The following Fedora 35 Security updates need testing:
Age URL
112
https://bodhi.fedoraproject.org/updates/FEDORA-2022-2e85e6cfc9
libdxfrw-1.0.1-3.fc35 librecad-2.2.0-0.13.rc3.fc35
105
https://bodhi.fedoraproject.org/updates/FEDORA-2022-dfc6924a11
mysql-connector-java-8.0.28-1.fc35
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-19f4c34184
mingw-pcre2-10.40-1.fc35
5
https://bodhi.fedoraproject.org/updates/FEDORA-2022-91b747a0d7
golang-github-opencontainers-runc-1.1.2-1.fc35
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-127b6e8a95 weechat-3.5-2.fc35
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-4ae9110f51
python-jwt-2.4.0-1.fc35
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-25dcba7104
mariadb-10.5.16-1.fc35
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-b2e339751b
thunderbird-91.9.1-1.fc35
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-47a86f6258
fapolicyd-1.1.2-1.fc35
The following Fedora 35 Critical Path updates have yet to be approved:
Age URL
13
https://bodhi.fedoraproject.org/updates/FEDORA-2022-5e6670a900
libretls-3.5.2-1.fc35 netcat-1.218-5.fc35 rpki-client-7.8-2.fc35
13
https://bodhi.fedoraproject.org/updates/FEDORA-2022-c8f748ea90
librsvg2-2.52.9-1.fc35
10
https://bodhi.fedoraproject.org/updates/FEDORA-2022-83c75c8f72 rsync-3.2.4-1.fc35
10
https://bodhi.fedoraproject.org/updates/FEDORA-2022-2d3c79f71e
osinfo-db-20220516-1.fc35
10
https://bodhi.fedoraproject.org/updates/FEDORA-2022-e65347ed76
python-blivet-3.4.4-1.fc35
8
https://bodhi.fedoraproject.org/updates/FEDORA-2022-a5af56609e
webkit2gtk3-2.36.2-1.fc35
7
https://bodhi.fedoraproject.org/updates/FEDORA-2022-652849acba
anaconda-35.22.2-5.fc35 gtk3-3.24.34-1.fc35
7
https://bodhi.fedoraproject.org/updates/FEDORA-2022-174b57a550 zstd-1.5.2-2.fc35
7
https://bodhi.fedoraproject.org/updates/FEDORA-2022-eb6c837b39
annobin-10.73-1.fc35
7
https://bodhi.fedoraproject.org/updates/FEDORA-2022-b7ab410b50
pipewire-0.3.51-2.fc35
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-ffad9aca7a
binutils-2.37-19.fc35
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-d54fbb6067
whois-5.5.13-1.fc35
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-29305e84f3
libbpf-0.6.1-2.fc35
2
https://bodhi.fedoraproject.org/updates/FEDORA-2022-afb8180724
hicolor-icon-theme-0.17-12.fc35
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-c309c88776
guestfs-tools-1.48.2-1.fc35
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-8f54fea9b5
libguestfs-1.48.3-1.fc35
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-2db7651962
firefox-100.0.2-2.fc35
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-55e3c16100
btrfs-progs-5.18-1.fc35
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-4d12669c6b
libbytesize-2.7-1.fc35
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-b2e339751b
thunderbird-91.9.1-1.fc35
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-11dae769e4
evolution-data-server-3.42.5-2.fc35
The following builds have been pushed to Fedora 35 updates-testing
bind-9.16.29-1.fc35
bind-dyndb-ldap-11.9-13.fc35
ckb-next-0.5.0-1.fc35
dnf-plugins-core-4.2.1-1.fc35
dotnet3.1-3.1.419-1.fc35
fprettify-0.3.7-2.fc35
gnome-control-center-41.7-1.fc35
gnome-shell-extension-system-monitor-applet-38-18.20220527gitb359d88.fc35
gnutls-3.7.6-1.fc35
json-fortran-8.3.0-2.fc35
libzia-4.36-4.fc35
logrotate-3.18.1-4.fc35
pacemaker-2.1.3-0.2.rc2.fc35
pgpdump-0.35-1.fc35
python-catkin_pkg-0.5.2-1.fc35
python-google-cloud-access-context-manager-0.1.11-1.fc35
python-google-cloud-org-policy-1.3.2-1.fc35
python-rospkg-1.4.0-1.fc35
python-uritemplate-4.1.1-1.fc35
sdrangel-7.2.1-1.fc35
wtype-0.4-3.fc35
Details about builds:
================================================================================
bind-9.16.29-1.fc35 (FEDORA-2022-48eb6235a4)
The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server
--------------------------------------------------------------------------------
Update Information:
- Update to 9.26.29 - Upstream [release
notes](https://downloads.isc.org/isc/bin
d9/9.16.29/doc/arm/html/notes.html#notes-for-bind-9-16-29)
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 26 2022 Petr Men����k <pemensik(a)redhat.com> - 32:9.16.29-1
- Update to 9.16.29 (#2087920)
- Fix netmgr_test fails on s390x (#2088125)
* Tue May 17 2022 Petr Men����k <pemensik(a)redhat.com> - 32:9.16.28-2
- Parse again timeout and attempts from resolv.conf (#2087156)
- Reenable unit tests during build
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2087156 - options timeout, attempts in resolv.conf
https://bugzilla.redhat.com/show_bug.cgi?id=2087156
[ 2 ] Bug #2087920 - bind-9.16.29 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2087920
[ 3 ] Bug #2088125 - [s390x] unit test lib/isc/tests/netmgr_test fails reliably
https://bugzilla.redhat.com/show_bug.cgi?id=2088125
--------------------------------------------------------------------------------
================================================================================
bind-dyndb-ldap-11.9-13.fc35 (FEDORA-2022-48eb6235a4)
LDAP back-end plug-in for BIND
--------------------------------------------------------------------------------
Update Information:
- Update to 9.26.29 - Upstream [release
notes](https://downloads.isc.org/isc/bin
d9/9.16.29/doc/arm/html/notes.html#notes-for-bind-9-16-29)
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 27 2022 Petr Men����k <pemensik(a)redhat.com> - 11.9-13
- Rebuild for BIND 9.16.29 (#2087920)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2087156 - options timeout, attempts in resolv.conf
https://bugzilla.redhat.com/show_bug.cgi?id=2087156
[ 2 ] Bug #2087920 - bind-9.16.29 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2087920
[ 3 ] Bug #2088125 - [s390x] unit test lib/isc/tests/netmgr_test fails reliably
https://bugzilla.redhat.com/show_bug.cgi?id=2088125
--------------------------------------------------------------------------------
================================================================================
ckb-next-0.5.0-1.fc35 (FEDORA-2022-0fd453ac19)
Unofficial driver for Corsair RGB keyboards
--------------------------------------------------------------------------------
Update Information:
Update to v0.5.0
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 27 2022 Artur Frenszek-Iwicki <fedora(a)svgames.pl> - 0.5.0-1
- Update to v0.5.0
--------------------------------------------------------------------------------
================================================================================
dnf-plugins-core-4.2.1-1.fc35 (FEDORA-2022-29f6b40ece)
Core Plugins for DNF
--------------------------------------------------------------------------------
Update Information:
- Skip all non rpm tsi for transaction_action plugins (RhBug:2023652)
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 27 2022 Jaroslav Rohel <jrohel(a)redhat.com> - 4.2.1-1
- Update to 4.2.1
- Skip all non rpm tsi for transaction_action plugins (rhbug:2023652)
--------------------------------------------------------------------------------
================================================================================
dotnet3.1-3.1.419-1.fc35 (FEDORA-2022-62c0ec2d98)
.NET Core Runtime and SDK
--------------------------------------------------------------------------------
Update Information:
Upstream release notes:
https://github.com/dotnet/core/blob/main/release-
notes/3.1/3.1.25/3.1.25.md
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 26 2022 Omair Majid <omajid(a)redhat.com> - 3.1.419-1
- Update to .NET SDK 3.1.419 and Runtime 3.1.25
--------------------------------------------------------------------------------
================================================================================
fprettify-0.3.7-2.fc35 (FEDORA-2022-efa2764128)
Auto-formatter for modern Fortran source code
--------------------------------------------------------------------------------
Update Information:
Initial release in Fedora.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 25 2022 Susi Lehtola <jussilehtola(a)fedoraproject.org> - 0.3.7-2
- Patch out use of /usr/bin/env python.
* Fri Feb 4 2022 Susi Lehtola <jussilehtola(a)fedoraproject.org> - 0.3.7-1
- Initial package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2050830 - Review Request: fprettify - Auto-formatter for modern Fortran
source code
https://bugzilla.redhat.com/show_bug.cgi?id=2050830
--------------------------------------------------------------------------------
================================================================================
gnome-control-center-41.7-1.fc35 (FEDORA-2022-c83a57d203)
Utilities to configure the GNOME desktop
--------------------------------------------------------------------------------
Update Information:
Update to 41.7 - Updated translations Cellular - Remove duplicate line from
.desktop Info - Allow changing "Device Name" by pressing "Enter" -
Remove
trailing space after CPU name Keyboard - Fix crash resetting all keyboard
shortcuts - Fix leaks Network - Fix saving passwords for non-wifi connections
- Fix critical when opening VPN details page Wacom - Fix leaks
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 27 2022 David King <amigadave(a)amigadave.com> - 41.7-1
- Update to 41.7
* Thu Mar 3 2022 David King <amigadave(a)amigadave.com> - 41.4-3
- Revert to PNG Fedora logo
* Wed Mar 2 2022 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 41.4-2
- Use SVG version of Fedora logos
--------------------------------------------------------------------------------
================================================================================
gnome-shell-extension-system-monitor-applet-38-18.20220527gitb359d88.fc35
(FEDORA-2022-7964626ec4)
A Gnome shell system monitor extension
--------------------------------------------------------------------------------
Update Information:
Added built for RHEL9
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 27 2022 Nicolas Vi��ville <nicolas.vieville(a)uphf.fr> -
1:38-18.20220527gitb359d88
- Added built for RHEL9
- Updated to last upstream commits
- Updated Brazilian Portuguese and Portuguese translations
- Updated README.md file
* Tue Mar 1 2022 Nicolas Vi��ville <nicolas.vieville(a)uphf.fr> -
1:38-17.20220301git2c6eb0a
- Updated to last upstream commits
- Added support for gnome 42
- Fixes SPEC file for rpmlint error rpm-buildroot-usage
* Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
1:38-16.20211103git11d43a8
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
gnutls-3.7.6-1.fc35 (FEDORA-2022-8568c6f3ac)
A TLS protocol implementation
--------------------------------------------------------------------------------
Update Information:
Rebase gnutls to version 3.7.6 ---- Rebase gnutls to version 3.7.5
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 27 2022 Zoltan Fridrich <zfridric(a)redhat.com> 3.7.6-1
- [packit] 3.7.6 upstream release
* Tue May 17 2022 Zoltan Fridrich <zfridric(a)redhat.com> 3.7.5-1
- [packit] 3.7.5 upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2084825 - gnutls-3.7.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2084825
[ 2 ] Bug #2087520 - anaconda (Python) crashes with gnutls 3.7.5: free(): invalid next
size (fast)
https://bugzilla.redhat.com/show_bug.cgi?id=2087520
--------------------------------------------------------------------------------
================================================================================
json-fortran-8.3.0-2.fc35 (FEDORA-2022-ac320886b8)
A Modern Fortran JSON API
--------------------------------------------------------------------------------
Update Information:
First release in Fedora
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 26 2022 Susi Lehtola <jussilehtola(a)fedoraproject.org> - 8.3.0-2
- Require gcc-gfortran for directory ownership.
* Tue May 24 2022 Susi Lehtola <jussilehtola(a)fedoraproject.org> - 8.3.0-1
- Initial release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2089880 - Review Request: json-fortran - A Modern Fortran JSON API
https://bugzilla.redhat.com/show_bug.cgi?id=2089880
--------------------------------------------------------------------------------
================================================================================
libzia-4.36-4.fc35 (FEDORA-2022-c565cb2ff1)
Platform abstraction layer for the tucnak package
--------------------------------------------------------------------------------
Update Information:
Dropped bfd from the pkgconfig requirement
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 27 2022 Jaroslav ��karvada <jskarvad(a)redhat.com> - 4.36-4
- Dropped bfd from the pkgconfig requirement
Resolves: rhbz#2086525
* Mon May 16 2022 Jaroslav ��karvada <jskarvad(a)redhat.com> - 4.36-3
- Rebuilt for bfd changes
Resolves: rhbz#2084314
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2088376 - F35FailsToInstall: libzia-devel
https://bugzilla.redhat.com/show_bug.cgi?id=2088376
--------------------------------------------------------------------------------
================================================================================
logrotate-3.18.1-4.fc35 (FEDORA-2022-ff0188b37c)
Rotates, compresses, removes and mails system log files
--------------------------------------------------------------------------------
Update Information:
- lockState: do not print `error:` when exit code is unaffected (#2090926) ----
- fix potential DoS from unprivileged users via the state file (CVE-2022-1348)
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 27 2022 Kamil Dudka <kdudka(a)redhat.com> - 3.18.1-4
- lockState: do not print `error:` when exit code is unaffected (#2090926)
* Wed May 25 2022 Kamil Dudka <kdudka(a)redhat.com> - 3.18.1-3
- fix potential DoS from unprivileged users via the state file (CVE-2022-1348)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2090272 - CVE-2022-1348 logrotate: potential DoS from unprivileged users via
the state file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2090272
[ 2 ] Bug #2090926 - error: state file /var/lib/logrotate/logrotate.status is
world-readable and thus can be locked from other unprivileged users. Skipping lock
acquisition
https://bugzilla.redhat.com/show_bug.cgi?id=2090926
--------------------------------------------------------------------------------
================================================================================
pacemaker-2.1.3-0.2.rc2.fc35 (FEDORA-2022-b3f3423ee8)
Scalable High-Availability cluster resource manager
--------------------------------------------------------------------------------
Update Information:
``` * Mon May 23 2022 Klaus Wenninger <kwenning(a)redhat.com> - 2.1.3-0.2.rc2 -
Update for new upstream tarball for release candidate: Pacemaker-2.1.3-rc2,
for full details, see included ChangeLog file or
https://github.com/ClusterLabs/pacemaker/releases/tag/Pacemaker-2.1.3-rc2 -
merged in upstream spec-changes - move crm_attribute to cli-package ```
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 23 2022 Klaus Wenninger <kwenning(a)redhat.com> - 2.1.3-0.2.rc2
- Update for new upstream tarball for release candidate: Pacemaker-2.1.3-rc2,
for full details, see included ChangeLog file or
https://github.com/ClusterLabs/pacemaker/releases/tag/Pacemaker-2.1.3-rc2
- merged in upstream spec-changes - move crm_attribute to cli-package
--------------------------------------------------------------------------------
================================================================================
pgpdump-0.35-1.fc35 (FEDORA-2022-d0fc2c1c60)
PGP packet visualizer
--------------------------------------------------------------------------------
Update Information:
update to 0.35
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 27 2022 Nick Bebout <nb(a)fedoraproject.org> - 0.35-1
- Update to 0.35
* Fri Jan 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.33-10
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-catkin_pkg-0.5.2-1.fc35 (FEDORA-2022-4ffcfa6f81)
Library for retrieving information about catkin packages
--------------------------------------------------------------------------------
Update Information:
Update to the latest ROS infrastructure package releases
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 27 2022 Scott K Logan <logans(a)cottsay.net> - 0.5.2-1
- Update to 0.5.2 (rhbz#2090928)
--------------------------------------------------------------------------------
================================================================================
python-google-cloud-access-context-manager-0.1.11-1.fc35 (FEDORA-2022-e089a8d345)
Google Cloud Client Libraries for google-cloud-access-context-manager
--------------------------------------------------------------------------------
Update Information:
Update to 0.1.11
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 27 2022 Major Hayden <major(a)mhtx.net> 0.1.11-1
- Update to 0.1.11
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2090897 - python-google-cloud-access-context-manager-0.1.11 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2090897
--------------------------------------------------------------------------------
================================================================================
python-google-cloud-org-policy-1.3.2-1.fc35 (FEDORA-2022-437b5ad608)
Python Client for Google Cloud Organization Policy API
--------------------------------------------------------------------------------
Update Information:
Update to 1.3.2
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 27 2022 Major Hayden <major(a)mhtx.net> 1.3.2-1
- Update to 1.3.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2090919 - python-google-cloud-org-policy-1.3.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2090919
--------------------------------------------------------------------------------
================================================================================
python-rospkg-1.4.0-1.fc35 (FEDORA-2022-4ffcfa6f81)
Utilities for ROS package, stack, and distribution information
--------------------------------------------------------------------------------
Update Information:
Update to the latest ROS infrastructure package releases
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 27 2022 Scott K Logan <logans(a)cottsay.net> - 1.4.0-1
- Update to 1.4.0
--------------------------------------------------------------------------------
================================================================================
python-uritemplate-4.1.1-1.fc35 (FEDORA-2022-de531c0c8d)
Simple python library to deal with URI Templates (RFC 6570)
--------------------------------------------------------------------------------
Update Information:
update to 4.1.1
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 27 2022 Nick Bebout <nb(a)fedoraproject.org> - 4.1.0-1
- Update to 4.1.0
* Fri Jan 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.0.1-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
sdrangel-7.2.1-1.fc35 (FEDORA-2022-308b108f22)
Software defined radio (SDR) and signal analyzer frontend to various hardware
--------------------------------------------------------------------------------
Update Information:
This is new version of sdrangel. ---- This is new version of sdrangel. ----
This is new version of sdrangel. ---- This is new version of sdrangel.
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 27 2022 Jaroslav ��karvada <jskarvad(a)redhat.com> - 7.2.1-1
- New version
Resolves: rhbz#2090931
* Thu May 26 2022 Jaroslav ��karvada <jskarvad(a)redhat.com> - 7.2.0-1
- New version
Resolves: rhbz#2090518
* Mon May 23 2022 Jaroslav ��karvada <jskarvad(a)redhat.com> - 7.1.0-1
- New version
Resolves: rhbz#2088770
* Thu May 19 2022 Jaroslav ��karvada <jskarvad(a)redhat.com> - 7.0.0-1
- New version
Resolves: rhbz#2070713
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2070713 - sdrangel-7.0.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2070713
[ 2 ] Bug #2088770 - sdrangel-7.1.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2088770
[ 3 ] Bug #2090518 - sdrangel-7.2.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2090518
[ 4 ] Bug #2090931 - sdrangel-7.2.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2090931
--------------------------------------------------------------------------------
================================================================================
wtype-0.4-3.fc35 (FEDORA-2022-d3324d8ecc)
xdotool type for Wayland
--------------------------------------------------------------------------------
Update Information:
Update to 0.4
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 27 2022 Major Hayden ���� <major(a)redhat.com> 0.4-2
- Remove forge macros archivename
* Fri May 27 2022 Major Hayden <major(a)redhat.com> 0.4-1
- ���� Update to 0.4
* Sat Jan 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> 0.3-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------