The following Fedora 33 Security updates need testing: Age URL 105 https://bodhi.fedoraproject.org/updates/FEDORA-2021-c3d587d52c shim-15.4-1 7 https://bodhi.fedoraproject.org/updates/FEDORA-2021-30c84b4924 chromium-91.0.4472.164-1.fc33 7 https://bodhi.fedoraproject.org/updates/FEDORA-2021-4ead17c8f6 linux-firmware-20210716-121.fc33 5 https://bodhi.fedoraproject.org/updates/FEDORA-2021-1bfb61f77c golang-1.15.14-1.fc33 2 https://bodhi.fedoraproject.org/updates/FEDORA-2021-5d21b90a30 curl-7.71.1-10.fc33 2 https://bodhi.fedoraproject.org/updates/FEDORA-2021-c9c1f6e5c7 php-pear-1.10.12-9.fc33 1 https://bodhi.fedoraproject.org/updates/FEDORA-2021-76cf1653b3 redis-6.0.15-1.fc33 0 https://bodhi.fedoraproject.org/updates/FEDORA-2021-3de956ceee webkit2gtk3-2.32.3-1.fc33 0 https://bodhi.fedoraproject.org/updates/FEDORA-2021-e6b0792d75 java-11-openjdk-11.0.12.0.7-0.fc33 0 https://bodhi.fedoraproject.org/updates/FEDORA-2021-71556a5722 mrxvt-0.5.3-31.fc33 0 https://bodhi.fedoraproject.org/updates/FEDORA-2021-112557d2c5 buildah-1.21.4-4.fc33 0 https://bodhi.fedoraproject.org/updates/FEDORA-2021-424a36ea0f seamonkey-2.53.8.1-1.fc33 0 https://bodhi.fedoraproject.org/updates/FEDORA-2021-ade03666c0 java-1.8.0-openjdk-1.8.0.302.b08-0.fc33
The following Fedora 33 Critical Path updates have yet to be approved: Age URL 123 https://bodhi.fedoraproject.org/updates/FEDORA-2021-2961f34ccb PackageKit-1.2.3-1.fc33 58 https://bodhi.fedoraproject.org/updates/FEDORA-2021-4797e362b3 abrt-2.14.6-1.fc33 libreport-2.15.1-1.fc33 satyr-0.37-2.fc33 15 https://bodhi.fedoraproject.org/updates/FEDORA-2021-abcaa79b71 libmodulemd-2.13.0-1.fc33 11 https://bodhi.fedoraproject.org/updates/FEDORA-2021-1fe1b325f5 gjs-1.66.2-7.fc33 mozjs78-78.12.0-1.fc33 9 https://bodhi.fedoraproject.org/updates/FEDORA-2021-bcea139c5d audit-3.0.3-1.fc33 9 https://bodhi.fedoraproject.org/updates/FEDORA-2021-5e6e793ad5 libedit-3.1-38.20210714cvs.fc33 7 https://bodhi.fedoraproject.org/updates/FEDORA-2021-4ead17c8f6 linux-firmware-20210716-121.fc33 5 https://bodhi.fedoraproject.org/updates/FEDORA-2021-13f06367c7 net-snmp-5.9.1-3.fc33 5 https://bodhi.fedoraproject.org/updates/FEDORA-2021-3bdb6861cb mtools-4.0.33-1.fc33 4 https://bodhi.fedoraproject.org/updates/FEDORA-2021-49d6a73d5b libidn2-2.3.2-1.fc33 2 https://bodhi.fedoraproject.org/updates/FEDORA-2021-5d21b90a30 curl-7.71.1-10.fc33 0 https://bodhi.fedoraproject.org/updates/FEDORA-2021-3de956ceee webkit2gtk3-2.32.3-1.fc33 0 https://bodhi.fedoraproject.org/updates/FEDORA-2021-3066a71721 firefox-90.0.2-1.fc33
The following builds have been pushed to Fedora 33 updates-testing
cppcheck-2.5-2.fc33 gnome-shell-extension-pop-shell-1.2.0^2.9616931-1.fc33 gtk-gnutella-1.2.1-1.fc33 ipxe-20200823-7.git4bd064de.fc33 java-latest-openjdk-16.0.2.0.7-1.rolling.fc33 logwatch-7.5.6-1.fc33 mbedtls-2.16.11-1.fc33 mingw-exiv2-0.27.4-2.fc33 mingw-python-pillow-7.2.0-7.fc33 mozilla-ublock-origin-1.37.0-1.fc33 mythes-de-0.20210723-1.fc33 python-pillow-7.2.0-7.fc33 python2-pillow-6.2.2-6.fc33
Details about builds:
================================================================================ cppcheck-2.5-2.fc33 (FEDORA-2021-7f85b14f8f) Tool for static C/C++ code analysis -------------------------------------------------------------------------------- Update Information:
Fix Failed to load translation for English (#1983599) -------------------------------------------------------------------------------- ChangeLog:
* Fri Jul 23 2021 Wolfgang St��ggl c72578@yahoo.de - 2.5-2 - Fix Failed to load translation for English (#1983599) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1983599 - cppcheck-gui: error dialog during installation: Failed to load translation for language English https://bugzilla.redhat.com/show_bug.cgi?id=1983599 --------------------------------------------------------------------------------
================================================================================ gnome-shell-extension-pop-shell-1.2.0^2.9616931-1.fc33 (FEDORA-2021-83af69457d) GNOME Shell extension for advanced tiling window management -------------------------------------------------------------------------------- Update Information:
Latest upstream snapshot -------------------------------------------------------------------------------- ChangeLog:
* Sat Jul 24 2021 Carl George carl@george.computer - 1.2.0^2.9616931-1 - Latest upstream snapshot * Thu Jul 22 2021 Fedora Release Engineering releng@fedoraproject.org - 1.2.0^1.d59e373-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ gtk-gnutella-1.2.1-1.fc33 (FEDORA-2021-961295d73a) GUI based Gnutella Client -------------------------------------------------------------------------------- Update Information:
Update to 1.2.1 -------------------------------------------------------------------------------- ChangeLog:
* Sun Jul 25 2021 Dmitry Butskoy Dmitry@Butskoy.name - 1.2.1-1 - update to 1.2.1 --------------------------------------------------------------------------------
================================================================================ ipxe-20200823-7.git4bd064de.fc33 (FEDORA-2021-695cfbf2ab) A network boot loader -------------------------------------------------------------------------------- Update Information:
* Add snponly build (bz #1981799) -------------------------------------------------------------------------------- ChangeLog:
* Sat Jul 24 2021 Cole Robinson crobinso@redhat.com - 20200823-7.git4bd064de - Add snponly build (bz 1981799) * Thu Jul 22 2021 Fedora Release Engineering releng@fedoraproject.org - 20200823-6.git4bd064de - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Wed Jul 7 2021 Cole Robinson crobinso@redhat.com - 20200823-5.git4bd064de - Generate qemu compatible rom filenames * Mon Jun 14 2021 Jiri Kucera jkucera@redhat.com - 20200823-4.git4bd064de - Replace genisoimage by xorriso * Tue Feb 23 2021 Cole Robinson aintdiscole@gmail.com - 20200823-3.git4bd064de - combine BIOS and EFI roms using "util/catrom.pl" * Tue Jan 26 2021 Fedora Release Engineering releng@fedoraproject.org - 20200823-2.git4bd064de - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1981799 - Please build and ship the ipxe-snponly binary https://bugzilla.redhat.com/show_bug.cgi?id=1981799 --------------------------------------------------------------------------------
================================================================================ java-latest-openjdk-16.0.2.0.7-1.rolling.fc33 (FEDORA-2021-6707cd4327) OpenJDK 16 Runtime Environment -------------------------------------------------------------------------------- Update Information:
July 2021 CPU update -------------------------------------------------------------------------------- ChangeLog:
* Fri Jul 23 2021 Jiri Vanek jvanek@redhat.com - 1:16.0.2.0.7-1.rolling - bumped to security update of 16.0.2-ga * Tue Jun 29 2021 Jiri Vanek jvanek@redhat.com - 1:16.0.1.0.9-5.rolling - renamed source15 to source17 to match el8 - added fips support: - added pr3695-toggle_system_crypto_policy.patch ; missing prerequisity - removed rh1655466-global_crypto_and_fips.patch; jdk16 do not have default algorithm, it throws exception - adapted rh1655466-global_crypto_and_fips.patch - adapted rh1860986-disable_tlsv1.3_in_fips_mode.patch (?) - adapted rh1915071-always_initialise_configurator_access.patch --------------------------------------------------------------------------------
================================================================================ logwatch-7.5.6-1.fc33 (FEDORA-2021-729f015824) Analyzes and Reports on system logs -------------------------------------------------------------------------------- Update Information:
Update to 7.5.6 -------------------------------------------------------------------------------- ChangeLog:
* Sat Jul 24 2021 Frank Crawford frank@crawford.emu.id.au - 7.5.6-1 - Update to 7.5.6 * Thu Jul 22 2021 Fedora Release Engineering releng@fedoraproject.org - 7.5.5-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ mbedtls-2.16.11-1.fc33 (FEDORA-2021-10bfc067d1) Light-weight cryptographic and SSL/TLS library -------------------------------------------------------------------------------- Update Information:
- Update to 2.16.11 Release notes: https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.11 -------------------------------------------------------------------------------- ChangeLog:
* Sat Jul 24 2021 Morten Stevens mstevens@fedoraproject.org - 2.16.11-1 - Update to 2.16.11 * Thu Jul 22 2021 Fedora Release Engineering releng@fedoraproject.org - 2.16.9-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Tue Jan 26 2021 Fedora Release Engineering releng@fedoraproject.org - 2.16.9-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1943664 - mbedtls: multiple vulnerabilities fixed in mbedtls-2.26.0 https://bugzilla.redhat.com/show_bug.cgi?id=1943664 [ 2 ] Bug #1981510 - mbedtls: Local side channel attack on RSA https://bugzilla.redhat.com/show_bug.cgi?id=1981510 [ 3 ] Bug #1981514 - mbedtls: Local side channel attack on static Diffie-Hellman with Montgomery curves https://bugzilla.redhat.com/show_bug.cgi?id=1981514 [ 4 ] Bug #1985311 - CVE-2021-24119 mbedtls: side-channel vulnerability allows system-level-attacker information disclosure https://bugzilla.redhat.com/show_bug.cgi?id=1985311 --------------------------------------------------------------------------------
================================================================================ mingw-exiv2-0.27.4-2.fc33 (FEDORA-2021-dde4d7d47e) MinGW Windows exiv2 library -------------------------------------------------------------------------------- Update Information:
Update to 0.27.4, fixes CVE-2021-29463 and CVE-2021-29464. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 22 2021 Fedora Release Engineering releng@fedoraproject.org - 0.27.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Sun Jun 20 2021 Sandro Mani manisandro@gmail.com - 0.27.4-1 - Update to 0.27.4 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1982185 - CVE-2021-29463 mingw-exiv2: exiv2: out-of-bounds read is triggered via crafted image file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1982185 [ 2 ] Bug #1982189 - CVE-2021-29464 mingw-exiv2: exiv2: heap-based buffer overflow via crafted image file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1982189 --------------------------------------------------------------------------------
================================================================================ mingw-python-pillow-7.2.0-7.fc33 (FEDORA-2021-bf01a738f3) MinGW Windows Python pillow library -------------------------------------------------------------------------------- Update Information:
Backport fix for CVE-2021-34552. -------------------------------------------------------------------------------- ChangeLog:
* Sat Jul 24 2021 Sandro Mani manisandro@gmail.com - 7.2.0-7 - Backport fix for CVE-2021-34552 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1982379 - CVE-2021-34552 mingw-python-pillow: python-pillow: buffer overflow in Convert.c because it allow an attacker to pass controlled parameters directly into a convert function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1982379 [ 2 ] Bug #1982380 - CVE-2021-34552 python-pillow: buffer overflow in Convert.c because it allow an attacker to pass controlled parameters directly into a convert function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1982380 [ 3 ] Bug #1982381 - CVE-2021-34552 python2-pillow: python-pillow: buffer overflow in Convert.c because it allow an attacker to pass controlled parameters directly into a convert function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1982381 --------------------------------------------------------------------------------
================================================================================ mozilla-ublock-origin-1.37.0-1.fc33 (FEDORA-2021-05ed34a61c) An efficient blocker for Firefox -------------------------------------------------------------------------------- Update Information:
### Closed as fixed #### Core * '$popup' not working * Service worker "tabless" requests with correct context are still modified when page is whitelisted * Back/Forward navigation does not work between Ublock Origin option pages * csp_report filter created via logger is marked as invalid * Extreme popup blocking - uBo dashboard is blocked when popups are * IPv6 fe80::1%lo0 localhost from hosts file is marked as error line * Whitespaces are now stripped from blocking-rule URLs, causing rules targeting whitespaces to fail and/or block extremely broadly * uBO's dashboard does not refresh custom filters in real-time * Element picker/zapper don't work if cosmetic filtering is disabled * Logger always highlights first match * Static filtering: Cannot prevent my filter from strict-blocking ### Notable commits without en entry in the issue tracker * Provide visual cue in popup panel when base domain has subdomains * Disclose where uBO's own filter lists are hosted * Add abort-current-script scriptlet * Fix spurious error messages when updating contextual menu * Make `getByName()` return an dummy Tracker object * Add asap behavior to remove-attr scriptlet * Ensure pending callbacks are called only once -------------------------------------------------------------------------------- ChangeLog:
* Sat Jul 24 2021 Dominik Mierzejewski rpm@greysector.net - 1.37.0-1 - update to 1.37.0 (#1985343) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1985343 - mozilla-ublock-origin-1.37.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1985343 --------------------------------------------------------------------------------
================================================================================ mythes-de-0.20210723-1.fc33 (FEDORA-2021-68920da213) German thesaurus -------------------------------------------------------------------------------- Update Information:
* Upgrade to latest daily snapshot release -------------------------------------------------------------------------------- ChangeLog:
* Sat Jul 24 2021 Robert Scheck robert@fedoraproject.org 0.20210723-1 - Upgrade to latest daily snapshot release * Thu Jul 22 2021 Fedora Release Engineering releng@fedoraproject.org - 0.20210302-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ python-pillow-7.2.0-7.fc33 (FEDORA-2021-bf01a738f3) Python image processing library -------------------------------------------------------------------------------- Update Information:
Backport fix for CVE-2021-34552. -------------------------------------------------------------------------------- ChangeLog:
* Sat Jul 24 2021 Sandro Mani manisandro@gmail.com - 7.2.0-7 - Backport fix for CVE-2021-34552 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1982379 - CVE-2021-34552 mingw-python-pillow: python-pillow: buffer overflow in Convert.c because it allow an attacker to pass controlled parameters directly into a convert function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1982379 [ 2 ] Bug #1982380 - CVE-2021-34552 python-pillow: buffer overflow in Convert.c because it allow an attacker to pass controlled parameters directly into a convert function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1982380 [ 3 ] Bug #1982381 - CVE-2021-34552 python2-pillow: python-pillow: buffer overflow in Convert.c because it allow an attacker to pass controlled parameters directly into a convert function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1982381 --------------------------------------------------------------------------------
================================================================================ python2-pillow-6.2.2-6.fc33 (FEDORA-2021-bf01a738f3) Python image processing library -------------------------------------------------------------------------------- Update Information:
Backport fix for CVE-2021-34552. -------------------------------------------------------------------------------- ChangeLog:
* Sat Jul 24 2021 Sandro Mani manisandro@gmail.com - 6.2.2-6 - Backport fix for CVE-2021-34552 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1982379 - CVE-2021-34552 mingw-python-pillow: python-pillow: buffer overflow in Convert.c because it allow an attacker to pass controlled parameters directly into a convert function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1982379 [ 2 ] Bug #1982380 - CVE-2021-34552 python-pillow: buffer overflow in Convert.c because it allow an attacker to pass controlled parameters directly into a convert function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1982380 [ 3 ] Bug #1982381 - CVE-2021-34552 python2-pillow: python-pillow: buffer overflow in Convert.c because it allow an attacker to pass controlled parameters directly into a convert function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1982381 --------------------------------------------------------------------------------