The following Fedora 31 Security updates need testing: Age URL 58 https://bodhi.fedoraproject.org/updates/FEDORA-2020-fcd5fd47bd qutebrowser-1.11.1-1.fc31 12 https://bodhi.fedoraproject.org/updates/FEDORA-2020-218ab035b1 knot-resolver-5.1.2-1.fc31 5 https://bodhi.fedoraproject.org/updates/FEDORA-2020-45041afb19 evolution-data-server-3.34.4-2.fc31 5 https://bodhi.fedoraproject.org/updates/FEDORA-2020-e30a990f5a tor-0.4.3.6-1.fc31 5 https://bodhi.fedoraproject.org/updates/FEDORA-2020-16741ac7ff nspr-4.26.0-1.fc31 nss-3.54.0-1.fc31 5 https://bodhi.fedoraproject.org/updates/FEDORA-2020-54e4356732 bashtop-0.9.24-1.fc31 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-4e92a61688 glibc-2.30-13.fc31 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-dd0c20d985 clamav-0.102.4-1.fc31 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-519516feec zabbix-4.0.22-1.fc31 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-508df53719 java-1.8.0-openjdk-1.8.0.262.b10-1.fc31 2 https://bodhi.fedoraproject.org/updates/FEDORA-2020-93cc9c3ef2 java-11-openjdk-11.0.8.10-2.fc31 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-d75360e2b0 golang-1.13.14-1.fc31
The following Fedora 31 Critical Path updates have yet to be approved: Age URL 52 https://bodhi.fedoraproject.org/updates/FEDORA-2020-03e14f6120 dracut-050-61.git20200529.fc31 37 https://bodhi.fedoraproject.org/updates/FEDORA-2020-5ccd452c8e gnutls-3.6.14-2.fc31 19 https://bodhi.fedoraproject.org/updates/FEDORA-2020-56e5d11739 python3-3.7.8-1.fc31 python3-docs-3.7.8-1.fc31 14 https://bodhi.fedoraproject.org/updates/FEDORA-2020-ae00b3db48 perl-Socket-2.030-1.fc31 13 https://bodhi.fedoraproject.org/updates/FEDORA-2020-1f26a8f191 firewalld-0.7.5-2.fc31 12 https://bodhi.fedoraproject.org/updates/FEDORA-2020-8a6ee2aa06 thunderbird-68.10.0-1.fc31 10 https://bodhi.fedoraproject.org/updates/FEDORA-2020-025ab83d69 pam-1.3.1-25.fc31 8 https://bodhi.fedoraproject.org/updates/FEDORA-2020-83b2ee6e63 nfs-utils-2.5.1-0.fc31 8 https://bodhi.fedoraproject.org/updates/FEDORA-2020-54c4dc151a perl-5.30.3-454.fc31 8 https://bodhi.fedoraproject.org/updates/FEDORA-2020-4567712788 tar-1.32-3.fc31 6 https://bodhi.fedoraproject.org/updates/FEDORA-2020-6502a12961 pcre2-10.35-4.fc31 5 https://bodhi.fedoraproject.org/updates/FEDORA-2020-16741ac7ff nspr-4.26.0-1.fc31 nss-3.54.0-1.fc31 5 https://bodhi.fedoraproject.org/updates/FEDORA-2020-45041afb19 evolution-data-server-3.34.4-2.fc31 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-4e92a61688 glibc-2.30-13.fc31 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-1e4efab208 glusterfs-7.7-1.fc31 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-985b8439df gssdp-1.0.5-1.fc31 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-fee64d61b3 cogl-1.22.8-1.fc31 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-1845580db2 perl-File-Path-2.17-1.fc31 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-49a936c70c cups-2.2.12-11.fc31 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-9c09ebb871 jasper-2.0.17-1.fc31
The following builds have been pushed to Fedora 31 updates-testing
bleachbit-4.0.0-2.fc31 erlang-22.3.4.3-1.fc31 gerbera-1.4.0-3.fc31 golang-github-getkin-kin-openapi-0.19.0-3.fc31 guayadeque-0.4.7-0.16.20200717git3c54f64.fc31 haproxy-2.0.16-1.fc31 icedtea-web-1.8.2-4.fc31 libebml-1.4.0-1.fc31 libmatroska-1.6.0-1.fc31 mkvtoolnix-48.0.0-1.fc31 mock-2.4-1.fc31 ovn-20.06.1-4.fc31 perl-ExtUtils-HasCompiler-0.022-1.fc31 proftpd-1.3.6e-1.fc31 python-operator-courier-2.1.9-1.fc31 python2-2.7.18-2.fc31 python38-3.8.5-1.fc31 python39-3.9.0~b5-1.fc31 toolbox-0.0.92-1.fc31 xtl-0.6.15-1.fc31
Details about builds:
================================================================================ bleachbit-4.0.0-2.fc31 (FEDORA-2020-b9b8b16520) Remove sensitive data and free up disk space -------------------------------------------------------------------------------- Update Information:
Unretire package. BleachBit 4.0.0 completed the transition to GTK 3 and Python 3. -------------------------------------------------------------------------------- ChangeLog:
--------------------------------------------------------------------------------
================================================================================ erlang-22.3.4.3-1.fc31 (FEDORA-2020-fde6385bcc) General-purpose programming language and runtime environment -------------------------------------------------------------------------------- Update Information:
Erlang ver. 22.3.4.3 -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 20 2020 Peter Lemenkov lemenkov@gmail.com - 22.3.4.3-1 - Ver. 22.3.4.3 --------------------------------------------------------------------------------
================================================================================ gerbera-1.4.0-3.fc31 (FEDORA-2020-4163779303) UPnP Media Server -------------------------------------------------------------------------------- Update Information:
## Matroska stack update. ### libebml 1.4.0: * Due to breaking ABI the soname version has been bumped to 5.0.0. * Default symbol visibility is now "hidden", reducing binary size. * Converted some things pointed out by cppcheck & clang- tidy to C++11. * Fixed a lot of issues pointed out by clang-tidy. * Added a function `ForceNoDefault` in the `EbmlElement` class. * Added a function `OverwriteData` in the `EbmlElement` class to complement the existing `OverwriteHead` function. * A C++11 compliant compiler is now required. Several of its features are now used in the source. ### libmatroska 1.6.0: * libEBML v1.4.0 is now required. * Due to breaking ABI the soname version has been bumped to 7.0.0. * Default symbol visibility is now "hidden", reducing binary size. * Converted some things pointed out by cppcheck & clang-tidy to C++11. * Fixed a lot of issues pointed out by clang-tidy. * A C++11 compliant compiler is now required. Several of its features are now used in the source. * `KaxCueData` class: added `PositionSet` overrides taking `KaxSimpleBlock` arguments. * `KaxSeekHead` class: the `IndexThis` function now returns a pointer to the newly allocated `KaxSeek` instance. * `KaxBlockData` class: the `SetReferencedTimecode` function is now public. * Fixed classes for updates in the current specification: `KaxTrackTimecodeScale` (can be written again), `TimeSlice`, `SliceLaceNumber`, `TrackAttachmentLink` (these cannot be written anymore), `KaxContentEncAlgo` (it's mandatory), `KaxChapLanguageIETF` (can occur multiple times), `KaxFileUsedStartTime`, `KaxFileUsedEndTime` (DivX-related elements, cannot be written anymore) * Added classes for new elements from the current specification: `KaxBlockAdditionMapping`, `KaxBlockAddIDValue`, `KaxBlockAddIDName`, `KaxBlockAddIDType`, `KaxBlockAddIDExtraData`, `KaxContentEncAESSettings`, `KaxContentEncAESSettings`. * The `MATROSKA_VERSION` pre-processor definition has been removed. You used to be able toe restrict compiling with only those classes for elements contained in Matroska v1, but that hasn't worked since 2010, so��� yeah. -------------------------------------------------------------------------------- ChangeLog:
* Fri Jul 17 2020 Dominik Mierzejewski rpm@greysector.net - 1.4.0-3 - rebuild for libebml and libmatroska soname bump -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1842056 - mkvtoolnix-48.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1842056 [ 2 ] Bug #1851593 - libebml-1.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1851593 [ 3 ] Bug #1851594 - libmatroska-1.6.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1851594 --------------------------------------------------------------------------------
================================================================================ golang-github-getkin-kin-openapi-0.19.0-3.fc31 (FEDORA-2020-56548e3eb3) OpenAPI 3.0 implementation for Go -------------------------------------------------------------------------------- Update Information:
Update to 0.19.0 (#1814487) -------------------------------------------------------------------------------- ChangeLog:
* Tue Jul 21 2020 Robert-Andr�� Mauchin zebob.m@gmail.com - 0.19.0-1 - Update to 0.19.0 (#1814487) * Wed Jan 29 2020 Fedora Release Engineering releng@fedoraproject.org - 0.2.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1814487 - golang-github-getkin-kin-openapi-0.19.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1814487 --------------------------------------------------------------------------------
================================================================================ guayadeque-0.4.7-0.16.20200717git3c54f64.fc31 (FEDORA-2020-e4ba09b084) Music player -------------------------------------------------------------------------------- Update Information:
Update to 0.4.7-0.16.20200717git3c54f64 -------------------------------------------------------------------------------- ChangeLog:
* Tue Jul 21 2020 Martin Gansser martinkg@fedoraproject.org - 0.4.7-0.16.20200716git3c54f64 - Update to 0.4.7-0.16.20200716git3c54f64 * Sat May 30 2020 Bj��rn Esser besser82@fedoraproject.org - 0.4.7-0.15.20200528gited0b3ca - Rebuild (jsoncpp) --------------------------------------------------------------------------------
================================================================================ haproxy-2.0.16-1.fc31 (FEDORA-2020-ae0126727e) HAProxy reverse proxy for high availability environments -------------------------------------------------------------------------------- Update Information:
Update to 2.0.16 -------------------------------------------------------------------------------- ChangeLog:
* Tue Jul 21 2020 Ryan O'Hara rohara@redhat.com - 2.0.16-1 - Update to 2.0.16 --------------------------------------------------------------------------------
================================================================================ icedtea-web-1.8.2-4.fc31 (FEDORA-2020-715cd8c644) Additional Java components for OpenJDK - Java browser plug-in and Web Start implementation -------------------------------------------------------------------------------- Update Information:
removal of ITW was leaving dangling alternatives. Fixed -------------------------------------------------------------------------------- ChangeLog:
--------------------------------------------------------------------------------
================================================================================ libebml-1.4.0-1.fc31 (FEDORA-2020-4163779303) Extensible Binary Meta Language library -------------------------------------------------------------------------------- Update Information:
## Matroska stack update. ### libebml 1.4.0: * Due to breaking ABI the soname version has been bumped to 5.0.0. * Default symbol visibility is now "hidden", reducing binary size. * Converted some things pointed out by cppcheck & clang- tidy to C++11. * Fixed a lot of issues pointed out by clang-tidy. * Added a function `ForceNoDefault` in the `EbmlElement` class. * Added a function `OverwriteData` in the `EbmlElement` class to complement the existing `OverwriteHead` function. * A C++11 compliant compiler is now required. Several of its features are now used in the source. ### libmatroska 1.6.0: * libEBML v1.4.0 is now required. * Due to breaking ABI the soname version has been bumped to 7.0.0. * Default symbol visibility is now "hidden", reducing binary size. * Converted some things pointed out by cppcheck & clang-tidy to C++11. * Fixed a lot of issues pointed out by clang-tidy. * A C++11 compliant compiler is now required. Several of its features are now used in the source. * `KaxCueData` class: added `PositionSet` overrides taking `KaxSimpleBlock` arguments. * `KaxSeekHead` class: the `IndexThis` function now returns a pointer to the newly allocated `KaxSeek` instance. * `KaxBlockData` class: the `SetReferencedTimecode` function is now public. * Fixed classes for updates in the current specification: `KaxTrackTimecodeScale` (can be written again), `TimeSlice`, `SliceLaceNumber`, `TrackAttachmentLink` (these cannot be written anymore), `KaxContentEncAlgo` (it's mandatory), `KaxChapLanguageIETF` (can occur multiple times), `KaxFileUsedStartTime`, `KaxFileUsedEndTime` (DivX-related elements, cannot be written anymore) * Added classes for new elements from the current specification: `KaxBlockAdditionMapping`, `KaxBlockAddIDValue`, `KaxBlockAddIDName`, `KaxBlockAddIDType`, `KaxBlockAddIDExtraData`, `KaxContentEncAESSettings`, `KaxContentEncAESSettings`. * The `MATROSKA_VERSION` pre-processor definition has been removed. You used to be able toe restrict compiling with only those classes for elements contained in Matroska v1, but that hasn't worked since 2010, so��� yeah. -------------------------------------------------------------------------------- ChangeLog:
* Tue Jul 7 2020 Dominik Mierzejewski rpm@greysector.net - 1.4.0-1 - update to 1.4.0 (#1851593), ABI bump -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1842056 - mkvtoolnix-48.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1842056 [ 2 ] Bug #1851593 - libebml-1.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1851593 [ 3 ] Bug #1851594 - libmatroska-1.6.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1851594 --------------------------------------------------------------------------------
================================================================================ libmatroska-1.6.0-1.fc31 (FEDORA-2020-4163779303) Open audio/video container format library -------------------------------------------------------------------------------- Update Information:
## Matroska stack update. ### libebml 1.4.0: * Due to breaking ABI the soname version has been bumped to 5.0.0. * Default symbol visibility is now "hidden", reducing binary size. * Converted some things pointed out by cppcheck & clang- tidy to C++11. * Fixed a lot of issues pointed out by clang-tidy. * Added a function `ForceNoDefault` in the `EbmlElement` class. * Added a function `OverwriteData` in the `EbmlElement` class to complement the existing `OverwriteHead` function. * A C++11 compliant compiler is now required. Several of its features are now used in the source. ### libmatroska 1.6.0: * libEBML v1.4.0 is now required. * Due to breaking ABI the soname version has been bumped to 7.0.0. * Default symbol visibility is now "hidden", reducing binary size. * Converted some things pointed out by cppcheck & clang-tidy to C++11. * Fixed a lot of issues pointed out by clang-tidy. * A C++11 compliant compiler is now required. Several of its features are now used in the source. * `KaxCueData` class: added `PositionSet` overrides taking `KaxSimpleBlock` arguments. * `KaxSeekHead` class: the `IndexThis` function now returns a pointer to the newly allocated `KaxSeek` instance. * `KaxBlockData` class: the `SetReferencedTimecode` function is now public. * Fixed classes for updates in the current specification: `KaxTrackTimecodeScale` (can be written again), `TimeSlice`, `SliceLaceNumber`, `TrackAttachmentLink` (these cannot be written anymore), `KaxContentEncAlgo` (it's mandatory), `KaxChapLanguageIETF` (can occur multiple times), `KaxFileUsedStartTime`, `KaxFileUsedEndTime` (DivX-related elements, cannot be written anymore) * Added classes for new elements from the current specification: `KaxBlockAdditionMapping`, `KaxBlockAddIDValue`, `KaxBlockAddIDName`, `KaxBlockAddIDType`, `KaxBlockAddIDExtraData`, `KaxContentEncAESSettings`, `KaxContentEncAESSettings`. * The `MATROSKA_VERSION` pre-processor definition has been removed. You used to be able toe restrict compiling with only those classes for elements contained in Matroska v1, but that hasn't worked since 2010, so��� yeah. -------------------------------------------------------------------------------- ChangeLog:
* Tue Jul 7 2020 Dominik Mierzejewski rpm@greysector.net - 1.6.0-1 - update to 1.6.0 (#1851594), ABI bump -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1842056 - mkvtoolnix-48.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1842056 [ 2 ] Bug #1851593 - libebml-1.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1851593 [ 3 ] Bug #1851594 - libmatroska-1.6.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1851594 --------------------------------------------------------------------------------
================================================================================ mkvtoolnix-48.0.0-1.fc31 (FEDORA-2020-4163779303) Matroska container manipulation utilities -------------------------------------------------------------------------------- Update Information:
## Matroska stack update. ### libebml 1.4.0: * Due to breaking ABI the soname version has been bumped to 5.0.0. * Default symbol visibility is now "hidden", reducing binary size. * Converted some things pointed out by cppcheck & clang- tidy to C++11. * Fixed a lot of issues pointed out by clang-tidy. * Added a function `ForceNoDefault` in the `EbmlElement` class. * Added a function `OverwriteData` in the `EbmlElement` class to complement the existing `OverwriteHead` function. * A C++11 compliant compiler is now required. Several of its features are now used in the source. ### libmatroska 1.6.0: * libEBML v1.4.0 is now required. * Due to breaking ABI the soname version has been bumped to 7.0.0. * Default symbol visibility is now "hidden", reducing binary size. * Converted some things pointed out by cppcheck & clang-tidy to C++11. * Fixed a lot of issues pointed out by clang-tidy. * A C++11 compliant compiler is now required. Several of its features are now used in the source. * `KaxCueData` class: added `PositionSet` overrides taking `KaxSimpleBlock` arguments. * `KaxSeekHead` class: the `IndexThis` function now returns a pointer to the newly allocated `KaxSeek` instance. * `KaxBlockData` class: the `SetReferencedTimecode` function is now public. * Fixed classes for updates in the current specification: `KaxTrackTimecodeScale` (can be written again), `TimeSlice`, `SliceLaceNumber`, `TrackAttachmentLink` (these cannot be written anymore), `KaxContentEncAlgo` (it's mandatory), `KaxChapLanguageIETF` (can occur multiple times), `KaxFileUsedStartTime`, `KaxFileUsedEndTime` (DivX-related elements, cannot be written anymore) * Added classes for new elements from the current specification: `KaxBlockAdditionMapping`, `KaxBlockAddIDValue`, `KaxBlockAddIDName`, `KaxBlockAddIDType`, `KaxBlockAddIDExtraData`, `KaxContentEncAESSettings`, `KaxContentEncAESSettings`. * The `MATROSKA_VERSION` pre-processor definition has been removed. You used to be able toe restrict compiling with only those classes for elements contained in Matroska v1, but that hasn't worked since 2010, so��� yeah. -------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 8 2020 Dominik Mierzejewski rpm@greysector.net - 48.0.0-1 - update to 48.0.0 (#1842056) - switch to bundled fmt (too old in F31) - enable DVD chapters support via libdvdread - bump minimum libebml and libmatroska versions -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1842056 - mkvtoolnix-48.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1842056 [ 2 ] Bug #1851593 - libebml-1.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1851593 [ 3 ] Bug #1851594 - libmatroska-1.6.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1851594 --------------------------------------------------------------------------------
================================================================================ mock-2.4-1.fc31 (FEDORA-2020-619a166380) Builds packages inside chroots -------------------------------------------------------------------------------- Update Information:
- mockbuild/buildroot: Make btrfs-control available if host supports it - Add `module_setup_commands` configuration option - Use a different .rpmmacros for install/build time - lvm: don't recall set_current_snapshot unnecessarily - mock: copy source CA certificates -------------------------------------------------------------------------------- ChangeLog:
* Tue Jul 21 2020 Miroslav Such�� msuchy@redhat.com 2.4-1 - mockbuild/buildroot: Make btrfs-control available if host supports it (ngompa13@gmail.com) - Add `module_setup_commands` configuration option (praiskup@redhat.com) - Use a different .rpmmacros for install/build time (praiskup@redhat.com) - lvm: don't recall set_current_snapshot unnecessarily (praiskup@redhat.com) - mock: copy source CA certificates (kdreyer@redhat.com) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1848201 - Setting netsharedpath in .rpmmacros causes lorax to fail when run inside of mock https://bugzilla.redhat.com/show_bug.cgi?id=1848201 --------------------------------------------------------------------------------
================================================================================ ovn-20.06.1-4.fc31 (FEDORA-2020-4923bcab54) Open Virtual Network support -------------------------------------------------------------------------------- Update Information:
Backport "ovn-controller: Fix the missing ct zone entries for container ports." (#1858191) -------------------------------------------------------------------------------- ChangeLog:
* Tue Jul 21 2020 Numan Siddique nusiddiq@redhat.com - 20.06.1-4 - Backport "ovn-controller: Fix the missing ct zone entries for container ports." (#1858191) * Thu Jul 16 2020 Numan Siddique nusiddiq@redhat.com - 20.06.1-3 - Backport "ovn-controller: Fix the missing flows with monitor-all set to True" (#1857537) * Thu Jul 16 2020 Numan Siddique nusiddiq@redhat.com - 20.06.1-2 - Backport "Introduce icmp6_error action" (#1846300) - Backport "Introduce icmp6.frag_mtu action" (#1846300) - Backport "northd: introduce icmp6_error logical flows in router pipeline" (#1846300) * Thu Jul 16 2020 Numan Siddique nusiddiq@redhat.com - 20.06.1-1 - Backport "Support packet metadata marking for logical router policies." (#1828933) - Backport "ovn-nbctl: Enhance lr-policy-add to set the options."(#1828933) - Backport "pinctrl: Support DHCPRELEASE and DHCPINFORM in native OVN dhcp responder." (#1801258) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1858191 - the connection to load balancer VIP breaks when ACL is added https://bugzilla.redhat.com/show_bug.cgi?id=1858191 --------------------------------------------------------------------------------
================================================================================ perl-ExtUtils-HasCompiler-0.022-1.fc31 (FEDORA-2020-4ecef20360) Check for the presence of a compiler -------------------------------------------------------------------------------- Update Information:
This releases recongizes a MSYS compiler. We deliver it mainly to provide an up- to-date version string. -------------------------------------------------------------------------------- ChangeLog:
* Tue Jul 21 2020 Petr Pisar ppisar@redhat.com - 0.022-1 - 0.022 bump -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1858951 - perl-ExtUtils-HasCompiler-0.022 is available https://bugzilla.redhat.com/show_bug.cgi?id=1858951 --------------------------------------------------------------------------------
================================================================================ proftpd-1.3.6e-1.fc31 (FEDORA-2020-a79e48111e) Flexible, stable and highly-configurable FTP server -------------------------------------------------------------------------------- Update Information:
This is the current upstream maintenance release, fixing an issue where an sftp client could crash the server. -------------------------------------------------------------------------------- ChangeLog:
* Tue Jul 21 2020 Paul Howarth paul@city-fan.org - 1.3.6e-1 - Update to 1.3.6e - Fixed null pointer dereference in mod_sftp when using SCP incorrectly (https://github.com/proftpd/proftpd/issues/1043) --------------------------------------------------------------------------------
================================================================================ python-operator-courier-2.1.9-1.fc31 (FEDORA-2020-520b9a2f15) Library and CLI tool to build, verify and push operator metadata -------------------------------------------------------------------------------- Update Information:
New upstream release -------------------------------------------------------------------------------- ChangeLog:
* Tue Jul 21 2020 Martin Ba��ti mbasti@redhat.com - 2.1.9-1 - New upstream release 2.1.9 --------------------------------------------------------------------------------
================================================================================ python2-2.7.18-2.fc31 (FEDORA-2020-826b24c329) An interpreted, interactive, object-oriented programming language -------------------------------------------------------------------------------- Update Information:
Avoid infinite loop when reading specially crafted TAR files (CVE-2019-20907) -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 20 2020 Petr Viktorin pviktori@redhat.com - 2.7.18-2 - Avoid infinite loop when reading specially crafted TAR files (CVE-2019-20907) Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1856481 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1856485 - CVE-2019-20907 python2: python: infinite loop in the tarfile module via crafted TAR archive [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1856485 --------------------------------------------------------------------------------
================================================================================ python38-3.8.5-1.fc31 (FEDORA-2020-bb919e575e) Version 3.8 of the Python interpreter -------------------------------------------------------------------------------- Update Information:
Python 3.8.5 security update. Contains security fix fro CVE-2019-20907. [Full ch angelog](https://docs.python.org/3/whatsnew/changelog.html#python-3-8-5-final). ---- Security fix for CVE-2020-14422 -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 20 2020 Miro Hron��ok mhroncok@redhat.com - 3.8.5-1 - Update to 3.8.5 * Tue Jul 14 2020 Tomas Hrnciar thrnciar@redhat.com - 3.8.4-1 - Update to 3.8.4 * Tue Jun 30 2020 Miro Hron��ok mhroncok@redhat.com - 3.8.4~rc1-1 - Rebased to 3.8.4rc1 * Fri May 29 2020 Victor Stinner vstinner@python.org - 3.8.3-2 - Fix sqlite3 deterministic test -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1854926 - CVE-2020-14422 python: DoS via inefficiency in IPv{4,6}Interface classes https://bugzilla.redhat.com/show_bug.cgi?id=1854926 [ 2 ] Bug #1856481 - CVE-2019-20907 python: infinite loop in the tarfile module via crafted TAR archive https://bugzilla.redhat.com/show_bug.cgi?id=1856481 --------------------------------------------------------------------------------
================================================================================ python39-3.9.0~b5-1.fc31 (FEDORA-2020-aab24d3714) Version 3.9 of the Python interpreter -------------------------------------------------------------------------------- Update Information:
Python 3.9.0b5 update. Contains security fix for CVE-2019-20907. [Full changelog ](https://docs.python.org/3.9/whatsnew/changelog.html#python-3-9-0-beta-5). Large autogenerated modules (`pydoc_data` and several encodings) are now present as `pyc` (optimization 0) files only. -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 20 2020 Miro Hron��ok mhroncok@redhat.com - 3.9.0~b5-1 - Update to 3.9.0b5 * Thu Jul 16 2020 Marcel Plch mplch@redhat.com - 3.9.0~b4-2 - Remove large, autogenerated Python sources and redundant pycache levels to reduce filesystem footprint -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1856481 - CVE-2019-20907 python: infinite loop in the tarfile module via crafted TAR archive https://bugzilla.redhat.com/show_bug.cgi?id=1856481 --------------------------------------------------------------------------------
================================================================================ toolbox-0.0.92-1.fc31 (FEDORA-2020-a3ea6e6b44) Unprivileged development environment -------------------------------------------------------------------------------- Update Information:
* Rewrite Toolbox in Go * Remove support for toolbox containers created by Toolbox 0.0.9 and older * Add option --version to show current Toolbox version * Add options --log-level and --log-podman as possible future replacements for --verbose and --very-verbose * Clean up the spinner when aborted by SIGINT (or ctrl+c) and such * Fix duplication in the output of the list command * Mark the reset command as deprecated (replaced by 'podman system reset') * Show an error if $PWD is missing inside the container * Support specifying the name of a toolbox container as an argument to the create and enter commands, in addition to the --container option -------------------------------------------------------------------------------- ChangeLog:
* Tue Jul 21 2020 Debarshi Ray rishi@fedoraproject.org - 0.0.92-1 - Update to 0.0.92 * Tue Jul 21 2020 Debarshi Ray rishi@fedoraproject.org - 0.0.91-2 - Fix the 'toolbox --version' output * Tue Jul 21 2020 Harry M��chal harrymichal@seznam.cz - 0.0.91-1 - Update to 0.0.91 * Tue Jul 21 2020 Debarshi Ray rishi@fedoraproject.org - 0.0.18-3 - Remove ExclusiveArch to match Podman --------------------------------------------------------------------------------
================================================================================ xtl-0.6.15-1.fc31 (FEDORA-2020-93b4c2f6b7) QuantStack tools library -------------------------------------------------------------------------------- Update Information:
Update to latest version -------------------------------------------------------------------------------- ChangeLog:
* Tue Jul 21 2020 Elliott Sales de Andrade quantum.analyst@gmail.com - 0.6.15-1 - Update to latest version -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1856445 - xtl-0.6.15 is available https://bugzilla.redhat.com/show_bug.cgi?id=1856445 --------------------------------------------------------------------------------