The following Fedora 35 Security updates need testing: Age URL 76 https://bodhi.fedoraproject.org/updates/FEDORA-2022-2e85e6cfc9 libdxfrw-1.0.1-3.fc35 librecad-2.2.0-0.13.rc3.fc35 68 https://bodhi.fedoraproject.org/updates/FEDORA-2022-dfc6924a11 mysql-connector-java-8.0.28-1.fc35 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-932d07be95 podman-tui-0.2.1-1.fc35 3 https://bodhi.fedoraproject.org/updates/FEDORA-2022-e8b1324ec8 plantuml-1.2022.2-1.fc35 3 https://bodhi.fedoraproject.org/updates/FEDORA-2022-c07546070d moby-engine-20.10.14-1.fc35 1 https://bodhi.fedoraproject.org/updates/FEDORA-2022-cff7016d31 zchunk-1.2.2-1.fc35 1 https://bodhi.fedoraproject.org/updates/FEDORA-2022-db16b42897 gh-2.8.0-1.fc35 1 https://bodhi.fedoraproject.org/updates/FEDORA-2022-3759ebabd2 git-2.35.3-1.fc35 1 https://bodhi.fedoraproject.org/updates/FEDORA-2022-3a63897745 bettercap-2.28-9.fc35 chisel-1.7.7-2.fc35 commit-stream-0.1.2-6.fc35 containerd-1.6.2-2.fc35 doctl-1.73.0-2.fc35 gh-2.7.0-2.fc35 gobuster-3.1.0-2.fc35 golang-contrib-opencensus-resource-0.1.2-6.fc35 golang-gioui-0-7.20201225git18d4dbf.fc35 golang-github-appc-docker2aci-0.17.2-8.fc35 golang-github-appc-goaci-0.1.1-10.fc35 golang-github-appc-spec-0.8.11-13.fc35 golang-github-containerd-continuity-0.2.2-2.fc35 golang-github-containerd-stargz-snapshotter-0.7.0-4.fc35 golang-github-coredns-corefile-migration-1.0.11-5.fc35 golang-github-envoyproxy-protoc-gen-validate-0.4.1-5.fc35 golang-github-francoispqt-gojay-1.2.13-6.fc35 golang-github-gogo-googleapis-1.4.1-3.fc35 golang-github-gohugoio-testmodbuilder-0-0.9.20201030git72e1e0c.fc35 golang-github-google-slothfs-0-0.10.20200727git59c1163.fc35 golang-github-googleapis-gnostic-0.5.3-5.fc35 golang-github-googlecloudplatform-cloudsql-proxy-1.19.1-5.fc35 golang-github-grpc-e cosystem-gateway-2-2.7.3-3.fc35 golang-github-haproxytech-client-native-2.5.3-2.fc35 golang-github-haproxytech-dataplaneapi-2.4.4-3.fc35 golang-github-instrumenta-kubeval-0.15.0-7.fc35 golang-github-intel-goresctrl-0.2.0-4.fc35 golang-github-oklog-0.3.2-9.20190701gitca7cdf5.fc35 golang-github-pact-foundation-1.5.1-5.fc35 golang-github-prometheus-2.32.1-4.fc35 golang-github-prometheus-alertmanager-0.23.0-8.fc35 golang-github-prometheus-node-exporter-1.3.1-7.fc35 golang-github-redteampentesting-monsoon-0.6.0-5.fc35 golang-github-spf13-cobra-1.4.0-2.fc35 golang-github-theupdateframework-notary-0.7.0-4.fc35 golang-github-xordataexchange-crypt-0.0.2-11.20190412gitb2862e3.fc35 golang-gopkg-src-d-git-4-4.13.1-7.fc35 golang-k8s-apiextensions-apiserver-1.22.0-5.fc35 golang-k8s-code-generator-1.22.0-3.fc35 golang-k8s-kube-aggregator-1.22.0-3.fc35 golang-k8s-sample-apiserver-1.22.0-4.fc35 golang-k8s-sample-controller-1.22.0-3.fc35 golang-mongodb-mongo-driver-1.4.5-5.fc35 golang-storj-drpc-0.0. 16-5.fc35 golang-x-perf-0-0.14.20210123gitbdcc622.fc35 gopass-1.13.1-2.fc35 grpcurl-1.8.6-2.fc35 onionscan-0.2-6.fc35 shellz-1.5.0-6.fc35 shhgit-0.2-6.fc35 snowcrash-0-0.6.20201119git49b99ad.fc35 xq-0.0.7-3.fc35 1 https://bodhi.fedoraproject.org/updates/FEDORA-2022-8d7a412c72 libinput-1.19.4-1.fc35 1 https://bodhi.fedoraproject.org/updates/FEDORA-2022-fe84314a8e stb-0^20210910gitaf1a5bc-0.2.fc35
The following Fedora 35 Critical Path updates have yet to be approved: Age URL 30 https://bodhi.fedoraproject.org/updates/FEDORA-2022-925ac7bfff gnome-shell-41.5-1.fc35 mutter-41.5-1.fc35 16 https://bodhi.fedoraproject.org/updates/FEDORA-2022-2e4ff85f73 annobin-10.59-2.fc35 gcc-11.2.1-10.fc35 8 https://bodhi.fedoraproject.org/updates/FEDORA-2022-e2fc329281 annobin-10.66-1.fc35 8 https://bodhi.fedoraproject.org/updates/FEDORA-2022-59b61235bf binutils-2.37-17.fc35 8 https://bodhi.fedoraproject.org/updates/FEDORA-2022-20c77a3dce mtools-4.0.39-1.fc35 7 https://bodhi.fedoraproject.org/updates/FEDORA-2022-7c355d4e9b fwupd-efi-1.3-1.fc35 7 https://bodhi.fedoraproject.org/updates/FEDORA-2022-1bf06aa328 systemd-249.11-2.fc35 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-17ba61ca06 libguestfs-1.48.1-1.fc35 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-c5bee6b70f container-selinux-2.181.0-2.fc35 flatpak-1.12.7-2.fc35 osbuild-54-2.fc35 selinux-policy-35.17-1.fc35 snapd-2.55.3-2.fc35 1 https://bodhi.fedoraproject.org/updates/FEDORA-2022-8d7a412c72 libinput-1.19.4-1.fc35 1 https://bodhi.fedoraproject.org/updates/FEDORA-2022-d278d588a1 xdg-desktop-portal-1.12.4-1.fc35 1 https://bodhi.fedoraproject.org/updates/FEDORA-2022-3759ebabd2 git-2.35.3-1.fc35 1 https://bodhi.fedoraproject.org/updates/FEDORA-2022-cff7016d31 zchunk-1.2.2-1.fc35
The following builds have been pushed to Fedora 35 updates-testing
ansible-pcp-2.2.5-1.fc35 bind-9.16.28-1.fc35 bind-dyndb-ldap-11.9-12.fc35 golang-github-gdamore-tcell-2-2.5.0-1.fc35 golang-github-mattn-runewidth-0.0.13-1.fc35 kernel-5.17.4-200.fc35 kernel-headers-5.17.4-200.fc35 kernel-tools-5.17.4-200.fc35 kpublictransport-21.12.3-1.fc35 langtable-0.0.58-1.fc35 matrix-synapse-1.57.0-1.fc35 nispor-1.2.5-1.fc35 perl-CPAN-Perl-Releases-5.20220420-1.fc35 perl-Dumbbench-0.503-1.fc35 perl-Module-CoreList-5.20220420-1.fc35 podman-3.4.7-1.fc35 python-blurb-1.1.0-1.fc35 python-elephant-0.11.0-1.fc35 rpm-ostree-2022.8-1.fc35 ruby-3.0.4-152.fc35 stockfish-15-1.fc35 translate-toolkit-3.6.1-1.fc35 uglify-js-3.15.4-1.fc35
Details about builds:
================================================================================ ansible-pcp-2.2.5-1.fc35 (FEDORA-2022-e2f9851577) Ansible Metric collection for Performance Co-Pilot -------------------------------------------------------------------------------- Update Information:
Latest upstream release -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 21 2022 Nathan Scott nathans@redhat.com 2.2.5-1 - Latest upstream release * Tue Feb 15 2022 Nathan Scott nathans@redhat.com 2.2.4-3 - RHEL8.6+, RHEL9+, Fedora - add "ansible-core or ansible" dep * Wed Jan 19 2022 Fedora Release Engineering releng@fedoraproject.org - 2.2.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ bind-9.16.28-1.fc35 (FEDORA-2022-f14354f5a7) The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server -------------------------------------------------------------------------------- Update Information:
- Upstream [release notes](https://downloads.isc.org/isc/bind9/9.16.28/doc/arm/h tml/notes.html#notes-for-bind-9-16-28) -------------------------------------------------------------------------------- ChangeLog:
* Wed Apr 20 2022 Petr Men����k pemensik@redhat.com - 32:9.16.28-1 - Update to 9.16.28 (#2076941) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2076941 - bind-9.16.28 is available https://bugzilla.redhat.com/show_bug.cgi?id=2076941 --------------------------------------------------------------------------------
================================================================================ bind-dyndb-ldap-11.9-12.fc35 (FEDORA-2022-f14354f5a7) LDAP back-end plug-in for BIND -------------------------------------------------------------------------------- Update Information:
- Upstream [release notes](https://downloads.isc.org/isc/bind9/9.16.28/doc/arm/h tml/notes.html#notes-for-bind-9-16-28) -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 21 2022 Petr Men����k pemensik@redhat.com - 11.9-12 - Rebuilt for BIND 9.16.28 (#2076941) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2076941 - bind-9.16.28 is available https://bugzilla.redhat.com/show_bug.cgi?id=2076941 --------------------------------------------------------------------------------
================================================================================ golang-github-gdamore-tcell-2-2.5.0-1.fc35 (FEDORA-2022-dd5458947b) Alternate terminal package -------------------------------------------------------------------------------- Update Information:
Update to latest version -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 7 2022 Elliott Sales de Andrade quantum.analyst@gmail.com 2.5.0-1 - Update to latest version (#2071807) * Thu Jan 20 2022 Fedora Release Engineering releng@fedoraproject.org - 2.4.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1964070 - golang-github-mattn-runewidth-0.0.13 is available https://bugzilla.redhat.com/show_bug.cgi?id=1964070 [ 2 ] Bug #2071807 - golang-github-gdamore-tcell-2.5.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2071807 --------------------------------------------------------------------------------
================================================================================ golang-github-mattn-runewidth-0.0.13-1.fc35 (FEDORA-2022-dd5458947b) Functions for getting fixed width of a character or string -------------------------------------------------------------------------------- Update Information:
Update to latest version -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 7 2022 Elliott Sales de Andrade quantum.analyst@gmail.com 0.0.13-1 - Update to latest version (#1964070) * Thu Jan 20 2022 Fedora Release Engineering releng@fedoraproject.org - 0.0.12-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1964070 - golang-github-mattn-runewidth-0.0.13 is available https://bugzilla.redhat.com/show_bug.cgi?id=1964070 [ 2 ] Bug #2071807 - golang-github-gdamore-tcell-2.5.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2071807 --------------------------------------------------------------------------------
================================================================================ kernel-5.17.4-200.fc35 (FEDORA-2022-8efcea6e67) The Linux kernel -------------------------------------------------------------------------------- Update Information:
The 5.17.4 kernel rebase contains new features, improved hardware support, and a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog:
* Wed Apr 20 2022 Justin M. Forbes jforbes@fedoraproject.org [5.17.4-0] - Add F34 and F35 as release targets (Justin M. Forbes) - Revert "net: bcmgenet: Use stronger register read/writes to assure ordering" (Justin M. Forbes) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2031194 - CVE-2021-4095 kernel: KVM: NULL pointer dereference in kvm_dirty_ring_get() in virt/kvm/dirty_ring.c https://bugzilla.redhat.com/show_bug.cgi?id=2031194 [ 2 ] Bug #2039178 - CVE-2021-4204 kernel: improper input validation may lead to privilege escalation https://bugzilla.redhat.com/show_bug.cgi?id=2039178 [ 3 ] Bug #2071051 - CVE-2022-1204 kernel: Use after free in net/ax25/af_ax25.c https://bugzilla.redhat.com/show_bug.cgi?id=2071051 --------------------------------------------------------------------------------
================================================================================ kernel-headers-5.17.4-200.fc35 (FEDORA-2022-8efcea6e67) Header files for the Linux kernel for use by glibc -------------------------------------------------------------------------------- Update Information:
The 5.17.4 kernel rebase contains new features, improved hardware support, and a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog:
* Wed Apr 20 2022 Justin M. Forbes jforbes@fedoraproject.org - 5.17.4-200 - Linux v5.17.4 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2031194 - CVE-2021-4095 kernel: KVM: NULL pointer dereference in kvm_dirty_ring_get() in virt/kvm/dirty_ring.c https://bugzilla.redhat.com/show_bug.cgi?id=2031194 [ 2 ] Bug #2039178 - CVE-2021-4204 kernel: improper input validation may lead to privilege escalation https://bugzilla.redhat.com/show_bug.cgi?id=2039178 [ 3 ] Bug #2071051 - CVE-2022-1204 kernel: Use after free in net/ax25/af_ax25.c https://bugzilla.redhat.com/show_bug.cgi?id=2071051 --------------------------------------------------------------------------------
================================================================================ kernel-tools-5.17.4-200.fc35 (FEDORA-2022-8efcea6e67) Assortment of tools for the Linux kernel -------------------------------------------------------------------------------- Update Information:
The 5.17.4 kernel rebase contains new features, improved hardware support, and a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog:
* Wed Apr 20 2022 Justin M. Forbes jforbes@fedoraproject.org - 5.17.4-200 - Linux v5.17.4 rebase -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2031194 - CVE-2021-4095 kernel: KVM: NULL pointer dereference in kvm_dirty_ring_get() in virt/kvm/dirty_ring.c https://bugzilla.redhat.com/show_bug.cgi?id=2031194 [ 2 ] Bug #2039178 - CVE-2021-4204 kernel: improper input validation may lead to privilege escalation https://bugzilla.redhat.com/show_bug.cgi?id=2039178 [ 3 ] Bug #2071051 - CVE-2022-1204 kernel: Use after free in net/ax25/af_ax25.c https://bugzilla.redhat.com/show_bug.cgi?id=2071051 --------------------------------------------------------------------------------
================================================================================ kpublictransport-21.12.3-1.fc35 (FEDORA-2022-5472964013) Library to assist with accessing public transport timetables and other data -------------------------------------------------------------------------------- Update Information:
Update to latest upstream library verison. -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 21 2022 Justin Zobel justin@1707.io - 21.12.3-1 - Update to 21.12.3 --------------------------------------------------------------------------------
================================================================================ langtable-0.0.58-1.fc35 (FEDORA-2022-fff31008f6) Guessing reasonable defaults for locale, keyboard layout, territory, and language. -------------------------------------------------------------------------------- Update Information:
Update to 0.0.58 -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 21 2022 Mike FABIAN mfabian@redhat.com - 0.0.58-1 - Update to 0.0.58 - Add syr locale - Get translation changes from CLDR - Add more translations from CLDR - Fix names for keyboard layouts which have changed - Add ab_GE locale - Add rif language --------------------------------------------------------------------------------
================================================================================ matrix-synapse-1.57.0-1.fc35 (FEDORA-2022-2dd3775e0b) A Matrix reference homeserver written in Python using Twisted -------------------------------------------------------------------------------- Update Information:
Changelog: https://github.com/matrix-org/synapse/blob/v1.57.0/CHANGES.md Upgrade notes: https://github.com/matrix- org/synapse/blob/v1.57.0/docs/upgrade.md#upgrading-to-v1570 -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 21 2022 Dan Callaghan djc@djc.id.au - 1.57.0-1 - Update to v1.57.0 * Tue Apr 5 2022 Kai A. Hiller V02460@gmail.com - 1.56.0-1 - Update to v1.56.0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1984138 - matrix-synapse-1.57.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1984138 --------------------------------------------------------------------------------
================================================================================ nispor-1.2.5-1.fc35 (FEDORA-2022-ff92277510) Unified interface for Linux network state querying -------------------------------------------------------------------------------- Update Information:
Updated to nispor 1.2.5 -------------------------------------------------------------------------------- ChangeLog:
* Tue Apr 12 2022 Gris Ge fge@redhat.com 1.2.5-1 - Upgrade to 1.2.5 --------------------------------------------------------------------------------
================================================================================ perl-CPAN-Perl-Releases-5.20220420-1.fc35 (FEDORA-2022-47fbefb1d3) Mapping Perl releases on CPAN to the location of the tarballs -------------------------------------------------------------------------------- Update Information:
Updated for v5.35.11 -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 21 2022 Jitka Plesnikova jplesnik@redhat.com - 5.20220420-1 - 5.20220420 bump -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2077281 - perl-CPAN-Perl-Releases-5.20220420 is available https://bugzilla.redhat.com/show_bug.cgi?id=2077281 --------------------------------------------------------------------------------
================================================================================ perl-Dumbbench-0.503-1.fc35 (FEDORA-2022-75ea3ea924) More reliable bench-marking with the least amount of thinking -------------------------------------------------------------------------------- Update Information:
This release uses monotonic time to prevent from corrupting the meassures when real time is set back. -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 21 2022 Petr Pisar ppisar@redhat.com - 0.503-1 - 0.503 bump -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2077403 - perl-Dumbbench-0.503 is available https://bugzilla.redhat.com/show_bug.cgi?id=2077403 --------------------------------------------------------------------------------
================================================================================ perl-Module-CoreList-5.20220420-1.fc35 (FEDORA-2022-2027c4b69a) What modules are shipped with versions of perl -------------------------------------------------------------------------------- Update Information:
Updated for v5.35.11 -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 21 2022 Jitka Plesnikova jplesnik@redhat.com - 1:5.20220420-1 - 5.20220420 bump -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2077283 - perl-Module-CoreList-5.20220420 is available https://bugzilla.redhat.com/show_bug.cgi?id=2077283 --------------------------------------------------------------------------------
================================================================================ podman-3.4.7-1.fc35 (FEDORA-2022-c87047f163) Manage Pods, Containers and Container Images -------------------------------------------------------------------------------- Update Information:
Security fixes for CVE-2022-1227, CVE-2022-21698, CVE-2022-27191, CVE-2022-27649 -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 21 2022 Lokesh Mandvekar lsm5@fedoraproject.org - 3:3.4.7-1 - built v3.4.7 - Resolves: #2070368, #2074164 - Security fix for CVE-2022-1227 - Resolves: #2045880, #2067448 - Security fix for CVE-2022-21698 - Resolves: #2064702, #2074267 - Security fix for CVE-2022-27191 - Resolves: #2066568, #2070102 - Security fix for CVE-2022-27649 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2045880 - CVE-2022-21698 prometheus/client_golang: Denial of service using InstrumentHandlerCounter https://bugzilla.redhat.com/show_bug.cgi?id=2045880 [ 2 ] Bug #2064702 - CVE-2022-27191 golang: crash in a golang.org/x/crypto/ssh server https://bugzilla.redhat.com/show_bug.cgi?id=2064702 [ 3 ] Bug #2066568 - CVE-2022-27649 podman: Default inheritable capabilities for linux container should be empty https://bugzilla.redhat.com/show_bug.cgi?id=2066568 [ 4 ] Bug #2070368 - CVE-2022-1227 psgo: Privilege escalation in 'podman top' https://bugzilla.redhat.com/show_bug.cgi?id=2070368 --------------------------------------------------------------------------------
================================================================================ python-blurb-1.1.0-1.fc35 (FEDORA-2022-5065458a43) Command-line tool to manage CPython Misc/NEWS.d entries -------------------------------------------------------------------------------- Update Information:
Support GitHub Issues in addition to b.p.o (bugs.python.org). -------------------------------------------------------------------------------- ChangeLog:
* Wed Apr 20 2022 Petr Viktorin pviktori@redhat.com - 1.1.0-1 - Version 1.1.0 Support GitHub Issues in addition to b.p.o (bugs.python.org). * Fri Jan 21 2022 Fedora Release Engineering releng@fedoraproject.org - 1.0.8-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2073623 - python-blurb-1.1.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2073623 --------------------------------------------------------------------------------
================================================================================ python-elephant-0.11.0-1.fc35 (FEDORA-2022-5284e35dd6) Elephant is a package for analysis of electrophysiology data in Python -------------------------------------------------------------------------------- Update Information:
Update to latest release -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 21 2022 Ankur Sinha (Ankur Sinha Gmail) sanjay.ankur@gmail.com 0.11.0-1 - feat: update to 0.11.0 (Fixes rhbz#2070262) * Fri Jan 21 2022 Fedora Release Engineering releng@fedoraproject.org - 0.10.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ rpm-ostree-2022.8-1.fc35 (FEDORA-2022-4813f1daaf) Hybrid image/package system -------------------------------------------------------------------------------- Update Information:
https://github.com/coreos/rpm-ostree/releases/tag/v2022.8 ---- New upstream version 2022.7 -------------------------------------------------------------------------------- ChangeLog:
* Wed Apr 20 2022 Colin Walters walters@verbum.org - 2022.8-1 - https://github.com/coreos/rpm-ostree/releases/tag/v2022.8 * Mon Apr 11 2022 Colin Walters walters@verbum.org - 2022.7-2 - Rebase to 2022.7 --------------------------------------------------------------------------------
================================================================================ ruby-3.0.4-152.fc35 (FEDORA-2022-8cf0124add) An interpreter of object-oriented scripting language -------------------------------------------------------------------------------- Update Information:
Upgrade to Ruby 3.0.4. -------------------------------------------------------------------------------- ChangeLog:
* Tue Apr 19 2022 V��t Ondruch vondruch@redhat.com - 3.0.2-152 - Upgrade to Ruby 3.0.4. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2025104 - CVE-2021-41817 ruby: Regular expression denial of service vulnerability of Date parsing methods https://bugzilla.redhat.com/show_bug.cgi?id=2025104 [ 2 ] Bug #2026752 - CVE-2021-41816 ruby: buffer overflow in CGI.escape_html https://bugzilla.redhat.com/show_bug.cgi?id=2026752 [ 3 ] Bug #2026757 - CVE-2021-41819 ruby: Cookie prefix spoofing in CGI::Cookie.parse https://bugzilla.redhat.com/show_bug.cgi?id=2026757 --------------------------------------------------------------------------------
================================================================================ stockfish-15-1.fc35 (FEDORA-2022-beec9819e1) Powerful open source chess engine -------------------------------------------------------------------------------- Update Information:
Update to version 15 https://github.com/official- stockfish/Stockfish/releases/tag/sf_15 -------------------------------------------------------------------------------- ChangeLog:
* Tue Apr 19 2022 Ondrej Mosnacek omosnace@redhat.com - 15-1 - Bump to version 15 - Resolves: rhbz#2076750 * Sat Jan 22 2022 Fedora Release Engineering releng@fedoraproject.org - 14.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ translate-toolkit-3.6.1-1.fc35 (FEDORA-2022-899e2705d9) Tools to assist with translation and software localization -------------------------------------------------------------------------------- Update Information:
http://docs.translatehouse.org/projects/translate- toolkit/en/latest/releases/3.6.1.html -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 21 2022 Sundeep Anand suanand@redhat.com - 3.6.1-1 - http://docs.translatehouse.org/projects/translate-toolkit/en/latest/releases... -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2076983 - translate-toolkit-3.6.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2076983 --------------------------------------------------------------------------------
================================================================================ uglify-js-3.15.4-1.fc35 (FEDORA-2022-06b53c1af2) JavaScript parser, mangler/compressor and beautifier toolkit -------------------------------------------------------------------------------- Update Information:
UglifyJS 3.15.4 -------------------------------------------------------------------------------- ChangeLog:
* Wed Apr 20 2022 Mattias Ellert mattias.ellert@physics.uu.se - 3.15.4-1 - Update to 3.15.4 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2073706 - uglify-js-3.15.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2073706 --------------------------------------------------------------------------------