The following Fedora 32 Security updates need testing: Age URL 43 https://bodhi.fedoraproject.org/updates/FEDORA-2020-eb942ee0db libuv-1.39.0-1.fc32 nodejs-12.18.4-1.fc32 5 https://bodhi.fedoraproject.org/updates/FEDORA-2020-495c14a23f fastd-21-1.fc32 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-9c2f330b5a arpwatch-2.1a15-48.fc32 2 https://bodhi.fedoraproject.org/updates/FEDORA-2020-ebabb6bf76 blueman-2.1.4-1.fc32 2 https://bodhi.fedoraproject.org/updates/FEDORA-2020-4f9ee82bc5 community-mysql-8.0.22-1.fc32 2 https://bodhi.fedoraproject.org/updates/FEDORA-2020-d67cc48dce pngcheck-2.3.0-3.fc32 2 https://bodhi.fedoraproject.org/updates/FEDORA-2020-127d40f1ab chromium-86.0.4240.111-1.fc32 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-4ee7c84cd7 thunderbird-78.4.0-1.fc32 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-ded2298c25 xen-4.13.1-8.fc32 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-58b619cf00 samba-4.12.9-0.fc32 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-920a258c79 kernel-5.8.17-200.fc32 0 https://bodhi.fedoraproject.org/updates/FEDORA-2020-3bc238618e wordpress-5.5.2-1.fc32
The following Fedora 32 Critical Path updates have yet to be approved: Age URL 120 https://bodhi.fedoraproject.org/updates/FEDORA-2020-ebbe0f7b25 cpio-2.13-6.fc32 23 https://bodhi.fedoraproject.org/updates/FEDORA-2020-95b9c09df2 binutils-2.34-6.fc32 16 https://bodhi.fedoraproject.org/updates/FEDORA-2020-a27b8aedcd fedora-repos-32-10 13 https://bodhi.fedoraproject.org/updates/FEDORA-2020-da3401a3ce enchant2-2.2.12-1.fc32 mingw-enchant2-2.2.12-1.fc32 10 https://bodhi.fedoraproject.org/updates/FEDORA-2020-f9ada0f4f8 pcre-8.44-2.fc32 8 https://bodhi.fedoraproject.org/updates/FEDORA-2020-b591d7878e linux-firmware-20201022-113.fc32 6 https://bodhi.fedoraproject.org/updates/FEDORA-2020-57f9e6e50e koji-1.23.0-1.fc32 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-62a75b137f webkit2gtk3-2.30.2-1.fc32 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-9a96a4b085 nfs-utils-2.5.2-0.fc32 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-63f76b0bb8 libteam-1.31-2.fc32 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-3233cba37a fwupd-1.5.0-1.fc32 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-082fed0894 pam-1.3.1-27.fc32 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-efbdd95dca pcre2-10.35-8.fc32 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-920a258c79 kernel-5.8.17-200.fc32 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-4ee7c84cd7 thunderbird-78.4.0-1.fc32 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-e38f0e9350 mtools-4.0.25-1.fc32 0 https://bodhi.fedoraproject.org/updates/FEDORA-2020-4458232d79 libbluray-1.2.1-2.fc32
The following builds have been pushed to Fedora 32 updates-testing
R-generics-0.1.0-1.fc32 R-tufte-0.8-1.fc32 R-xfun-0.19-1.fc32 bpytop-1.0.47-1.fc32 conda-4.9.1-1.fc32 elementary-planner-2.5.7-1.fc32 gnome-shell-extension-material-shell-9-1.fc32 iputils-20200821-1.fc32 libntlm-1.6-1.fc32 libpasastro-1.4.0-1.fc32 libtpms-0.7.4-0.20201031git2452a24dab.fc32 mlpack-3.4.2-1.fc32 nss-3.58.0-3.fc32 pipewire-0.3.14-1.fc32 preproc-rpmspec-1.1-1.fc32 psi-plus-1.4.1529-1.fc32 python-conda-package-handling-1.7.2-1.fc32 python-freeipa-1.0.7-1.fc32 rpkg-macros-1.0-1.fc32 usrsctp-1.0.0-0.1.20201017gitf4925bd.fc32
Details about builds:
================================================================================ R-generics-0.1.0-1.fc32 (FEDORA-2020-6afc03e410) Common S3 Generics not Provided by Base R Methods Related to Model Fitting -------------------------------------------------------------------------------- Update Information:
Update to latest version; change to MIT license -------------------------------------------------------------------------------- ChangeLog:
* Sat Oct 31 2020 Elliott Sales de Andrade quantum.analyst@gmail.com - 0.1.0-1 - Update to latest version (#1893416) * Mon Jul 27 2020 Fedora Release Engineering releng@fedoraproject.org - 0.0.2-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1893416 - R-generics-0.1.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1893416 --------------------------------------------------------------------------------
================================================================================ R-tufte-0.8-1.fc32 (FEDORA-2020-5bfaad7e0f) Tufte's Styles for R Markdown Documents -------------------------------------------------------------------------------- Update Information:
Update to latest version -------------------------------------------------------------------------------- ChangeLog:
* Sat Oct 31 2020 Elliott Sales de Andrade quantum.analyst@gmail.com - 0.8-1 - Update to latest version (#1893380) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1893380 - R-tufte-0.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=1893380 --------------------------------------------------------------------------------
================================================================================ R-xfun-0.19-1.fc32 (FEDORA-2020-437d1bbbc8) Miscellaneous Functions by 'Yihui Xie' -------------------------------------------------------------------------------- Update Information:
Update to latest version -------------------------------------------------------------------------------- ChangeLog:
* Sat Oct 31 2020 Elliott Sales de Andrade quantum.analyst@gmail.com - 0.19-1 - Update to latest version -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1893376 - R-xfun-0.19 is available https://bugzilla.redhat.com/show_bug.cgi?id=1893376 --------------------------------------------------------------------------------
================================================================================ bpytop-1.0.47-1.fc32 (FEDORA-2020-1e4ccc5f59) Linux/OSX/FreeBSD resource monitor -------------------------------------------------------------------------------- Update Information:
Update to 1.0.47 -------------------------------------------------------------------------------- ChangeLog:
* Sat Oct 31 2020 Artem Polishchuk ego.cordatus@gmail.com - 1.0.47-1 - build(update): 1.0.47 * Sun Oct 25 2020 Artem Polishchuk ego.cordatus@gmail.com - 1.0.45-1 - build(update): 1.0.45 --------------------------------------------------------------------------------
================================================================================ conda-4.9.1-1.fc32 (FEDORA-2020-5ab047bec2) Cross-platform, Python-agnostic binary package manager -------------------------------------------------------------------------------- Update Information:
Update to conda 4.9.1 -------------------------------------------------------------------------------- ChangeLog:
* Tue Oct 27 2020 Orion Poplawski orion@nwra.com - 4.9.1-1 - Update to 4.9.1 * Sun Oct 18 2020 Orion Poplawski orion@nwra.com - 4.9.0-1 - Update to 4.9.0 * Mon Sep 21 2020 Orion Poplawski orion@nwra.com - 4.8.5-2 - Add note to description about base environment * Mon Sep 14 2020 Orion Poplawski orion@nwra.com - 4.8.5-1 - Update to 4.8.5 - Install conda.fish (bz#1878306) * Sat Aug 8 2020 Orion Poplawski orion@nwra.com - 4.8.4-1 - Update to 4.8.4 * Sat Aug 1 2020 Fedora Release Engineering releng@fedoraproject.org - 4.8.3-4 - Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Mon Jul 27 2020 Fedora Release Engineering releng@fedoraproject.org - 4.8.3-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Tue May 26 2020 Miro Hron��ok mhroncok@redhat.com - 4.8.3-2 - Rebuilt for Python 3.9 * Sun Mar 15 2020 Orion Poplawski orion@nwra.com - 4.8.3-1 - Update to 4.8.3 * Tue Feb 4 2020 Zbigniew J��drzejewski-Szmek zbyszek@in.waw.pl - 4.8.2-2 - Fix import for python3.9 compatiblity (#1797691) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1832396 - python-conda-package-handling-1.7.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1832396 [ 2 ] Bug #1888457 - conda-4.9.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1888457 --------------------------------------------------------------------------------
================================================================================ elementary-planner-2.5.7-1.fc32 (FEDORA-2020-6309e90a1f) Task manager with Todoist support designed for GNU/Linux -------------------------------------------------------------------------------- Update Information:
Update to latest version -------------------------------------------------------------------------------- ChangeLog:
* Tue Oct 27 2020 Artem Polishchuk ego.cordatus@gmail.com - 2.5.7-1 - build(update): 2.5.7 --------------------------------------------------------------------------------
================================================================================ gnome-shell-extension-material-shell-9-1.fc32 (FEDORA-2020-067bf27af9) Modern desktop interface for Linux -------------------------------------------------------------------------------- Update Information:
Update to 9 -------------------------------------------------------------------------------- ChangeLog:
* Sat Oct 31 2020 Artem Polishchuk ego.cordatus@gmail.com - 9-1 - build(update): 9 --------------------------------------------------------------------------------
================================================================================ iputils-20200821-1.fc32 (FEDORA-2020-e049168198) Network monitoring tools including ping -------------------------------------------------------------------------------- Update Information:
Update to 20200821 upstream bugfix release. -------------------------------------------------------------------------------- ChangeLog:
* Sat Oct 31 2020 Kevin Fenzi kevin@scrye.com - 20200821-1 - Update to 20200821 release. Fixes bug #1871310 * Tue Jul 28 2020 Fedora Release Engineering releng@fedoraproject.org - 20190515-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1836607 - arping exits with error when should not https://bugzilla.redhat.com/show_bug.cgi?id=1836607 [ 2 ] Bug #1842779 - ping6 does not support -F flowlabel option https://bugzilla.redhat.com/show_bug.cgi?id=1842779 [ 3 ] Bug #1871310 - iputils-20200821 is available https://bugzilla.redhat.com/show_bug.cgi?id=1871310 --------------------------------------------------------------------------------
================================================================================ libntlm-1.6-1.fc32 (FEDORA-2020-1f643c272c) NTLMv1 authentication library -------------------------------------------------------------------------------- Update Information:
Update to security fix 1.6 version. Fixes CVE-2019-17455 -------------------------------------------------------------------------------- ChangeLog:
* Sat Oct 31 2020 Kevin Fenzi kevin@scrye.com - 1.6-1 - Update to 1.6. Fixes CVE-2019-17455 * Sat Aug 1 2020 Fedora Release Engineering releng@fedoraproject.org - 1.5-4 - Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Tue Jul 28 2020 Fedora Release Engineering releng@fedoraproject.org - 1.5-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1768464 - CVE-2019-17455 libntlm: stack-based buffer overflow in buildSmbNtlmAuthRequest in smbutil.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1768464 [ 2 ] Bug #1825591 - libntlm-1.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1825591 --------------------------------------------------------------------------------
================================================================================ libpasastro-1.4.0-1.fc32 (FEDORA-2020-9b29d3c715) Pascal interface for standard astronomy libraries -------------------------------------------------------------------------------- Update Information:
Update to 1.4.0 The major upstream change of this new version was the inclusion of the new `libpasspice` which uses JPL's NAIF/Spice toolkit to compute satellite positions. Due to the unclear license, such code is currently **completely removed** from Fedora package. See discussion on [legal mailing lis t](https://lists.fedoraproject.org/archives/list/legal@lists.fedoraproject.org/... essage/64AXCFHYUT4A4G6OP5KVJQKXNT5FEZNV/) -------------------------------------------------------------------------------- ChangeLog:
* Sat Oct 31 2020 Mattia Verga mattia.verga@protonmail.com - 1.4.0-1 - Update to 1.4.0 * Tue Jul 28 2020 Fedora Release Engineering releng@fedoraproject.org - 1.3.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1893074 - libpasastro-1.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1893074 --------------------------------------------------------------------------------
================================================================================ libtpms-0.7.4-0.20201031git2452a24dab.fc32 (FEDORA-2020-95f6a3250a) Library providing Trusted Platform Module (TPM) functionality -------------------------------------------------------------------------------- Update Information:
Follow stable-0.7.0 branch to v0.7.4 with security-related fixes -------------------------------------------------------------------------------- ChangeLog:
* Sat Oct 31 2020 Stefan Berger stefanb@linux.ibm.com - 0.7.4-0.20201031git2452a24dab - Follow stable-0.7.0 branch to v0.7.4 with security-related fixes --------------------------------------------------------------------------------
================================================================================ mlpack-3.4.2-1.fc32 (FEDORA-2020-aa153c5fd2) Scalable, fast C++ machine learning library -------------------------------------------------------------------------------- Update Information:
Update to latest stable version. -------------------------------------------------------------------------------- ChangeLog:
* Wed Oct 28 2020 Ryan Curtin ryan@ratml.org - 3.4.2-1 - Update to latest stable version. --------------------------------------------------------------------------------
================================================================================ nss-3.58.0-3.fc32 (FEDORA-2020-bb91bf9b8e) Network Security Services -------------------------------------------------------------------------------- Update Information:
Updates the nss package to upstream NSS 3.58 respectively. For details about new functionality and a list of bugs fixed in this release please see the upstream release notes - https://developer.mozilla.org/en- US/docs/Mozilla/Projects/NSS/NSS_3.57_release_notes -------------------------------------------------------------------------------- ChangeLog:
* Mon Oct 26 2020 Daiki Ueno dueno@redhat.com - 3.58.0-3 - Revert the last change, always tolerate the first CCS in TLS 1.3 * Thu Oct 22 2020 Daiki Ueno dueno@redhat.com - 3.58.0-2 - Enable TLS 1.3 middlebox compatibility mode by default * Tue Oct 20 2020 Daiki Ueno dueno@redhat.com - 3.58.0-1 - Update to NSS 3.58 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1887319 - CVE-2020-25648 nss: TLS 1.3 CCS flood remote DoS Attack https://bugzilla.redhat.com/show_bug.cgi?id=1887319 --------------------------------------------------------------------------------
================================================================================ pipewire-0.3.14-1.fc32 (FEDORA-2020-f705313d23) Media Sharing Server -------------------------------------------------------------------------------- Update Information:
Update to 0.3.14 -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 30 2020 Wim Taymans wtaymans@redhat.com - 0.3.14-1 - Update to 0.3.14 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1827698 - [abrt] pipewire: spa_list_remove(): pipewire-media-session killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1827698 [ 2 ] Bug #1833797 - [abrt] pipewire: alsa_on_timeout_event(): pipewire killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1833797 [ 3 ] Bug #1884847 - [abrt] pipewire: spa_hook_list_append(): pipewire-media-session killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1884847 --------------------------------------------------------------------------------
================================================================================ preproc-rpmspec-1.1-1.fc32 (FEDORA-2020-4da15ba22c) Minimalistic tool for rpm spec-file preprocessing -------------------------------------------------------------------------------- Update Information:
New major versions of rpkg-macros (1.0) and preproc-rpmspec (1.1). Update allowed per https://pagure.io/fesco/issue/2488. preproc-rpmspec was only changed to require rpkg-macros >= 1.0. More significant changes are in rpkg- macros: - fix version check in git_pack - rpm-git-tag-sort is also required during build for tests - add man pages for rpkg-macros, redirect there from MACRO REFERENCE in man rpkg - fix parameter order for rpm-git-tag-sort in git_merged_tag_refs - fix version parsing from the latest tag, package name may contain dashes! - implement support for multiple Sources at once - use rpm- git-tag-sort for tag sorting & filtering in git_merged_tag_refs submodules - fix git_head for detached head state - in git_bumped_version, lead must be numeric and greater than zero to output follow as zero + small code tweak in git_version_generic - remove now unused git_bumped_release, set "" as default for lead in git_bumped_version - make lead="" the only special case, otherwise lead is lead - unify code and params for git_release and git_version - code cleanup -------------------------------------------------------------------------------- ChangeLog:
* Thu Oct 8 2020 Michal Novotn�� michal.novotny@comprimato.com 1.1-1 - set lead to empty * Mon Oct 5 2020 Michal Novotn�� michal.novotny@comprimato.com 1.0-1 - Require rpkg-macros >= 1.0 --------------------------------------------------------------------------------
================================================================================ psi-plus-1.4.1529-1.fc32 (FEDORA-2020-bcb5ace124) Jabber client based on Qt -------------------------------------------------------------------------------- Update Information:
Updated to version 1.4.1529. -------------------------------------------------------------------------------- ChangeLog:
* Sat Oct 31 2020 Vitaly Zaitsev vitaly@easycoding.org - 1:1.4.1529-1 - Updated to version 1.4.1529. * Sat Oct 31 2020 Vitaly Zaitsev vitaly@easycoding.org - 1:1.4.1526-1 - Updated to version 1.4.1526. * Fri Oct 30 2020 Vitaly Zaitsev vitaly@easycoding.org - 1:1.4.1523-1 - Updated to version 1.4.1523. --------------------------------------------------------------------------------
================================================================================ python-conda-package-handling-1.7.2-1.fc32 (FEDORA-2020-5ab047bec2) Create and extract conda packages of various formats -------------------------------------------------------------------------------- Update Information:
Update to conda 4.9.1 -------------------------------------------------------------------------------- ChangeLog:
* Sun Oct 18 2020 Orion Poplawski orion@nwra.com - 1.7.2-1 - Update to 1.7.2 * Wed Jul 29 2020 Fedora Release Engineering releng@fedoraproject.org - 1.7.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Wed Jun 24 2020 Orion Poplawski orion@nwra.com - 1.7.0-3 - Add BR on python-setuptools * Tue May 26 2020 Miro Hron��ok mhroncok@redhat.com - 1.7.0-2 - Rebuilt for Python 3.9 * Thu May 7 2020 Orion Poplawski orion@nwra.com - 1.7.0-1 - Update to 1.7.0 * Thu May 7 2020 Orion Poplawski orion@nwra.com - 1.6.1-1 - Update to 1.6.1 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1832396 - python-conda-package-handling-1.7.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1832396 [ 2 ] Bug #1888457 - conda-4.9.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1888457 --------------------------------------------------------------------------------
================================================================================ python-freeipa-1.0.7-1.fc32 (FEDORA-2020-9f83f179e6) Lightweight FreeIPA client -------------------------------------------------------------------------------- Update Information:
Bugfix update to 1.0.7 -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 30 2020 Neal Gompa ngompa13@gmail.com - 1.0.7-1 - Update to 1.0.7 (#1893204) * Wed Jul 29 2020 Fedora Release Engineering releng@fedoraproject.org - 1.0.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1893204 - python-freeipa-1.0.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1893204 --------------------------------------------------------------------------------
================================================================================ rpkg-macros-1.0-1.fc32 (FEDORA-2020-4da15ba22c) Set of preproc macros for rpkg utility -------------------------------------------------------------------------------- Update Information:
New major versions of rpkg-macros (1.0) and preproc-rpmspec (1.1). Update allowed per https://pagure.io/fesco/issue/2488. preproc-rpmspec was only changed to require rpkg-macros >= 1.0. More significant changes are in rpkg- macros: - fix version check in git_pack - rpm-git-tag-sort is also required during build for tests - add man pages for rpkg-macros, redirect there from MACRO REFERENCE in man rpkg - fix parameter order for rpm-git-tag-sort in git_merged_tag_refs - fix version parsing from the latest tag, package name may contain dashes! - implement support for multiple Sources at once - use rpm- git-tag-sort for tag sorting & filtering in git_merged_tag_refs submodules - fix git_head for detached head state - in git_bumped_version, lead must be numeric and greater than zero to output follow as zero + small code tweak in git_version_generic - remove now unused git_bumped_release, set "" as default for lead in git_bumped_version - make lead="" the only special case, otherwise lead is lead - unify code and params for git_release and git_version - code cleanup -------------------------------------------------------------------------------- ChangeLog:
* Mon Oct 5 2020 clime clime@fedoraproject.org 1.0-1 - fix version check in git_pack - rpm-git-tag-sort is also required during build for tests - add man pages for rpkg-macros, redirect there from MACRO REFERENCE in man rpkg - fix parameter order for rpm-git-tag-sort in git_merged_tag_refs - fix version parsing from the latest tag, package name may contain dashes! - implement support for multiple Sources at once - use rpm-git-tag-sort for tag sorting & filtering in git_merged_tag_refs submodules - fix git_head for detached head state - in git_bumped_version, lead must be numeric and greater than zero to output follow as zero + small code tweak in git_version_generic - remove now unused git_bumped_release, set "" as default for lead in git_bumped_version - make lead="" the only special case, otherwise lead is lead - unify code and params for git_release and git_version - code cleanup --------------------------------------------------------------------------------
================================================================================ usrsctp-1.0.0-0.1.20201017gitf4925bd.fc32 (FEDORA-2020-bcb5ace124) Portable SCTP userland stack -------------------------------------------------------------------------------- Update Information:
Updated to version 1.4.1529. -------------------------------------------------------------------------------- ChangeLog:
--------------------------------------------------------------------------------