The following Fedora 32 Security updates need testing: Age URL 15 https://bodhi.fedoraproject.org/updates/FEDORA-2020-d242130019 weechat-2.7.1-1.fc32 11 https://bodhi.fedoraproject.org/updates/FEDORA-2020-0e42878ba7 tomcat-9.0.31-2.fc32 11 https://bodhi.fedoraproject.org/updates/FEDORA-2020-07624ddb99 java-11-openjdk-11.0.6.10-0.fc32 6 https://bodhi.fedoraproject.org/updates/FEDORA-2020-9aac6c76c4 php-7.4.4-1.fc32 6 https://bodhi.fedoraproject.org/updates/FEDORA-2020-2136b020f2 python-twisted-19.10.0-2.fc32 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-1b90085f8d python-nltk-3.4.5-2.fc32 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-e9741a6a15 PyYAML-5.3.1-1.fc32 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-17149a4f3d chromium-80.0.3987.149-1.fc32 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-51d591d035 cyrus-sasl-2.1.27-4.fc32 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-d09f0ce68d tor-0.4.2.7-1.fc32 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-ef1ff20b59 dcraw-9.28.0-9.fc32 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-8d5de93970 ckeditor-4.14.0-1.fc32 2 https://bodhi.fedoraproject.org/updates/FEDORA-2020-acab8520f6 light-1.2.2-1.fc32 2 https://bodhi.fedoraproject.org/updates/FEDORA-2020-1b5b3b465d libmodsecurity-3.0.3-6.fc32 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-dcde488e68 okular-19.12.3-2.fc32 0 https://bodhi.fedoraproject.org/updates/FEDORA-2020-e62856911b drupal8-8.8.4-1.fc32 0 https://bodhi.fedoraproject.org/updates/FEDORA-2020-6efa0fc869 coturn-4.5.1.1-3.fc32 0 https://bodhi.fedoraproject.org/updates/FEDORA-2020-42e79d74f1 java-1.8.0-openjdk-1.8.0.242.b08-1.fc32
The following Fedora 32 Critical Path updates have yet to be approved: Age URL 21 https://bodhi.fedoraproject.org/updates/FEDORA-2020-2b538f8cb6 proj-6.3.1-3.fc32 14 https://bodhi.fedoraproject.org/updates/FEDORA-2020-542e0e6cf6 supermin-5.2.0-1.fc32 14 https://bodhi.fedoraproject.org/updates/FEDORA-2020-c935e9d64c libxslt-1.1.34-1.fc32 14 https://bodhi.fedoraproject.org/updates/FEDORA-2020-6c696fa7da gimp-focusblur-plugin-3.2.6-11.fc32 gimp-lqr-plugin-0.7.2-15.fc32 gimp-separate+-0.5.8-26.fc32 ibutils-1.5.7-33.fc32 powerpc-utils-1.3.7-4.fc32 ratbox-services-1.2.4-7.fc32 rdkit-2019.03.3-6.fc32 14 https://bodhi.fedoraproject.org/updates/FEDORA-2020-23cca36701 pipewire-0.3.1-1.fc32 12 https://bodhi.fedoraproject.org/updates/FEDORA-2020-562857839c ModemManager-1.12.6-1.fc32 libmbim-1.22.0-1.fc32 libqmi-1.24.6-1.fc32 12 https://bodhi.fedoraproject.org/updates/FEDORA-2020-ce9cd3ba08 libguestfs-1.42.0-2.fc32 12 https://bodhi.fedoraproject.org/updates/FEDORA-2020-5cb807fa40 perl-Encode-3.04-443.fc32 12 https://bodhi.fedoraproject.org/updates/FEDORA-2020-bf6c2a3932 libevdev-1.9.0-1.fc32 11 https://bodhi.fedoraproject.org/updates/FEDORA-2020-430dea9c94 libwpe-1.6.0-1.fc32 wpebackend-fdo-1.6.0-1.fc32 11 https://bodhi.fedoraproject.org/updates/FEDORA-2020-6825482b97 audit-3.0-0.19.20191104git1c2f876.fc32 11 https://bodhi.fedoraproject.org/updates/FEDORA-2020-d0986e01cd pam-1.3.1-24.fc32 selinux-policy-3.14.5-30.fc32 10 https://bodhi.fedoraproject.org/updates/FEDORA-2020-f215552cfc dtc-1.6.0-1.fc32 8 https://bodhi.fedoraproject.org/updates/FEDORA-2020-94d54c93b7 pungi-4.2.1-2.fc32 7 https://bodhi.fedoraproject.org/updates/FEDORA-2020-32a1318d79 thunderbird-68.6.0-1.fc32 7 https://bodhi.fedoraproject.org/updates/FEDORA-2020-f46dea837d pcre2-10.34-8.fc32 7 https://bodhi.fedoraproject.org/updates/FEDORA-2020-c7a820c8ab dracut-050-26.git20200316.fc32 7 https://bodhi.fedoraproject.org/updates/FEDORA-2020-d708f52a27 perl-Pod-Usage-1.70-1.fc32 7 https://bodhi.fedoraproject.org/updates/FEDORA-2020-3d60e57f97 ostree-2020.3-2.fc32 6 https://bodhi.fedoraproject.org/updates/FEDORA-2020-323258e6d3 libslirp-4.2.0-1.fc32 6 https://bodhi.fedoraproject.org/updates/FEDORA-2020-d740facd14 git-2.26.0-0.3.rc2.fc32 6 https://bodhi.fedoraproject.org/updates/FEDORA-2020-9f8d3d996d authselect-1.2-1.fc32 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-51d591d035 cyrus-sasl-2.1.27-4.fc32 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-d7cff22b0c gnome-control-center-3.36.0-3.fc32 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-4e7f86bb96 coreutils-8.32-3.fc32.1 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-ca2d9dda2d selinux-policy-3.14.5-31.fc32 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-686c838281 util-linux-2.35.1-6.fc32 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-af976581e2 libreport-2.12.0-3.fc32 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-e5f4059044 lorax-32.8-1.fc32 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-dc1166c81b fuse3-3.9.1-1.fc32 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-824e6b5a92 xdg-desktop-portal-1.7.0-1.fc32 xdg-desktop-portal-gtk-1.7.0-1.fc32 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-5bd57c239b gnome-remote-desktop-0.1.8-1.fc32 2 https://bodhi.fedoraproject.org/updates/FEDORA-2020-d984f61022 vte291-0.60.0-2.fc32 2 https://bodhi.fedoraproject.org/updates/FEDORA-2020-e2faabcf51 fedora-release-32-0.8 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-b41760de92 pcmanfm-1.3.1-3.D20190224gitc52cc4b2.fc32 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-b19cfcde49 gdisk-1.0.5-1.fc32 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-eca7201a3b lxsession-0.5.5-1.fc32 0 https://bodhi.fedoraproject.org/updates/FEDORA-2020-d798a0dae2 gnome-session-3.36.0-2.fc32 0 https://bodhi.fedoraproject.org/updates/FEDORA-2020-7f77d0f63a qt5-qtbase-5.13.2-4.fc32 0 https://bodhi.fedoraproject.org/updates/FEDORA-2020-d73f5db86c kexec-tools-2.0.20-11.fc32 0 https://bodhi.fedoraproject.org/updates/FEDORA-2020-d85dcb2efc dnsmasq-2.80-14.fc32 0 https://bodhi.fedoraproject.org/updates/FEDORA-2020-a84ba2b0ea shadow-utils-4.8.1-1.fc32 0 https://bodhi.fedoraproject.org/updates/FEDORA-2020-29908b16d2 iio-sensor-proxy-3.0-1.fc32 0 https://bodhi.fedoraproject.org/updates/FEDORA-2020-6808aded96 pulseaudio-13.99.1-2.fc32
The following builds have been pushed to Fedora 32 updates-testing
fedora-easy-karma-0-0.43.20191206git56f1e97.fc32 fixedptc-0-6.20200228hgb8acfec.fc32 fonttools-4.5.0-1.fc32 gd-2.3.0-1.fc32 kitty-0.17.1-2.fc32 librealsense-2.31.0-3.fc32 libreoffice-6.4.1.2-4.fc32 libvirt-6.1.0-2.fc32 mailman3-3.2.2-1.fc32 mirrorlist-server-2.1.0-1.fc32 ndctl-68-1.fc32 pam_wrapper-1.1.2-1.fc32 perl-DBD-Pg-3.10.5-1.fc32 perl-IPC-System-Simple-1.30-1.fc32 php-PsrLog-1.1.3-1.fc32 phpMyAdmin-5.0.2-2.fc32 python-ailment-8.20.1.7-1.fc32 python-aiorestapi-0.1.1-1.fc32 python-archinfo-8.20.1.7-1.fc32 python-docker-4.2.0-1.fc32 python-pyscf-1.7.1-1.fc32 python-pytest-subtests-0.3.0-1.fc32 resolv_wrapper-1.1.6-1.fc32 restview-2.9.2-1.fc32 rpkg-1.60-1.fc32 socket_wrapper-1.2.4-1.fc32 solaar-1.0.2-0.1.rc1.20200322git563ef0d.fc32 urh-2.8.5-1.fc32 util-linux-2.35.1-7.fc32 vala-0.48.2-1.fc32 variety-0.8.4-0.1.git8b8bb63.fc32 wine-dxvk-1.6-1.fc32 wxMaxima-20.03.1-1.fc32 xscreensaver-5.44-1.fc32 yamllint-1.21.0-1.fc32
Details about builds:
================================================================================ fedora-easy-karma-0-0.43.20191206git56f1e97.fc32 (FEDORA-2020-05f8e750df) Fedora update feedback made easy -------------------------------------------------------------------------------- Update Information:
- Proper Bodhi 4 Support - Legacy code cleanup (drop yum, py2 and old bodhi support) -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 24 2020 Frantisek Zatloukal fzatlouk@redhat.com - 0-0.43.20191206git56f1e97 - Proper Bodhi 4 Support - Legacy code cleanup (drop yum, py2 and old bodhi support) --------------------------------------------------------------------------------
================================================================================ fixedptc-0-6.20200228hgb8acfec.fc32 (FEDORA-2020-c5a68c90e4) Fixed point math header only library for C -------------------------------------------------------------------------------- Update Information:
Fixed point math header only library for C -------------------------------------------------------------------------------- ChangeLog:
-------------------------------------------------------------------------------- References:
[ 1 ] Bug #1809261 - Review Request: fixedptc - Fixed point math header only library for C https://bugzilla.redhat.com/show_bug.cgi?id=1809261 --------------------------------------------------------------------------------
================================================================================ fonttools-4.5.0-1.fc32 (FEDORA-2020-973876fd7e) Tools to manipulate font files -------------------------------------------------------------------------------- Update Information:
Update to 4.5.0 version (#1815641) -------------------------------------------------------------------------------- ChangeLog:
* Sat Mar 21 2020 Parag Nemade <pnemade AT redhat DOT com> - 4.5.0-1 - Update to 4.5.0 version (#1815641) * Mon Mar 16 2020 Parag Nemade <pnemade AT redhat DOT com> - 4.4.3-1 - Update to 4.4.3 version (#1813103) * Thu Feb 27 2020 Parag Nemade <pnemade AT redhat DOT com> - 4.4.1-1 - Update to 4.4.1 version (#1804509) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1815641 - None https://bugzilla.redhat.com/show_bug.cgi?id=1815641 --------------------------------------------------------------------------------
================================================================================ gd-2.3.0-1.fc32 (FEDORA-2020-e795f92d79) A graphics library for quick creation of PNG or JPEG images -------------------------------------------------------------------------------- Update Information:
**Version 2.3.0** - 2020-03-22 **Security** - Potential double-free in gdImage*Ptr(). (CVE-2019-6978) - gdImageColorMatch() out of bounds write on heap. (CVE-2019-6977) - Uninitialized read in gdImageCreateFromXbm(). (CVE-2019-11038) - Double-free in gdImageBmp. (CVE-2018-1000222) - Potential NULL pointer dereference in gdImageClone(). (CVE-2018-14553) - Potential infinite loop in gdImageCreateFromGifCtx(). (CVE-2018-5711) **Fixed** * Fix #597: add codecov support - Fix #596: gdTransformAffineCopy run error - Fix #589: Install dependencies move to .travis.yml - Fix #586: gdTransformAffineCopy() segfaults on palette images - Fix #585: gdTransformAffineCopy() changes interpolation method - Fix #584: gdImageSetInterpolationMethod(im, GD_DEFAULT) inconsistent - Fix #583: gdTransformAffineCopy() may use unitialized values - Fix #533: Remove cmake modules - Fix #539: Add RAQM support for cmake - Fix #499: gdImageGifAnimAddPtr: heap corruption with 2 identical images - Fix #486: gdImageCropAuto(���, GD_CROP_SIDES) crops left but not right - Fix #485: auto cropping has insufficient precision - Fix #479: Provide a suitable malloc function to liq - Fix #474: libtiff link returns 404 HTTP code - Fix #450: Failed to open 1 bit per pixel bitmap - Fix #440: new_width & new_height exception handling - Fix #432: gdImageCrop neglecting transparency - Fix #420: Potential infinite loop in gdImageCreateFromGifCtx - Fix #411: gd_gd.c format documentation appears to be incorrect - Fix #369: Fix new_a init error in gdImageConvolution() - Fix #351: gdImageFilledArc() doesn't properly draw pies - Fix #338: Fatal and normal libjpeg/libpng errors not distinguishable - Fix #169: Update var type to hold bigger w&h for ellipse - Fix #164: update doc files install directory in CMakeLists.txt - Correct some test depend errors - Update cmake min version to 3.7 - Delete libimagequant source code download action in CMakeLists.txt - Improve msys support - Fix some logic error in CMakeLists.txt - Remove the following macro: HAVE_STDLIB_H, HAVE_STRING_H, HAVE_STDDEF_H, HAVE_LIMITS_H, HAVE_ERRNO_H, AC_C_CONST ----- **Notice:** * fix for CVE-2018-5711, CVE-2018-1000222, CVE-2019-6977, CVE-2019-6978, and CVE-2018-14553 were already applied in previous packages. * gdlib-config command have been dropped -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 24 2020 Remi Collet remi@remirepo.net - 2.3.0-1 - update to 2.3.0 - add dependency on libraqm - remove gdlib-config --------------------------------------------------------------------------------
================================================================================ kitty-0.17.1-2.fc32 (FEDORA-2020-41338edb8c) Cross-platform, fast, feature full, GPU based terminal emulator -------------------------------------------------------------------------------- Update Information:
Update to latest version ---- Update to latest version -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 24 2020 Artem Polishchuk ego.cordatus@gmail.com - 0.17.1-2 - Drop sedding build flags. Not needed anymore. - Fix build step as upstream recommended - Do not exclude ppc64le arch anymore * Tue Mar 24 2020 Artem Polishchuk ego.cordatus@gmail.com - 0.17.1-1 - Update to 0.17.1 * Tue Mar 24 2020 Artem Polishchuk ego.cordatus@gmail.com - 0.17.0-1 - Update to 0.17.0 - Exclude arch ppc64le --------------------------------------------------------------------------------
================================================================================ librealsense-2.31.0-3.fc32 (FEDORA-2020-c822954c9c) Cross-platform camera capture for Intel RealSense -------------------------------------------------------------------------------- Update Information:
Fix CMake import target by making librealsense-file a shared library -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 24 2020 Till Hofmann thofmann@fedoraproject.org - 2.31.0-3 - Add patch to make librealsense-file a shared library (#1815567) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1815567 - CMake import targets broken https://bugzilla.redhat.com/show_bug.cgi?id=1815567 --------------------------------------------------------------------------------
================================================================================ libreoffice-6.4.1.2-4.fc32 (FEDORA-2020-d064a5338e) Free Software Productivity Suite -------------------------------------------------------------------------------- Update Information:
* fix showing license information ---- - help->licence information->license didn't display the license like it should have ---- Split math package differently so: a) it can remain listed by Gnome Software b) but can be not installed by default, without that breaking documents with embedded equations -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 23 2020 Caol��n McNamara caolanm@redhat.com - 1:6.4.1.2-4 - help->license->license doesn't do anything * Fri Mar 20 2020 Caol��n McNamara caolanm@redhat.com - 1:6.4.1.2-3 - disable tip-of-the-day dialog by default * Wed Mar 18 2020 Caol��n McNamara caolanm@redhat.com - 1:6.4.1.2-2 - rhbz#1776774 make math subpackage just a superficial package for math launcher -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1776774 - Libreoffice Math not listed by Gnome Software https://bugzilla.redhat.com/show_bug.cgi?id=1776774 --------------------------------------------------------------------------------
================================================================================ libvirt-6.1.0-2.fc32 (FEDORA-2020-e2ecf59224) Library providing a simple virtualization API -------------------------------------------------------------------------------- Update Information:
Check for disk type correctly in virDomainDiskTranslateSourcePool. This should fix Fedora 32 Final blocker bug #1816553. -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 24 2020 Felipe Borges feborges@redhat.com - 6.1.0-2 - Check for disk type correctly in virDomainDiskTranslateSourcePool -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1816553 - None https://bugzilla.redhat.com/show_bug.cgi?id=1816553 --------------------------------------------------------------------------------
================================================================================ mailman3-3.2.2-1.fc32 (FEDORA-2020-78c45b9266) The GNU mailing list manager -------------------------------------------------------------------------------- Update Information:
New release 3.2.2, rebuilt for Python 3.8 -------------------------------------------------------------------------------- ChangeLog:
* Thu Mar 19 2020 Marc Dequ��nes (Duck) duck@redhat.com - 3.2.2-1 - NUR - remove Python 3.7 support patch, applied upstream - refreshed/adapted patches - don't hardcode the path to `hardlink` - update and tighten dependencies - adapt tests after changes in mailman3-subject-prefix.patch - backport content-type fix for tests - use importlib.resources instead of importlib_resources is available - fix stale lock preventing mailman3.service from starting (see Debian#919160) - add upstream patch to fix compatibility with Python 3.7.4 and Python 3.8b4 - ported upstream patch to fix compatibility with Python 3.8 - upstream patch to fix model deletion and template init * Wed Jan 29 2020 Fedora Release Engineering releng@fedoraproject.org - 3.2.0-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Mon Sep 30 2019 Aurelien Bompard abompard@fedoraproject.org - 3.2.0-5 - Fix hardlink * Mon Aug 19 2019 Miro Hron��ok mhroncok@redhat.com - 3.2.0-4 - Rebuilt for Python 3.8 * Thu Jul 25 2019 Fedora Release Engineering releng@fedoraproject.org - 3.2.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1715598 - None https://bugzilla.redhat.com/show_bug.cgi?id=1715598 --------------------------------------------------------------------------------
================================================================================ mirrorlist-server-2.1.0-1.fc32 (FEDORA-2020-ebb935cb4c) Mirrorlist Server -------------------------------------------------------------------------------- Update Information:
Update to 2.1.0 -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 23 2020 Igor Raits ignatenkobrain@fedoraproject.org - 2.1.0-1 - Update to 2.1.0 --------------------------------------------------------------------------------
================================================================================ ndctl-68-1.fc32 (FEDORA-2020-de8ceffbd3) Manage "libnvdimm" subsystem devices (Non-volatile Memory) -------------------------------------------------------------------------------- Update Information:
release-v68 -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 24 2020 Vishal Verma vishal@stellar.sh - 68-1 - release v68 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1816504 - ndctl-68 is available https://bugzilla.redhat.com/show_bug.cgi?id=1816504 --------------------------------------------------------------------------------
================================================================================ pam_wrapper-1.1.2-1.fc32 (FEDORA-2020-0e9fad7a43) A tool to test PAM applications and PAM modules -------------------------------------------------------------------------------- Update Information:
Update to version 1.1.2 -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 24 2020 Andreas Schneider asn@redhat.com - 1.1.2-1 - Update to version 1.1.2 * https://gitlab.com/cwrap/pam_wrapper/-/blob/master/CHANGELOG --------------------------------------------------------------------------------
================================================================================ perl-DBD-Pg-3.10.5-1.fc32 (FEDORA-2020-6651f17f19) A PostgreSQL interface for perl -------------------------------------------------------------------------------- Update Information:
Update to the latest version -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 24 2020 Jitka Plesnikova jplesnik@redhat.com - 3.10.5-1 - 3.10.5 bump -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1816303 - None https://bugzilla.redhat.com/show_bug.cgi?id=1816303 --------------------------------------------------------------------------------
================================================================================ perl-IPC-System-Simple-1.30-1.fc32 (FEDORA-2020-062a081705) Run commands simply, with detailed diagnostics -------------------------------------------------------------------------------- Update Information:
Current upstream maintenance release. -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 24 2020 Paul Howarth paul@city-fan.org - 1.30-1 - Update to 1.30 - On MSWin32, make Win32::Process a prerequisite * Sun Mar 22 2020 Paul Howarth paul@city-fan.org - 1.29-1 - Update to 1.29 - Improved handling of shell commands on Windows, which should get us closer to resolving Win32-related issues; there should be no change of functionality on Unix-like platforms - Better workaround for bug in perl-5.8.9 (GH#129) - Add t/args.t - Modify t/win32.t - Added Travis and AppVeyor configuration files - Eliminated use of Dist::Zilla for build, using older, but more reliable and better understood (by maintainer) ExtUtils::MakeMaker-based configuration - Move author testing to xt/ directory --------------------------------------------------------------------------------
================================================================================ php-PsrLog-1.1.3-1.fc32 (FEDORA-2020-f6240b5d6f) Common interface for logging libraries -------------------------------------------------------------------------------- Update Information:
**Version 1.1.3** * Fix warnings in static analysis tools by updating the context's array typehint to mixed[] -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 24 2020 Remi Collet remi@remirepo.net - 1.1.3-1 - update to 1.1.3 --------------------------------------------------------------------------------
================================================================================ phpMyAdmin-5.0.2-2.fc32 (FEDORA-2020-e60ce63865) A web interface for MySQL and MariaDB -------------------------------------------------------------------------------- Update Information:
The **phpMyAdmin** team announces the release of both **4.9.5** and **5.0.2**. Both versions contain several security fixes: * PMASA-2020-2 SQL injection vulnerability in the user accounts page, particularly when changing a password * PMASA-2020-3 SQL injection vulnerability relating to the search feature * PMASA-2020-4 SQL injection and XSS having to do with displaying results * Removing of the "options" field for the external transformation. There are many other bugs fixes, please see the ChangeLog file included with this release for full details. -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 24 2020 Remi Collet remi@remirepo.net 5.0.2-2 - cleanup httpd configuration * Sat Mar 21 2020 Remi Collet remi@remirepo.net 5.0.2-1 - update to 5.0.2 (2020-03-21, security release) - use phpmyadmin/twig-i18n-extension instead of twig/extensions -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1816097 - CVE-2020-10804 phpMyAdmin: SQL injection was found in retrieval of the current username which could result privilege escalation https://bugzilla.redhat.com/show_bug.cgi?id=1816097 [ 2 ] Bug #1816131 - CVE-2020-10803 phpMyAdmin: Inserting specially crafted code in database tables, retrieving and displaying resuts could result in XSS https://bugzilla.redhat.com/show_bug.cgi?id=1816131 [ 3 ] Bug #1816144 - CVE-2020-10802 phpMyAdmin: SQL injection was found in generating certain queries for search actions which could result in malicious D M https://bugzilla.redhat.com/show_bug.cgi?id=1816144 --------------------------------------------------------------------------------
================================================================================ python-ailment-8.20.1.7-1.fc32 (FEDORA-2020-b94b260d22) The angr intermediate language -------------------------------------------------------------------------------- Update Information:
Initial package for Fedora -------------------------------------------------------------------------------- ChangeLog:
-------------------------------------------------------------------------------- References:
[ 1 ] Bug #1808509 - Review Request: python-ailment - The angr intermediate language https://bugzilla.redhat.com/show_bug.cgi?id=1808509 --------------------------------------------------------------------------------
================================================================================ python-aiorestapi-0.1.1-1.fc32 (FEDORA-2020-75a73a9af6) Rapid rest resources for aiohttp -------------------------------------------------------------------------------- Update Information:
Initial package for Fedora -------------------------------------------------------------------------------- ChangeLog:
-------------------------------------------------------------------------------- References:
[ 1 ] Bug #1809266 - None https://bugzilla.redhat.com/show_bug.cgi?id=1809266 --------------------------------------------------------------------------------
================================================================================ python-archinfo-8.20.1.7-1.fc32 (FEDORA-2020-19287a0ec6) Collection of classes that contain architecture-specific information -------------------------------------------------------------------------------- Update Information:
Initial package for Fedora -------------------------------------------------------------------------------- ChangeLog:
-------------------------------------------------------------------------------- References:
[ 1 ] Bug #1808411 - Review Request: python-archinfo - Collection of classes that contain architecture-specific information https://bugzilla.redhat.com/show_bug.cgi?id=1808411 --------------------------------------------------------------------------------
================================================================================ python-docker-4.2.0-1.fc32 (FEDORA-2020-903e2965a5) A Python library for the Docker Engine API -------------------------------------------------------------------------------- Update Information:
New upstream release 4.2.0 -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 24 2020 Tomas Tomecek ttomecek@redhat.com - 4.2.0-1 - New upstream release 4.2.0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1758211 - python-docker-4.2.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1758211 --------------------------------------------------------------------------------
================================================================================ python-pyscf-1.7.1-1.fc32 (FEDORA-2020-8a537081bf) Python module for quantum chemistry -------------------------------------------------------------------------------- Update Information:
Update to 1.7.1, see changes at https://github.com/pyscf/pyscf/releases -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 24 2020 Susi Lehtola jussilehtola@fedoraproject.org - 1.7.1-1 - Update to 1.7.1. --------------------------------------------------------------------------------
================================================================================ python-pytest-subtests-0.3.0-1.fc32 (FEDORA-2020-5b979c36d0) Support for unittest subTest() and subtests fixture -------------------------------------------------------------------------------- Update Information:
Initial package for Fedora -------------------------------------------------------------------------------- ChangeLog:
-------------------------------------------------------------------------------- References:
[ 1 ] Bug #1816093 - Review Request: python-pytest-subtests - Support for unittest subTest() and subtests fixture https://bugzilla.redhat.com/show_bug.cgi?id=1816093 --------------------------------------------------------------------------------
================================================================================ resolv_wrapper-1.1.6-1.fc32 (FEDORA-2020-d01077598b) A wrapper for dns name resolving or dns faking -------------------------------------------------------------------------------- Update Information:
Update to version 1.1.6 -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 24 2020 Andreas Schneider asn@redhat.com - 1.1.6-8 - Update to version 1.1.6 * https://gitlab.com/cwrap/resolv_wrapper/-/blob/master/CHANGELOG --------------------------------------------------------------------------------
================================================================================ restview-2.9.2-1.fc32 (FEDORA-2020-d8a2d50f51) ReStructuredText viewer -------------------------------------------------------------------------------- Update Information:
Initial package for Fedora -------------------------------------------------------------------------------- ChangeLog:
-------------------------------------------------------------------------------- References:
[ 1 ] Bug #1809711 - Review Request: restview - ReStructuredText viewer https://bugzilla.redhat.com/show_bug.cgi?id=1809711 --------------------------------------------------------------------------------
================================================================================ rpkg-1.60-1.fc32 (FEDORA-2020-0c8ac9bc1f) Python library for interacting with rpm+git -------------------------------------------------------------------------------- Update Information:
New release. Detailed release notes here: https://docs.pagure.org/rpkg/releases/1.60.html -------------------------------------------------------------------------------- ChangeLog:
* Fri Mar 20 2020 Ond��ej Nosek onosek@redhat.com - 1.60-1 - More transparent check of retired package (onosek) - Run newer version of sphinx-build tool (onosek) - Lookaside cache upload is not based on an extension - #484 (onosek) - container-build: additional warning when using --release (mlangsdo) - allow compose-id with repo-url for container_build (rcerven) - Clone config customization for namespaces - 231 (onosek) - Repair Jenkins tests (onosek) - (new-)sources should fail with git tracked files - 241 (onosek) - Handle new cachito dependency replacement argument (athoscr) - module-build optional key help - 280 (onosek) - Modify watch-cancel message (sgallagh) - Create stats for module builds in 'init' state (csomh) - RPM 4.15 changed header returns from type 'bytes' to 'string'. Handle either by converting to 'string' if necessary. (mmathesi) - Don't expect module build tasks to have "rpms" (mulaieva) - Propagate module_hotfixes to getMockConfig - rhbz#1780228 (lsedlar) - Add check for wrong repo name format during clone - 353 (onosek) - Simplify methods for getting namespace giturl (onosek) - Use a single thread pool while watching module builds (csomh) - Also capture stderr in logfile (orion) - Line up descriptions for better code readability (onosek) - Isolated container-build should allow arches override (rcerven) - container-build: add --koji-parent-build argument (kdreyer) - tests: add container-build --isolated test (kdreyer) - container-build: add --isolated argument (kdreyer) - Pass skip_build option to buildContainer (rcerven) - Reuse koji_cli.lib.unique_path (cqi) --------------------------------------------------------------------------------
================================================================================ socket_wrapper-1.2.4-1.fc32 (FEDORA-2020-1af3a9299e) A library passing all socket communications through Unix sockets -------------------------------------------------------------------------------- Update Information:
Update to version 1.2.4 -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 24 2020 Andreas Schneider asn@redhat.com - 1.2.4-1 - Update to version 1.2.4 * https://gitlab.com/cwrap/socket_wrapper/-/blob/master/CHANGELOG --------------------------------------------------------------------------------
================================================================================ solaar-1.0.2-0.1.rc1.20200322git563ef0d.fc32 (FEDORA-2020-5011b62b4b) Device manager for a wide range of Logitech devices -------------------------------------------------------------------------------- Update Information:
* Look up tray icon filenames to get around a bug in libappindicator. * Make the default behavior be to show the main window at startup. * Support c537 nano receiver * Add logind signals for suspend/resume. * Remove solaar-gnome3 package * Ignore features for devices that don't follow feature specification * Add probe command to command-line interface to dump receiver registers * Don't terminate on malformed or unknown messages * Create fewer internal notifications for messages from devices * Add a button to the main window to terminate (quit) Solaar * Set up nano receivers as receivers with no unpairing and with re-pairing * Set up c534 as receiver with max 2 pairings, no unpairing, re-pairing * Better support receivers that do not unpair or when pairing replace existing pairings * Add information about receiver pairing to receiver data structure * Better support devices that only allow a limited number of total re-pairings * Add --window option to control main window visibility and tray usage * Ignore receiver if USB id is not retrieved * Fix bug with double deleting when devices are disconnected * Determine some receiver information from data structure for USB ids * Treat battery level of 0 as unknown * Fix bug on devices with no serial number * Drop support for python2, and use python3 throughout * Fix bug in remembering features discovered from device reports * Show icons in main window device list * Count offline devices when determining whether pairing is possible * Update French, Dutch, German, and Croation translations * Better icons for battery levels * Support DPI, Backlight 2, Battery Voltage features * Support M585, M590, M330, MX Master 2s and 3, new M310, new K800, craft keyboard * Documentation improvements * Clean up directory structure and remove unused files -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 24 2020 Dominik Mierzejewski rpm@greysector.net - 1.0.2-0.1.rc1.20200322git563ef0d - update to 1.0.2-rc1 + two recent commits - drop obsolete patches -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1710758 - solaar panel icon not displayed if receiver is unplugged https://bugzilla.redhat.com/show_bug.cgi?id=1710758 [ 2 ] Bug #1754278 - [abrt] solaar: gtk_cell_renderer_get_aligned_area(): python3.7 killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1754278 [ 3 ] Bug #1754295 - [abrt] solaar: check_feature(): settings_templates.py:381:check_feature:AttributeError: '_SETTINGS_LIST' object has no attribute 'low_res_scroll' https://bugzilla.redhat.com/show_bug.cgi?id=1754295 [ 4 ] Bug #1761158 - [abrt] solaar: read(): base.py:208:_read:logitech_receiver.base.NoReceiver: {'reason': OSError(5, 'Input/output error')} https://bugzilla.redhat.com/show_bug.cgi?id=1761158 [ 5 ] Bug #1770288 - [abrt] solaar: __call__(): settings.py:64:__call__:AssertionError https://bugzilla.redhat.com/show_bug.cgi?id=1770288 [ 6 ] Bug #1777460 - [abrt] solaar: update(): window.py:792:update:AssertionError https://bugzilla.redhat.com/show_bug.cgi?id=1777460 [ 7 ] Bug #1786196 - Critical battery icon on 50% https://bugzilla.redhat.com/show_bug.cgi?id=1786196 [ 8 ] Bug #1791334 - [abrt] solaar: update(): window.py:792:update:AssertionError https://bugzilla.redhat.com/show_bug.cgi?id=1791334 [ 9 ] Bug #1795944 - [abrt] solaar: check_feature(): settings_templates.py:381:check_feature:AttributeError: '_SETTINGS_LIST' object has no attribute 'low_res_scroll' https://bugzilla.redhat.com/show_bug.cgi?id=1795944 [ 10 ] Bug #1814073 - solaar-1.0.2-rc1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1814073 --------------------------------------------------------------------------------
================================================================================ urh-2.8.5-1.fc32 (FEDORA-2020-39a76a7889) Universal Radio Hacker: investigate wireless protocols like a boss -------------------------------------------------------------------------------- Update Information:
This is new urh version. -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 24 2020 Jaroslav ��karvada jskarvad@redhat.com - 2.8.5-1 - New version Resolves: rhbz#1816690 Resolves: rhbz#1815664 * Sat Mar 21 2020 David Sastre david.sastre@redhat.com - 2.8.4-2 - Add AirSpy R2 native support -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1815664 - None https://bugzilla.redhat.com/show_bug.cgi?id=1815664 [ 2 ] Bug #1816690 - None https://bugzilla.redhat.com/show_bug.cgi?id=1816690 --------------------------------------------------------------------------------
================================================================================ util-linux-2.35.1-7.fc32 (FEDORA-2020-14d9238469) A collection of basic system utilities -------------------------------------------------------------------------------- Update Information:
Fix fstrim.timer to correctly get enabled on F32 upgrades. -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 24 2020 Kalev Lember klember@redhat.com - 2.35.1-7 - Another attempt at enabling fstrim.timer on F32 upgrades (#1811506) * Thu Mar 19 2020 Karel Zak kzak@redhat.com - 2.35.1-6 - fix #1811506 (triggerpostun) * Tue Feb 25 2020 Karel Zak kzak@redhat.com - 2.35.1-5 - fix lsblk -P output for RAIDs, etc. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1811506 - fstrim.timer is not enabled on upgrades https://bugzilla.redhat.com/show_bug.cgi?id=1811506 --------------------------------------------------------------------------------
================================================================================ vala-0.48.2-1.fc32 (FEDORA-2020-3d92fa2e10) A modern programming language for GNOME -------------------------------------------------------------------------------- Update Information:
Vala 0.48.2 =========== * Various improvements and bug fixes: - vapigen: Define "GOBJECT" corresponding to set profile of CodeContext [#933] - codegen: + Reset outdated array _size_ variable after use as ref parameter [#929] + Emit postconditions before free'ing local variables + Correctly access captured parameter in precondition of method [#144] + Use correctly typed array-length variable for property-getter + Use correctly typed array-length variable for delegate invocation + Inherit "array_length_type" from (base-) parameter/property/method [#938] + Improve handling of "array_length_type" attribute [#938] + Use memset to init inline-allocated array with non- constant size [#910] + Initialize temp-var for property array length before calling getter + Include "glib.h" for g_return_*() usage [#940] - vala: + Use error() instead of Report.error() inside of CodeContext.get() + Accept enum-values as length for inline allocated arrays [#935] + Improve copy of required attributes from delegate to lamdba method + Inherit lambda parameter attributes from delegate + Inline-allocated array aren't instantiated with creation expression [#926] - valadoc: Create and register current Vala.CodeContext properly - parser: Improve error message for invalid ArrayCreationExpression [#939] - tests: Drop usage of "--main main" and avoid ambigious entry-points - manual: Update from wiki.gnome.org * Bindings: - Add cairo-gobject binding - cairo: Add missing type_id attributes guarded by GOBJECT define - glib-2.0: Add binding for g_poll() [#924] - glib-2.0: Add binding for g_win32_ftruncate() - glib-2.0: Add missing IOChannel's win32 API - gio-2.0: Add binding for g_io_error_from_win32_error() - gstreamer: Update from 1.17.0+ git master - gtk4: Update to 3.98.1 - posix: Add pathconf and fpathconf bindings - vapi: Update GIR-based bindings -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 24 2020 Kalev Lember klember@redhat.com - 0.48.2-1 - Update to 0.48.2 --------------------------------------------------------------------------------
================================================================================ variety-0.8.4-0.1.git8b8bb63.fc32 (FEDORA-2020-58da0b7f84) Wallpaper changer that automatically downloads wallpapers -------------------------------------------------------------------------------- Update Information:
- Update to 0.8.4-0.1.git8b8bb63 fix (BZ #1794896) -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 24 2020 Martin Gansser martinkg@fedoraproject.org - 0.8.4-0.1.git8b8bb63 - Update to 0.8.4-0.1.git8b8bb63 fix (BZ #1794896) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1809779 - Issue with Variety version 8 https://bugzilla.redhat.com/show_bug.cgi?id=1809779 [ 2 ] Bug #1815679 - Variety Crashes https://bugzilla.redhat.com/show_bug.cgi?id=1815679 --------------------------------------------------------------------------------
================================================================================ wine-dxvk-1.6-1.fc32 (FEDORA-2020-907e0132fd) Vulkan-based D3D11 and D3D10 implementation for Linux / Wine -------------------------------------------------------------------------------- Update Information:
Release 1.6 -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 24 2020 Frantisek Zatloukal fzatlouk@redhat.com - 1.6-1 - Release 1.6 --------------------------------------------------------------------------------
================================================================================ wxMaxima-20.03.1-1.fc32 (FEDORA-2020-d8ca214b37) Graphical user interface for Maxima -------------------------------------------------------------------------------- Update Information:
Update to the latest stable release. The main changes since the the last release shipped in Fedora are detailed below. New features: * support for pre- and post- super- and subscripts. Bugfixes: * many improvements to the manpage and the html documentation; * wxWidget's integrated help browser on some platforms was broken => now the default web browser is used; * support for importing static and some types of animated gif files; * animation frames created using `draw()` now can be popped out interactively; * added a option to configure the max amount of `gnuplot` data to save for this feature; * resolved a crash on right-clicking a GroupCell; * Help works again in the German translation; * removed an unnecessary info dialogue on startup; * right-click-suggestions for similar command names. -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 24 2020 Jos�� Matos jamatos@fedoraproject.org - 20.03.1-1 - update to 20.03.1 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1807366 - [abrt] wxMaxima: wxTrap()(): wxmaxima killed by SIGTRAP https://bugzilla.redhat.com/show_bug.cgi?id=1807366 --------------------------------------------------------------------------------
================================================================================ xscreensaver-5.44-1.fc32 (FEDORA-2020-d28c927bcf) X screen saver and locker -------------------------------------------------------------------------------- Update Information:
New version 5.44 is released. -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 24 2020 Mamoru TASAKA mtasaka@fedoraproject.org - 1:5.44-1 - Update to 5.44 - free_gibson: fix order of freeing memory --------------------------------------------------------------------------------
================================================================================ yamllint-1.21.0-1.fc32 (FEDORA-2020-7d0d8bc8a2) A linter for YAML files -------------------------------------------------------------------------------- Update Information:
Update to latest upstream version -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 24 2020 Adrien Verg�� adrienverge@gmail.com - 1.21.0-1 - Update to latest upstream version --------------------------------------------------------------------------------