35 10 https://bodhi.fedoraproject.org/updates/FEDORA-2022-7c355d4e9b fwupd-efi-1.3-1.fc35 9 https://bodhi.fedoraproject.org/updates/FEDORA-2022-17ba61ca06 libguestfs-1.48.1-1.fc35 9 https://bodhi.fedoraproject.org/updates/FEDORA-2022-c5bee6b70f container-selinux-2.181.0-2.fc35 flatpak-1.12.7-2.fc35 osbuild-54-2.fc35 selinux-policy-35.17-1.fc35 snapd-2.55.3-2.fc35 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-3759ebabd2 git-2.35.3-1.fc35 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-cff7016d31 zchunk-1.2.2-1.fc35 3 https://bodhi.fedoraproject.org/updates/FEDORA-2022-fff31008f6 langtable-0.0.58-1.fc35 1 https://bodhi.fedoraproject.org/updates/FEDORA-2022-fd04a43eb1 rtkit-0.11-30.fc35 0 https://bodhi.fedoraproject.org/updates/FEDORA-2022-15778e49e1 libhandy-1.4.1-1.fc35 0 https://bodhi.fedoraproject.org/updates/FEDORA-2022-193031a230 livecd-tools-29.0-1.fc35 0 https://bodhi.fedoraproject.org/updates/FEDORA-2022-54bb9337da annobin-10.66-2.fc35 gcc-11.3.1-2.fc35 0 https://bodhi.fedoraproject.org/updates/FEDORA-2022-13c66e33b1 inih-55-1.fc35 The following builds have been pushed to Fedora 35 updates-testing ansible-bender-0.9.0-6.fc35 chromium-100.0.4896.127-1.fc35 claws-mail-4.1.0-1.fc35 dotnet3.1-3.1.418-1.fc35 golang-github-pelletier-toml-2-2.0.0~beta.8-3.fc35 python-dmidecode-3.12.2-27.20210630gitf0a089a1.fc35 rust-nix0.22-0.22.3-1.fc35 Details about builds: ================================================================================ ansible-bender-0.9.0-6.fc35 (FEDORA-2022-79d05fbc34) Build container images using Ansible playbooks -------------------------------------------------------------------------------- Update Information: Allow users to choose between ansible and ansible-core -------------------------------------------------------------------------------- ChangeLog: * Sun Apr 24 2022 Gordon Messmer <gordon.messmer@xxxxxxxxx> - 0.9.0-6 - Suggest ansible-core - Use %pytest macro * Tue Feb 22 2022 Maxwell G <gotmax@e.email> - 0.9.0-5 - Allow users to choose between ansible and ansible-core. - Switch BR to ansible-core. * Wed Jan 19 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.9.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ chromium-100.0.4896.127-1.fc35 (FEDORA-2022-0f14e2308e) A WebKit (Blink) powered web browser that Google doesn't want you to use -------------------------------------------------------------------------------- Update Information: 100 Chromium releases! Of course, at the rate they release now, we'll probably be at 150 before the end of the year. Anyway, here's the update. Fixes: CVE-2022-1232 CVE-2022-1305 CVE-2022-1306 CVE-2022-1307 CVE-2022-1308 CVE-2022-1309 CVE-2022-1310 CVE-2022-1311 CVE-2022-1312 CVE-2022-1313 CVE-2022-1314 CVE-2022-1364 -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 21 2022 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 100.0.4896.127-1 - update to 100.0.4896.127 * Tue Apr 5 2022 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 100.0.4896.75-1 - update to 100.0.4896.75 * Sat Apr 2 2022 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 100.0.4896.60-1 - update to 100.0.4896.60 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2071876 - CVE-2022-1232 chromium-browser: Type Confusion in V8 https://bugzilla.redhat.com/show_bug.cgi?id=2071876 [ 2 ] Bug #2074371 - CVE-2022-1305 chromium-browser: Use after free in storage https://bugzilla.redhat.com/show_bug.cgi?id=2074371 [ 3 ] Bug #2074372 - CVE-2022-1306 chromium-browser: Inappropriate implementation in compositing https://bugzilla.redhat.com/show_bug.cgi?id=2074372 [ 4 ] Bug #2074373 - CVE-2022-1307 chromium-browser: Inappropriate implementation in full screen https://bugzilla.redhat.com/show_bug.cgi?id=2074373 [ 5 ] Bug #2074374 - CVE-2022-1308 chromium-browser: Use after free in BFCache https://bugzilla.redhat.com/show_bug.cgi?id=2074374 [ 6 ] Bug #2074375 - CVE-2022-1309 chromium-browser: Insufficient policy enforcement in developer tools https://bugzilla.redhat.com/show_bug.cgi?id=2074375 [ 7 ] Bug #2074376 - CVE-2022-1310 chromium-browser: Use after free in regular expressions https://bugzilla.redhat.com/show_bug.cgi?id=2074376 [ 8 ] Bug #2074377 - CVE-2022-1311 chromium-browser: Use after free in Chrome OS shell https://bugzilla.redhat.com/show_bug.cgi?id=2074377 [ 9 ] Bug #2074378 - CVE-2022-1312 chromium-browser: Use after free in storage https://bugzilla.redhat.com/show_bug.cgi?id=2074378 [ 10 ] Bug #2074379 - CVE-2022-1313 chromium-browser: Use after free in tab groups https://bugzilla.redhat.com/show_bug.cgi?id=2074379 [ 11 ] Bug #2074380 - CVE-2022-1314 chromium-browser: Type Confusion in V8 https://bugzilla.redhat.com/show_bug.cgi?id=2074380 [ 12 ] Bug #2076274 - CVE-2022-1364 Chromium-browser: Type Confusion in V8. https://bugzilla.redhat.com/show_bug.cgi?id=2076274 -------------------------------------------------------------------------------- ================================================================================ claws-mail-4.1.0-1.fc35 (FEDORA-2022-9440b7cecd) Email client and news reader based on GTK+ -------------------------------------------------------------------------------- Update Information: Update from 3.18.0 to 3.19.0 for Fedora 34. Update from 4.0.0 to 4.1.0 for Fedora 35/36. https://www.claws-mail.org/news.php -------------------------------------------------------------------------------- ChangeLog: * Sat Apr 23 2022 Michael Schwendt <mschwendt@xxxxxxxxxxxxxxxxx> - 4.1.0-1 - Update to 4.1.0. - New keyword_warner plugin. - pdf_viewer patch not needed anymore. * Wed Jan 19 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 4.0.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ dotnet3.1-3.1.418-1.fc35 (FEDORA-2022-bbb0fe5bd5) .NET Core Runtime and SDK -------------------------------------------------------------------------------- Update Information: # Update to .NET Core SDK 3.1.418 and Runtime3.1.24 .NET Core SDK 3.1.418 and Runtime 3.1.24 were recently released by Microsoft: https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.24/3.1.24.md This is a bugfix release that updates the version in Fedora to the upstream release. -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 21 2022 Omair Majid <omajid@xxxxxxxxxx> - 3.1.418-1 - Update to .NET SDK 3.1.418 and Runtime 3.1.24 -------------------------------------------------------------------------------- ================================================================================ golang-github-pelletier-toml-2-2.0.0~beta.8-3.fc35 (FEDORA-2022-49648ecde5) Go library for the TOML file format -------------------------------------------------------------------------------- Update Information: Backport patch that fixes test on i686 -------------------------------------------------------------------------------- ChangeLog: * Sun Apr 24 2022 W. Michael Petullo <mike@xxxxxxxx> 2.0.0~beta.8-3 - Backport patch that fixes test on i686 * Sun Apr 24 2022 W. Michael Petullo <mike@xxxxxxxx> 2.0.0~beta.8-2 - Deactivate a test that fail on i686 (see https://github.com/pelletier/go- toml/issues/760) * Tue Apr 19 2022 W. Michael Petullo <mike@xxxxxxxx> 2.0.0~beta.8-1 - Initial import (fedora#2031226) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2031226 - Review Request: golang-github-pelletier-toml-2 - Go library for the toml language https://bugzilla.redhat.com/show_bug.cgi?id=2031226 -------------------------------------------------------------------------------- ================================================================================ python-dmidecode-3.12.2-27.20210630gitf0a089a1.fc35 (FEDORA-2022-9e11cd4a62) Python module to access DMI data -------------------------------------------------------------------------------- Update Information: - Build commit #f0a089a1 (include covscan error fixes) -------------------------------------------------------------------------------- ChangeLog: * Sun Apr 24 2022 Antonio Trande <sagitter@xxxxxxxxxxxxxxxxx> - 3.12.2-27.20210630gitf0a089a1 - Build commit #f0a089a1 (include covscan error fixes) * Fri Jan 21 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.12.2-26 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ rust-nix0.22-0.22.3-1.fc35 (FEDORA-2022-78b96849bc) Rust friendly bindings to *nix APIs -------------------------------------------------------------------------------- Update Information: Update the package for nix crate versions 0.22.x to version 0.22.3. -------------------------------------------------------------------------------- ChangeLog: * Sun Apr 24 2022 Fabio Valentini <decathorpe@xxxxxxxxx> 0.22.3-1 - Update to version 0.22.3 * Fri Jan 21 2022 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> 0.22.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/test@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
