The following Fedora 32 Security updates need testing: Age URL 80 https://bodhi.fedoraproject.org/updates/FEDORA-2021-4c8458e373 containernetworking-plugins-0.9.1-1.fc32 76 https://bodhi.fedoraproject.org/updates/FEDORA-2021-16d1596c42 buildah-1.19.4-1.fc32 6 https://bodhi.fedoraproject.org/updates/FEDORA-2021-444e38face jetty-9.4.40-1.fc32 6 https://bodhi.fedoraproject.org/updates/FEDORA-2021-d6b9d8497b openvpn-2.4.11-1.fc32 6 https://bodhi.fedoraproject.org/updates/FEDORA-2021-168fbed46f ceph-14.2.20-1.fc32 6 https://bodhi.fedoraproject.org/updates/FEDORA-2021-1556d440ba nginx-1.20.0-2.fc32 5 https://bodhi.fedoraproject.org/updates/FEDORA-2021-f71b592e07 java-1.8.0-openjdk-1.8.0.292.b10-0.fc32 4 https://bodhi.fedoraproject.org/updates/FEDORA-2021-83dbc3f7da p7zip-16.02-20.fc32 4 https://bodhi.fedoraproject.org/updates/FEDORA-2021-b88e86b753 java-11-openjdk-11.0.11.0.9-0.fc32 3 https://bodhi.fedoraproject.org/updates/FEDORA-2021-c1116fb75e ansible-2.9.20-1.fc32 0 https://bodhi.fedoraproject.org/updates/FEDORA-2021-6d5578e756 libmicrohttpd-0.9.73-1.fc32 0 https://bodhi.fedoraproject.org/updates/FEDORA-2021-eb5d6cf9f6 pngcheck-2.4.0-8.fc32 0 https://bodhi.fedoraproject.org/updates/FEDORA-2021-e3d8833d36 perl-Image-ExifTool-12.16-3.fc32
The following Fedora 32 Critical Path updates have yet to be approved: Age URL 138 https://bodhi.fedoraproject.org/updates/FEDORA-2020-345d2fd2aa iproute-5.9.0-1.fc32 13 https://bodhi.fedoraproject.org/updates/FEDORA-2021-360ad970fd koji-1.24.1-1.fc32 12 https://bodhi.fedoraproject.org/updates/FEDORA-2021-5a4e02312f xdg-desktop-portal-1.8.1-2.fc32 8 https://bodhi.fedoraproject.org/updates/FEDORA-2021-3f0ce2dede mtools-4.0.27-1.fc32 8 https://bodhi.fedoraproject.org/updates/FEDORA-2021-b5ce87e535 libical-3.0.10-1.fc32 5 https://bodhi.fedoraproject.org/updates/FEDORA-2021-2e33c3908d evolution-data-server-3.36.5-2.fc32 4 https://bodhi.fedoraproject.org/updates/FEDORA-2021-4cc9c81077 gnome-online-accounts-3.36.1-1.fc32 1 https://bodhi.fedoraproject.org/updates/FEDORA-2021-426ec216b2 annobin-9.27-3.fc32 gcc-10.3.1-1.fc32 0 https://bodhi.fedoraproject.org/updates/FEDORA-2021-ec36847440 osinfo-db-20210426-1.fc32
The following builds have been pushed to Fedora 32 updates-testing
apostrophe-2.4-3.fc32 et-6.1.7-1.fc32 firefox-88.0-5.fc32 gnome-shell-extension-appindicator-34-2.fc32 java-latest-openjdk-16.0.1.0.9-1.rolling.fc32 jc-1.15.3-1.fc32 mock-2.10-1.fc32 mock-core-configs-34.3-1.fc32 netdata-1.30.1-2.fc32 perl-Graphics-TIFF-11-1.fc32 php-7.4.18-1.fc32 prunerepo-1.20-1.fc32 python-google-auth-1.30.0-1.fc32 python-ogr-0.24.1-1.fc32 python-pygments-2.4.2-9.fc32 python-rasterio-1.2.3-1.fc32 python-zarr-2.8.1-1.fc32 youtube-dl-2021.04.26-1.fc32
Details about builds:
================================================================================ apostrophe-2.4-3.fc32 (FEDORA-2021-935cee4b4e) Distraction free Markdown editor for GNU/Linux made with GTK+ -------------------------------------------------------------------------------- Update Information:
Bugfix ---- Bugfix -------------------------------------------------------------------------------- ChangeLog:
* Tue Apr 27 2021 Artem Polishchuk ego.cordatus@gmail.com - 2.4-3 - fix: Typo * Mon Apr 26 2021 Artem Polishchuk ego.cordatus@gmail.com - 2.4-2 - fix: RH#1953395 * Wed Mar 10 2021 Artem Polishchuk ego.cordatus@gmail.com - 2.4-1 - build(update): 2.4 * Wed Mar 3 2021 Artem Polishchuk ego.cordatus@gmail.com - 2.3-1 - build(update): 2.3 * Tue Jan 26 2021 Fedora Release Engineering releng@fedoraproject.org - 2.2.0.3-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Mon Jul 27 2020 Fedora Release Engineering releng@fedoraproject.org - 2.2.0.3-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Tue May 26 2020 Miro Hron��ok mhroncok@redhat.com - 2.2.0.3-3 - Rebuilt for Python 3.9 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1953395 - Apostrophe can't export to HTML. https://bugzilla.redhat.com/show_bug.cgi?id=1953395 --------------------------------------------------------------------------------
================================================================================ et-6.1.7-1.fc32 (FEDORA-2021-7d6e4fb280) Remote shell that survives IP roaming and disconnect -------------------------------------------------------------------------------- Update Information:
## v6.1.7 - Fix race condition in connection test - Reduce debug object size - Move deployment scripts to deployment branch - Do not install files from PlatformFolders project ## v6.1.6 - Fix crash on exit - Fix ARM build ## v6.1.5 - Fixes for various OSes - Update sentry version -------------------------------------------------------------------------------- ChangeLog:
* Mon Apr 26 2021 Michel Alexandre Salim salimma@fedoraproject.org - 6.1.7-1 - Update to 6.1.7 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1942264 - et-6.1.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1942264 --------------------------------------------------------------------------------
================================================================================ firefox-88.0-5.fc32 (FEDORA-2021-a93ccd6502) Mozilla Firefox Web browser -------------------------------------------------------------------------------- Update Information:
Fixed pointer locking issues under Wayland which affects WebGL applications/games (see https://bugzilla.mozilla.org/show_bug.cgi?id=1580595#c23) -------------------------------------------------------------------------------- ChangeLog:
* Fri Apr 23 2021 Martin Stransky stransky@redhat.com - 88.0-5 - Added fix for mozbz#1580595 - mouse pointer lock. - Another test update. --------------------------------------------------------------------------------
================================================================================ gnome-shell-extension-appindicator-34-2.fc32 (FEDORA-2021-02acdf1f39) AppIndicator/KStatusNotifierItem support for GNOME Shell -------------------------------------------------------------------------------- Update Information:
build(add dep): libappindicator-gtk3 -------------------------------------------------------------------------------- ChangeLog:
* Tue Apr 27 2021 Artem Polishchuk ego.cordatus@gmail.com - 34-2 - build(add dep): libappindicator-gtk3 --------------------------------------------------------------------------------
================================================================================ java-latest-openjdk-16.0.1.0.9-1.rolling.fc32 (FEDORA-2021-3bf9ba59ef) OpenJDK 16 Runtime Environment -------------------------------------------------------------------------------- Update Information:
April 2021 CPU update -------------------------------------------------------------------------------- ChangeLog:
* Sun Apr 25 2021 Petra Alice Mikova pmikova@redhat.com - 1:16.0.1.0.9-1.rolling - update to 16.0.1+9 april cpu tag - dropped jdk8259949-allow_cf-protection_on_x86.patch * Thu Mar 11 2021 Andrew Hughes gnu.andrew@redhat.com - 1:16.0.0.0.36-2.rolling - Perform static library build on a separate source tree with bundled image libraries - Make static library build optional - Based on initial work by Severin Gehwolf --------------------------------------------------------------------------------
================================================================================ jc-1.15.3-1.fc32 (FEDORA-2021-4db04b20cb) Serialize the output of CLI tools and file-types to structured JSON -------------------------------------------------------------------------------- Update Information:
Update to v1.15.3 -------------------------------------------------------------------------------- ChangeLog:
* Tue Apr 27 2021 Artur Frenszek-Iwicki fedora@svgames.pl - 1.15.3-1 - Update to v1.15.3 --------------------------------------------------------------------------------
================================================================================ mock-2.10-1.fc32 (FEDORA-2021-7a8958c321) Builds packages inside chroots -------------------------------------------------------------------------------- Update Information:
mock - do not allocate tty for podman (msuchy@redhat.com) - work-around bug setting propagation for recursive bind-mounts (david.ward@ll.mit.edu) - fix handling of essential mountpoints (david.ward@ll.mit.edu) - pre-create the dest directory in _copy_config mock-core-configs - Add Oracle Linux 8 (ngompa13@gmail.com) - Add Oracle Linux 7 (ngompa13@gmail.com) - Add openSUSE Leap 15.3 (ngompa13@gmail.com) - openSUSE Leap 15.1 is EOL (ngompa13@gmail.com) - Add openSUSE Tumbleweed s390x config (ngompa13@gmail.com) - Add AlmaLinux 8 configs (ngompa13@gmail.com) - Remove make from default ELN buildroot (miro@hroncok.cz) -------------------------------------------------------------------------------- ChangeLog:
* Tue Apr 27 2021 Pavel Raiskup praiskup@redhat.com 2.10-1 - do not allocate tty for podman (msuchy@redhat.com) - work-around bug setting propagation for recursive bind-mounts (david.ward@ll.mit.edu) - fix handling of essential mountpoints (david.ward@ll.mit.edu) - pre-create the dest directory in _copy_config --------------------------------------------------------------------------------
================================================================================ mock-core-configs-34.3-1.fc32 (FEDORA-2021-7a8958c321) Mock core config files basic chroots -------------------------------------------------------------------------------- Update Information:
mock - do not allocate tty for podman (msuchy@redhat.com) - work-around bug setting propagation for recursive bind-mounts (david.ward@ll.mit.edu) - fix handling of essential mountpoints (david.ward@ll.mit.edu) - pre-create the dest directory in _copy_config mock-core-configs - Add Oracle Linux 8 (ngompa13@gmail.com) - Add Oracle Linux 7 (ngompa13@gmail.com) - Add openSUSE Leap 15.3 (ngompa13@gmail.com) - openSUSE Leap 15.1 is EOL (ngompa13@gmail.com) - Add openSUSE Tumbleweed s390x config (ngompa13@gmail.com) - Add AlmaLinux 8 configs (ngompa13@gmail.com) - Remove make from default ELN buildroot (miro@hroncok.cz) -------------------------------------------------------------------------------- ChangeLog:
* Tue Apr 27 2021 Pavel Raiskup praiskup@redhat.com 34.3-1 - Add Oracle Linux 8 (ngompa13@gmail.com) - Add Oracle Linux 7 (ngompa13@gmail.com) - Add openSUSE Leap 15.3 (ngompa13@gmail.com) - openSUSE Leap 15.1 is EOL (ngompa13@gmail.com) - Add openSUSE Tumbleweed s390x config (ngompa13@gmail.com) - Add AlmaLinux 8 configs (ngompa13@gmail.com) - Remove make from default ELN buildroot (miro@hroncok.cz) --------------------------------------------------------------------------------
================================================================================ netdata-1.30.1-2.fc32 (FEDORA-2021-5e8ab27351) Real-time performance monitoring -------------------------------------------------------------------------------- Update Information:
Fix pre script -------------------------------------------------------------------------------- ChangeLog:
* Tue Apr 27 2021 Didier Fabert didier.fabert@gmail.com 1.30.1-2 - Fix pre script, must be run before installing netdata-data package -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1918443 - Web UI says, "Access to file is not permitted: /usr/share/netdata/web/index.html" https://bugzilla.redhat.com/show_bug.cgi?id=1918443 --------------------------------------------------------------------------------
================================================================================ perl-Graphics-TIFF-11-1.fc32 (FEDORA-2021-08dbe510a4) Perl extension for the LibTIFF library -------------------------------------------------------------------------------- Update Information:
This release addapts to changes in libtiff 4.3.0. We deliver it mainly to provide an up-to-date version string. -------------------------------------------------------------------------------- ChangeLog:
* Tue Apr 27 2021 Petr Pisar ppisar@redhat.com - 11-1 - 11 version bump * Tue Apr 27 2021 Petr Pisar ppisar@redhat.com - 10-2 - Adjust tests to libtiff-4.3.0 (CPAN RT#135330) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1953981 - perl-Graphics-TIFF-11 is available https://bugzilla.redhat.com/show_bug.cgi?id=1953981 --------------------------------------------------------------------------------
================================================================================ php-7.4.18-1.fc32 (FEDORA-2021-af8c886639) PHP scripting language for creating dynamic web sites -------------------------------------------------------------------------------- Update Information:
**PHP version 7.4.18** (29 Apr 2021) **Core:** * Fixed bug php#80781 (Error handler that throws ErrorException infinite loop). (Nikita) * Fixed bug php#75776 (Flushing streams with compression filter is broken). (cmb) **Dba:** * Fixed bug php#80817 (dba_popen() may cause segfault during RSHUTDOWN). (cmb) **DOM:** * Fixed bug php#66783 (UAF when appending DOMDocument to element). (cmb) **FPM:** * Fixed bug php#80024 (Duplication of info about inherited socket after pool removing). (Jakub Zelenka) **FTP:** * Fixed bug php#80880 (SSL_read on shutdown, ftp/proc_open). (cmb, Jakub Zelenka) **Imap:** * Fixed bug php#80710 (imap_mail_compose() header injection). (cmb, Stas) **Intl:** * Fixed bug php#80763 (msgfmt_format() does not accept DateTime references). (cmb) **LibXML:** * Fixed bug php#51903 (simplexml_load_file() doesn't use HTTP headers). (cmb) * Fixed bug php#73533 (Invalid memory access in php_libxml_xmlCheckUTF8). (cmb) **MySQLnd:** * Fixed bug php#80713 (SegFault when disabling ATTR_EMULATE_PREPARES and MySQL 8.0). (Nikita) * Fixed bug php#80837 (Calling stmt_store_result after fetch doesn't throw an error). (Kamil Tekiela) **Opcache:** * Fixed bug php#80805 (create simple class and get error in opcache.so). (Nikita) * Fixed bug php#80950 (Variables become null in if statements). (Nikita) **Pcntl:** * Fixed bug php#79812 (Potential integer overflow in pcntl_exec()). (cmb) **PCRE:** * Fixed bug php#80866 (preg_split ignores limit flag when pattern with \K has 0-width fullstring match). (Kamil Tekiela) **PDO_ODBC:** * Fixed bug php#80783 (PDO ODBC truncates BLOB records at every 256th byte). (cmb) **PDO_pgsql:** * Fixed bug php#80892 (PDO::PARAM_INT is treated the same as PDO::PARAM_STR). (Matteo) **phpdbg:** * Fixed bug php#80757 (Exit code is 0 when could not open file). (Felipe) **Session:** * Fixed bug php#80774 (session_name() problem with backslash). (cmb) * Fixed bug php#80889 (Cannot set save handler when save_handler is invalid). (cmb) **SOAP:** * Fixed bug php#69668 (SOAP special XML characters in namespace URIs not encoded). (cmb) **Standard:** * Fixed bug php#78719 (http wrapper silently ignores long Location headers). (cmb) * Fixed bug php#80771 (phpinfo(INFO_CREDITS) displays nothing in CLI). (cmb) * Fixed bug php#80838 (HTTP wrapper waits for HTTP 1 response after HTTP 101). (manuelm) * Fixed bug php#80915 (Taking a reference to $_SERVER hides its values from phpinfo()). (Rowan Tommins) -------------------------------------------------------------------------------- ChangeLog:
* Tue Apr 27 2021 Remi Collet remi@remirepo.net - 7.4.18-1 - Update to 7.4.18 - http://www.php.net/releases/7_4_18.php --------------------------------------------------------------------------------
================================================================================ prunerepo-1.20-1.fc32 (FEDORA-2021-4819831a87) Remove old packages from rpm-md repository -------------------------------------------------------------------------------- Update Information:
Move the stderr output to log, don't sys.exit() from library function. -------------------------------------------------------------------------------- ChangeLog:
* Tue Apr 27 2021 Pavel Raiskup praiskup@redhat.com 1.20-1 - Move the stderr output to log - Don't sys.exit() from library function --------------------------------------------------------------------------------
================================================================================ python-google-auth-1.30.0-1.fc32 (FEDORA-2021-0bb99e1550) Google Auth Python Library -------------------------------------------------------------------------------- Update Information:
Update to 1.30.0 -------------------------------------------------------------------------------- ChangeLog:
* Tue Apr 27 2021 Fedora Release Monitoring release-monitoring@fedoraproject.org - 1:1.30.0-1 - Update to 1.30.0 (#1953843) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1953843 - python-google-auth-1.30.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1953843 --------------------------------------------------------------------------------
================================================================================ python-ogr-0.24.1-1.fc32 (FEDORA-2021-1073fa7276) One API for multiple git forges -------------------------------------------------------------------------------- Update Information:
Fixed problems with imports from 'gitlab' modules. -------------------------------------------------------------------------------- ChangeLog:
* Tue Apr 27 2021 Matej Mu��ila mmuzila@redhat.com - 0.24.1-1 - Fixed problems with imports from 'gitlab' modules. * Mon Apr 26 2021 Matej Mu��ila mmuzila@redhat.com - 0.24.0-1 - Exceptions for non-supported features were refactored. - Behaviour of `Github.get_file_content()` was unified with `GitLab` and `Pagure`. --------------------------------------------------------------------------------
================================================================================ python-pygments-2.4.2-9.fc32 (FEDORA-2021-166dfc62b2) Syntax highlighting engine written in Python -------------------------------------------------------------------------------- Update Information:
Fix CVE-2021-27291: ReDos via crafted malicious input -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 22 2021 Lum��r Balhar lbalhar@redhat.com - 2.4.2-9 - Fix CVE-2021-27291: ReDos via crafted malicious input - Resolves: rhbz#1940604 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1940604 - CVE-2021-27291 python-pygments: ReDos via crafted malicious input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1940604 --------------------------------------------------------------------------------
================================================================================ python-rasterio-1.2.3-1.fc32 (FEDORA-2021-fa0ffab498) Fast and direct raster I/O for use with Numpy and SciPy -------------------------------------------------------------------------------- Update Information:
Update to latest version -------------------------------------------------------------------------------- ChangeLog:
* Tue Apr 27 2021 Elliott Sales de Andrade quantum.analyst@gmail.com - 1.2.3-1 - Update to latest version (#1953804) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1953804 - python-rasterio-1.2.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1953804 --------------------------------------------------------------------------------
================================================================================ python-zarr-2.8.1-1.fc32 (FEDORA-2021-b1dcdc1303) Chunked, compressed, N-dimensional arrays for Python -------------------------------------------------------------------------------- Update Information:
Update to latest version ---- Update to latest version -------------------------------------------------------------------------------- ChangeLog:
* Tue Apr 27 2021 Elliott Sales de Andrade quantum.analyst@gmail.com - 2.8.1-1 - Update to latest version * Sun Apr 25 2021 Elliott Sales de Andrade quantum.analyst@gmail.com - 2.8.0-1 - Update to latest version (#1953163) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1953163 - python-zarr-2.8.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1953163 [ 2 ] Bug #1953874 - python-zarr-2.8.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1953874 --------------------------------------------------------------------------------
================================================================================ youtube-dl-2021.04.26-1.fc32 (FEDORA-2021-e35490b2e9) A small command-line program to download online videos -------------------------------------------------------------------------------- Update Information:
Update to version 2021.04.17 -------------------------------------------------------------------------------- ChangeLog:
* Tue Apr 27 2021 David Schw��rer davidsch@fedoraproject.org - 2021.04.26-1 - Update to 2021.04.26 * Tue Apr 20 2021 David Schw��rer davidsch@fedoraproject.org - 2021.04.17-2 - Recommand AtomicParsley -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1950580 - youtube-dl-2021.04.17 is available https://bugzilla.redhat.com/show_bug.cgi?id=1950580 --------------------------------------------------------------------------------