The following Fedora 35 Security updates need testing: Age URL 52 https://bodhi.fedoraproject.org/updates/FEDORA-2022-2e85e6cfc9 libdxfrw-1.0.1-3.fc35 librecad-2.2.0-0.13.rc3.fc35 44 https://bodhi.fedoraproject.org/updates/FEDORA-2022-dfc6924a11 mysql-connector-java-8.0.28-1.fc35 13 https://bodhi.fedoraproject.org/updates/FEDORA-2022-011c2a9ba8 xen-4.15.2-2.fc35 10 https://bodhi.fedoraproject.org/updates/FEDORA-2022-e2996202a0 libtiff-4.3.0-6.fc35 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-82a6236ac7 rsh-0.17-100.fc35 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-a9349c1299 unrealircd-6.0.2-1.fc35 5 https://bodhi.fedoraproject.org/updates/FEDORA-2022-445ec90e7c cobbler-3.2.2-9.fc35 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-40544b5314 389-ds-base-2.0.15-1.fc35 3 https://bodhi.fedoraproject.org/updates/FEDORA-2022-eda0e65b01 skopeo-1.7.0-1.fc35 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-cce05f0e5e phoronix-test-suite-10.8.2-1.fc35 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-d0fe2a444a libkiwix-10.1.0-1.fc35
The following Fedora 35 Critical Path updates have yet to be approved: Age URL 13 https://bodhi.fedoraproject.org/updates/FEDORA-2022-011c2a9ba8 xen-4.15.2-2.fc35 10 https://bodhi.fedoraproject.org/updates/FEDORA-2022-e2996202a0 libtiff-4.3.0-6.fc35 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-dce04a5adf libretls-3.5.1-1.fc35 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-925ac7bfff gnome-shell-41.5-1.fc35 mutter-41.5-1.fc35 5 https://bodhi.fedoraproject.org/updates/FEDORA-2022-c1b7acba94 web-assets-5-15.fc35 5 https://bodhi.fedoraproject.org/updates/FEDORA-2022-cbd7f6ead4 annobin-10.58-1.fc35 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-86964650b4 tzdata-2022a-1.fc35 3 https://bodhi.fedoraproject.org/updates/FEDORA-2022-f6fbdd0d82 python3-docs-3.10.4-1.fc35 python3.10-3.10.4-1.fc35 3 https://bodhi.fedoraproject.org/updates/FEDORA-2022-e4bdc8e27f squashfs-tools-4.5.1-1.fc35 3 https://bodhi.fedoraproject.org/updates/FEDORA-2022-832155a719 xorg-x11-xinit-1.4.0-14.fc35 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-7ee3f6ed74 gdb-11.2-2.fc35
The following builds have been pushed to Fedora 35 updates-testing
bacula-11.0.6-2.fc35 baresip-2.0.1-1.fc35 container-selinux-2.181.0-1.fc35 cups-filters-1.28.13-1.fc35 evolution-data-server-3.42.4-2.fc35 gdal-3.3.3-1.fc35 ginac-1.8.3-1.fc35 gutenprint-5.3.4-8.fc35 hwinfo-21.80-1.fc35 igt-gpu-tools-1.26-1.20220328git37ec3b8.fc35 jacktrip-1.5.3-1.fc35 kernel-5.16.18-200.fc35 koji-osbuild-5-0.fc35 libre-2.2.0-1.fc35 librem-2.0.0-2.fc35 libx86emu-3.5-1.fc35 mingw-fribidi-1.0.10-5.fc35 mingw-gdal-3.3.3-3.fc35 mingw-openexr-3.1.4-1.fc35 mingw-openjpeg2-2.4.0-5.fc35 mingw-python-pillow-8.3.2-3.fc35 mingw-python3-3.10.4-1.fc35 moolticute-0.55.0-1.fc35 netatalk-3.1.13-1.fc35 openjpeg2-2.4.0-5.fc35 php-twig2-2.14.12-1.fc35 php-twig3-3.3.9-1.fc35 plasma-wallpapers-dynamic-4.0.0~git20220328.d37f412-1.fc35 python-ast-monitor-0.1.2-1.fc35 python-kiwisolver-1.4.1-1.fc35 python-myrepos-utils-0.0.1.1-1.fc35 python-pillow-8.3.2-3.fc35 remmina-1.4.25-2.fc35 rust-1.59.0-4.fc35 rust-zram-generator-1.1.2-1.fc35 salt-3004.1-1.fc35 sdl-telnet-1.0.0-5.20220328gite0e2a91.fc35 solaar-1.1.2-1.fc35 twinkle-1.10.3-1.git15ece11.fc35 wayland-1.20.0-4.fc35
Details about builds:
================================================================================ bacula-11.0.6-2.fc35 (FEDORA-2022-710742d988) Cross platform network backup for Linux, Unix, Mac and Windows -------------------------------------------------------------------------------- Update Information:
Bacula 11.0.6 bugfix release. -------------------------------------------------------------------------------- ChangeLog:
* Sat Mar 26 2022 Simone Caronni negativo17@gmail.com - 11.0.6-2 - Update/reorganize patches. * Fri Mar 25 2022 Simone Caronni negativo17@gmail.com - 11.0.6-1 - Update to 11.0.6. * Wed Jan 19 2022 Fedora Release Engineering releng@fedoraproject.org - 11.0.5-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Tue Sep 14 2021 Sahana Prasad sahana@redhat.com - 11.0.5-3 - Rebuilt with OpenSSL 3.0.0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1999436 - [F36FTBFS]: bacula fails to build from source in Fedora Rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1999436 [ 2 ] Bug #2018891 - bacula: FTBFS with OpenSSL 3.0.0 https://bugzilla.redhat.com/show_bug.cgi?id=2018891 [ 3 ] Bug #2045215 - bacula: FTBFS in Fedora rawhide/f36 https://bugzilla.redhat.com/show_bug.cgi?id=2045215 --------------------------------------------------------------------------------
================================================================================ baresip-2.0.1-1.fc35 (FEDORA-2022-f5e7b32c4f) Modular SIP user-agent with audio and video support -------------------------------------------------------------------------------- Update Information:
# Baresip 2.0.1 (2022-03-27) - audio: fix `rx_thread` (adaptive jitter buffer) - test: init fixture - test: refactoring of `test_account_uri_complete` - mk: check also if `extensions/XShm.h` is present - menu: support custom SIP headers - menu: use new `sdp_dir_decode` - menu: avoid multiple hash entries with same key - menu: support audio file config value "none" - intercom: add video preview call # libre v2.2.0 (2022-03-28) - tls: fix coverity defect - http/client: `read_file` check `ftell` return value - udp: fix coverity defect - cmake: add detection of `HAVE_ARC4RANDOM` - Fix coverity issues - Support adding CRLs - json/decode: fix possible out of bound access, if code changes - tls/tls_add_crlpem: use `const` - udp: fix coverity defect - dns: fix Coverity Defect - tls: use `const` pointer for `tls_add_capem()` - srtp/srtcp: add sanity check for `rtcp->tag_len` - shim: new module from rew - Trice module - retest trice - Add `try_into` conversion helper and drop gcc 4.8 support - rtp: fix signed/unsigned warning on WIN32 - fix build error on openbsd arm64 (raspberry pi) - cmake: disable C extensions (like `make`) - fmt: add bool decode from `struct pl` - sdp: a utility function for decoding SDP direction - sa/sa_ntop: check `inet_ntop()` return value - sa_pton: use `sa_addrinfo` for interface suffix -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 28 2022 Robert Scheck robert@fedoraproject.org 2.0.1-1 - Upgrade to 2.0.1 (#2068919) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2068919 - baresip-2.0.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2068919 [ 2 ] Bug #2069304 - libre-2.2.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2069304 [ 3 ] Bug #2069437 - F35FailsToInstall: Multiple packages built from baresip https://bugzilla.redhat.com/show_bug.cgi?id=2069437 --------------------------------------------------------------------------------
================================================================================ container-selinux-2.181.0-1.fc35 (FEDORA-2022-32eea4f938) SELinux policies for container runtimes -------------------------------------------------------------------------------- Update Information:
auto bump to v2.181.0 -------------------------------------------------------------------------------- ChangeLog:
* Fri Mar 25 2022 RH Container Bot rhcontainerbot@fedoraproject.org 2:2.181.0-1 - auto bump to v2.181.0 --------------------------------------------------------------------------------
================================================================================ cups-filters-1.28.13-1.fc35 (FEDORA-2022-fdbc7b9be7) OpenPrinting CUPS filters and backends -------------------------------------------------------------------------------- Update Information:
1.28.13 -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 28 2022 Zdenek Dohnal zdohnal@redhat.com - 1.28.13-1 - 1.28.13 --------------------------------------------------------------------------------
================================================================================ evolution-data-server-3.42.4-2.fc35 (FEDORA-2022-a03f1ef4d7) Backend data server for Evolution -------------------------------------------------------------------------------- Update Information:
Add an upstream patch to fix a href extraction from a Location header in the EWebDAVSession object. -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 28 2022 Milan Crha mcrha@redhat.com - 3.42.4-2 - Resolves: #2068395 (EWebDAVSession: Correct extract of href from Location header) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2068395 - Backport "EWebDAVSession: Correct extract of href from Location header" https://bugzilla.redhat.com/show_bug.cgi?id=2068395 --------------------------------------------------------------------------------
================================================================================ gdal-3.3.3-1.fc35 (FEDORA-2022-e85e37206b) GIS file format library -------------------------------------------------------------------------------- Update Information:
Update to gdal-3.3.3 and python-3.10.4. -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 4 2022 Sandro Mani manisandro@gmail.com - 3.3.3-1 - Update to 3.3.3 * Fri Feb 4 2022 Sandro Mani manisandro@gmail.com - 3.3.2-2 - Backport patch for CVE-2021-45943 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2049069 - CVE-2021-45943 gdal: heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2049069 [ 2 ] Bug #2049070 - CVE-2021-45943 mingw-gdal: gdal: heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2049070 --------------------------------------------------------------------------------
================================================================================ ginac-1.8.3-1.fc35 (FEDORA-2022-789cd6b73b) C++ library for symbolic calculations -------------------------------------------------------------------------------- Update Information:
Latest upstream minor release. -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 28 2022 Zbigniew J��drzejewski-Szmek zbyszek@in.waw.pl 1.8.3-1 - Version 1.8.3 (rhbz#2036442) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2036442 - ginac-1.8.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2036442 --------------------------------------------------------------------------------
================================================================================ gutenprint-5.3.4-8.fc35 (FEDORA-2022-b1570f0952) Printer Drivers Package -------------------------------------------------------------------------------- Update Information:
2055504 - Set gutenprint53+usb backend to use the default USB context -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 28 2022 Zdenek Dohnal zdohnal@redhat.com - 5.3.4-8 - 2055504 - Set gutenprint53+usb backend to use the default USB context * Thu Jan 20 2022 Fedora Release Engineering releng@fedoraproject.org - 5.3.4-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2055504 - Set gutenprint53+usb backend to use the default USB context https://bugzilla.redhat.com/show_bug.cgi?id=2055504 --------------------------------------------------------------------------------
================================================================================ hwinfo-21.80-1.fc35 (FEDORA-2022-310ea098ab) Hardware information tool -------------------------------------------------------------------------------- Update Information:
Update to 21.80 -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 28 2022 Andrey Ponomarenko andrewponomarenko@yandex.ru - 21.80-1 - Update to 21.80 --------------------------------------------------------------------------------
================================================================================ igt-gpu-tools-1.26-1.20220328git37ec3b8.fc35 (FEDORA-2022-89fdeaccd6) Test suite and tools for DRM drivers -------------------------------------------------------------------------------- Update Information:
New git snapshot -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 28 2022 Lyude Paul lyude@redhat.com - 1.26-1.20220328git37ec3b8 - New git snapshot --------------------------------------------------------------------------------
================================================================================ jacktrip-1.5.3-1.fc35 (FEDORA-2022-74cfb5b3d9) A system for high-quality audio network performance over the Internet -------------------------------------------------------------------------------- Update Information:
Update to 1.5.3 (#2069182) -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 28 2022 I��aki ��car iucar@fedoraproject.org - 1.5.3-1 - Update to 1.5.3 (#2069182) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2069182 - jacktrip-1.5.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2069182 --------------------------------------------------------------------------------
================================================================================ kernel-5.16.18-200.fc35 (FEDORA-2022-eb323bcd80) The Linux kernel -------------------------------------------------------------------------------- Update Information:
The 5.16.18 stable kernel update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 28 2022 Justin M. Forbes jforbes@fedoraproject.org [5.16.18-0] - Revert "swiotlb: rework "fix info leak with DMA_FROM_DEVICE"" (Linus Torvalds) - Fix RHDISTGIT for Fedora (Justin M. Forbes) - Fix up changelog (Justin M. Forbes) * Wed Mar 23 2022 Justin M. Forbes jforbes@fedoraproject.org [5.16.17-0] - Linux v5.16.17 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2066706 - CVE-2022-1048 kernel: race condition in snd_pcm_hw_free leading to use-after-free https://bugzilla.redhat.com/show_bug.cgi?id=2066706 --------------------------------------------------------------------------------
================================================================================ koji-osbuild-5-0.fc35 (FEDORA-2022-4fd0112d73) Koji integration for osbuild composer -------------------------------------------------------------------------------- Update Information:
Update koji-osbuild to the latest version -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 28 2022 Packit Service user-cont-team+packit-service@redhat.com - 5-0 CHANGES WITH 5: ---------------- * builder: rename gpg_key field to gpgkey for repos (#91) * builder: fix type annotations (#92) * Add GitHub Action to create upstream tag (#90) * docs: fix error in hacking.md (#85) * build(deps): bump actions/checkout from 2 to 3 (#86) * spec: don't push tests into Fedora (#89) * test/builder: drop misleading quotes from config (#88) * builder: use correct secret when fetching token (#87) * packit: Push directly to dist-git (#84)
Contributions from: Christian Kellner, Ond��ej Budai, Simon Steinbeiss, Stephen Coady, dependabot[bot]
��� Somewhere on the Internet, 2022-03-28 --------------------------------------------------------------------------------
================================================================================ libre-2.2.0-1.fc35 (FEDORA-2022-f5e7b32c4f) Library for real-time communications and SIP stack -------------------------------------------------------------------------------- Update Information:
# Baresip 2.0.1 (2022-03-27) - audio: fix `rx_thread` (adaptive jitter buffer) - test: init fixture - test: refactoring of `test_account_uri_complete` - mk: check also if `extensions/XShm.h` is present - menu: support custom SIP headers - menu: use new `sdp_dir_decode` - menu: avoid multiple hash entries with same key - menu: support audio file config value "none" - intercom: add video preview call # libre v2.2.0 (2022-03-28) - tls: fix coverity defect - http/client: `read_file` check `ftell` return value - udp: fix coverity defect - cmake: add detection of `HAVE_ARC4RANDOM` - Fix coverity issues - Support adding CRLs - json/decode: fix possible out of bound access, if code changes - tls/tls_add_crlpem: use `const` - udp: fix coverity defect - dns: fix Coverity Defect - tls: use `const` pointer for `tls_add_capem()` - srtp/srtcp: add sanity check for `rtcp->tag_len` - shim: new module from rew - Trice module - retest trice - Add `try_into` conversion helper and drop gcc 4.8 support - rtp: fix signed/unsigned warning on WIN32 - fix build error on openbsd arm64 (raspberry pi) - cmake: disable C extensions (like `make`) - fmt: add bool decode from `struct pl` - sdp: a utility function for decoding SDP direction - sa/sa_ntop: check `inet_ntop()` return value - sa_pton: use `sa_addrinfo` for interface suffix -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 28 2022 Robert Scheck robert@fedoraproject.org 2.2.0-1 - Upgrade to 2.2.0 (#2069304) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2068919 - baresip-2.0.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2068919 [ 2 ] Bug #2069304 - libre-2.2.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2069304 [ 3 ] Bug #2069437 - F35FailsToInstall: Multiple packages built from baresip https://bugzilla.redhat.com/show_bug.cgi?id=2069437 --------------------------------------------------------------------------------
================================================================================ librem-2.0.0-2.fc35 (FEDORA-2022-f5e7b32c4f) Library for real-time audio and video processing -------------------------------------------------------------------------------- Update Information:
# Baresip 2.0.1 (2022-03-27) - audio: fix `rx_thread` (adaptive jitter buffer) - test: init fixture - test: refactoring of `test_account_uri_complete` - mk: check also if `extensions/XShm.h` is present - menu: support custom SIP headers - menu: use new `sdp_dir_decode` - menu: avoid multiple hash entries with same key - menu: support audio file config value "none" - intercom: add video preview call # libre v2.2.0 (2022-03-28) - tls: fix coverity defect - http/client: `read_file` check `ftell` return value - udp: fix coverity defect - cmake: add detection of `HAVE_ARC4RANDOM` - Fix coverity issues - Support adding CRLs - json/decode: fix possible out of bound access, if code changes - tls/tls_add_crlpem: use `const` - udp: fix coverity defect - dns: fix Coverity Defect - tls: use `const` pointer for `tls_add_capem()` - srtp/srtcp: add sanity check for `rtcp->tag_len` - shim: new module from rew - Trice module - retest trice - Add `try_into` conversion helper and drop gcc 4.8 support - rtp: fix signed/unsigned warning on WIN32 - fix build error on openbsd arm64 (raspberry pi) - cmake: disable C extensions (like `make`) - fmt: add bool decode from `struct pl` - sdp: a utility function for decoding SDP direction - sa/sa_ntop: check `inet_ntop()` return value - sa_pton: use `sa_addrinfo` for interface suffix -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 28 2022 Robert Scheck robert@fedoraproject.org 2.0.0-2 - Rebuilt for libre 2.2.0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2068919 - baresip-2.0.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2068919 [ 2 ] Bug #2069304 - libre-2.2.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2069304 [ 3 ] Bug #2069437 - F35FailsToInstall: Multiple packages built from baresip https://bugzilla.redhat.com/show_bug.cgi?id=2069437 --------------------------------------------------------------------------------
================================================================================ libx86emu-3.5-1.fc35 (FEDORA-2022-958a6ebeba) x86 emulation library -------------------------------------------------------------------------------- Update Information:
Update to 3.5 -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 28 2022 Andrey Ponomarenko andrewponomarenko@yandex.ru - 3.5-1 - Update to 3.5 --------------------------------------------------------------------------------
================================================================================ mingw-fribidi-1.0.10-5.fc35 (FEDORA-2022-8c2af4ba24) MinGW Windows fribidi library -------------------------------------------------------------------------------- Update Information:
Backport patches for CVE-2022-{25308,25309,25310}. -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 28 2022 Sandro Mani manisandro@gmail.com - 1.0.10-5 - Backport patches for CVE-2022-25310, CVE-2022-25309, CVE-2022-25308 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2067040 - CVE-2022-25308 mingw-fribidi: fribidi: Stack based buffer overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2067040 [ 2 ] Bug #2067042 - CVE-2022-25309 mingw-fribidi: fribidi: Heap-buffer-overflow in fribidi_cap_rtl_to_unicode [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2067042 [ 3 ] Bug #2067046 - CVE-2022-25310 mingw-fribidi: fribidi: SEGV in fribidi_remove_bidi_marks [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2067046 --------------------------------------------------------------------------------
================================================================================ mingw-gdal-3.3.3-3.fc35 (FEDORA-2022-e85e37206b) MinGW Windows GDAL library -------------------------------------------------------------------------------- Update Information:
Update to gdal-3.3.3 and python-3.10.4. -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 4 2022 Sandro Mani manisandro@gmail.com - 3.3.3-4 - Backport patch for CVE-2021-45943 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2049069 - CVE-2021-45943 gdal: heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2049069 [ 2 ] Bug #2049070 - CVE-2021-45943 mingw-gdal: gdal: heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2049070 --------------------------------------------------------------------------------
================================================================================ mingw-openexr-3.1.4-1.fc35 (FEDORA-2022-f2e0d16c90) MinGW Windows openexr library -------------------------------------------------------------------------------- Update Information:
Fix CVE-2021-45942. -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 14 2022 Sandro Mani manisandro@gmail.com - 3.1.4-1 - Update to 3.1.4 * Thu Jan 20 2022 Fedora Release Engineering releng@fedoraproject.org - 3.1.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2051598 - CVE-2021-45942 mingw-openexr: OpenEXR: heap-based buffer overflow in Imf_3_1:LineCompositeTask:execute [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2051598 --------------------------------------------------------------------------------
================================================================================ mingw-openjpeg2-2.4.0-5.fc35 (FEDORA-2022-9515529c96) MinGW Windows openjpeg2 library -------------------------------------------------------------------------------- Update Information:
Fix CVE-2022-1122. -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 28 2022 Sandro Mani manisandro@gmail.com - 2.4.0-5 - Backport fix for CVE-2022-1122 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2069370 - CVE-2022-1122 mingw-openjpeg2: openjpeg: segmentation fault in opj2_decompress due to uninitialized pointer [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2069370 [ 2 ] Bug #2069371 - CVE-2022-1122 openjpeg2: openjpeg: segmentation fault in opj2_decompress due to uninitialized pointer [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2069371 --------------------------------------------------------------------------------
================================================================================ mingw-python-pillow-8.3.2-3.fc35 (FEDORA-2022-64332f2a7c) MinGW Windows Python pillow library -------------------------------------------------------------------------------- Update Information:
Backport fix for CVE-2022-24303. -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 28 2022 Sandro Mani manisandro@gmail.com - 8.3.2-3 - Backport fix for CVE-2022-24303 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2052683 - CVE-2022-24303 mingw-python-pillow: python-pillow: temporary directory with a space character allows removal of unrelated file after im.show() and related actions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2052683 --------------------------------------------------------------------------------
================================================================================ mingw-python3-3.10.4-1.fc35 (FEDORA-2022-e85e37206b) MinGW Windows python3 -------------------------------------------------------------------------------- Update Information:
Update to gdal-3.3.3 and python-3.10.4. -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 28 2022 Sandro Mani manisandro@gmail.com - 3.10.4-1 - Update to 3.10.4 * Fri Mar 25 2022 Sandro Mani manisandro@gmail.com - 3.10.3-2 - Rebuild with mingw-gcc-12 * Sun Mar 20 2022 Sandro Mani manisandro@gmail.com - 3.10.3-1 - Update to 3.10.3 * Mon Feb 28 2022 Sandro Mani manisandro@gmail.com - 3.10.2-14 - Re-add wrapper scripts under mingw host bin dir * Sun Feb 27 2022 Sandro Mani manisandro@gmail.com - 3.10.2-13 - Require python%{py_ver} rather than python(abi) = %{py_ver} * Wed Feb 23 2022 Sandro Mani manisandro@gmail.com - 3.10.2-12 - Rework macros * Thu Feb 17 2022 Sandro Mani manisandro@gmail.com - 3.10.2-11 - Rebuild (openssl) * Fri Feb 11 2022 Sandro Mani manisandro@gmail.com - 3.10.2-10 - Override runtime_library_dir_option in distutils Mingw32Compiler to prevent unsupported -Wl,--enable-new-dtags getting added to ldflags * Thu Feb 10 2022 Sandro Mani manisandro@gmail.com - 3.10.2-9 - Rebuild for new python dependency generator (take two) * Thu Feb 10 2022 Sandro Mani manisandro@gmail.com - 3.10.2-8 - Bump release * Thu Feb 10 2022 Sandro Mani manisandro@gmail.com - 3.10.2-7 - Add missing dependency generator namespace for provides * Thu Feb 10 2022 Sandro Mani manisandro@gmail.com - 3.10.2-6 - Rebuild for new python dependency generator * Thu Feb 10 2022 Sandro Mani manisandro@gmail.com - 3.10.2-5 - Install dependency generators * Sat Jan 22 2022 Sandro Mani manisandro@gmail.com - 3.10.2-4 - Also set CFLAGS/CXX/CXXFLAGS/LDFLAGS in mingw-python wrappers * Fri Jan 21 2022 Tom Stellard tstellar@redhat.com - 3.10.2-3 - Build fix for https://fedoraproject.org/wiki/Changes/SetBuildFlagsBuildCheck * Thu Jan 20 2022 Fedora Release Engineering releng@fedoraproject.org - 3.10.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Tue Jan 18 2022 Sandro Mani manisandro@gmail.com - 3.10.2-1 - Update to 3.10.2 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2049069 - CVE-2021-45943 gdal: heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2049069 [ 2 ] Bug #2049070 - CVE-2021-45943 mingw-gdal: gdal: heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2049070 --------------------------------------------------------------------------------
================================================================================ moolticute-0.55.0-1.fc35 (FEDORA-2022-0ae7ce75f7) Companion GUI application for Mooltipass password manager devices -------------------------------------------------------------------------------- Update Information:
**Changelog** All: * fix gnome on wayland crash * smaller window for small resolution screens * bug fix: mc-agent executable correct path * bug fix: Fix crash during service name change * better focus assist detection * simpler key combination for secret tabs on mac (ctrl+f1/f2/f3) * bug fix: Fix delete and rename account to the same name in MMM * Enable to rename login to empty string in MMM * Prevent changing login name to an existing one in MMM * Disable export db prompt when there is no monitored file * Do not save not confirmed changes when exiting MMM * bug fix: integrity check with orphan children nodes * duplicate service check in MMM BLE: * automatic bundle file parsing & password recognition * correct error message when not approving prompts after MMM * prompts for bundle version for v7 -------------------------------------------------------------------------------- ChangeLog:
* Sun Mar 27 2022 Arthur Bols arthur@bols.dev - 0.55.0-1 - Upstream release 0.55.0 * Thu Jan 20 2022 Fedora Release Engineering releng@fedoraproject.org - 0.53.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ netatalk-3.1.13-1.fc35 (FEDORA-2022-6ce2e9d7e9) Open Source Apple Filing Protocol(AFP) File Server -------------------------------------------------------------------------------- Update Information:
3.1.13 release -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 22 2022 Andrew Bauer zonexpertconsulting@outlook.com - 5:3.1.13-1 - 3.1.13 release * Thu Jan 20 2022 Fedora Release Engineering releng@fedoraproject.org - 5:3.1.12-28 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Tue Sep 14 2021 Sahana Prasad sahana@redhat.com - 5:3.1.12-27 - Rebuilt with OpenSSL 3.0.0 --------------------------------------------------------------------------------
================================================================================ openjpeg2-2.4.0-5.fc35 (FEDORA-2022-9515529c96) C-Library for JPEG 2000 -------------------------------------------------------------------------------- Update Information:
Fix CVE-2022-1122. -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 28 2022 Sandro Mani manisandro@gmail.com - 2.4.0-10 - Backport fix for CVE-2022-1122 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2069370 - CVE-2022-1122 mingw-openjpeg2: openjpeg: segmentation fault in opj2_decompress due to uninitialized pointer [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2069370 [ 2 ] Bug #2069371 - CVE-2022-1122 openjpeg2: openjpeg: segmentation fault in opj2_decompress due to uninitialized pointer [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2069371 --------------------------------------------------------------------------------
================================================================================ php-twig2-2.14.12-1.fc35 (FEDORA-2022-c4b7e8d632) The flexible, fast, and secure template engine for PHP -------------------------------------------------------------------------------- Update Information:
**Version 2.14.12** (2022-03-25) * Fix custom escapers when using multiple Twig environments * Do not reuse internally generated variable names during parsing -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 28 2022 Remi Collet remi@remirepo.net - 2.14.12-1 - update to 2.14.12 --------------------------------------------------------------------------------
================================================================================ php-twig3-3.3.9-1.fc35 (FEDORA-2022-08e5338549) The flexible, fast, and secure template engine for PHP -------------------------------------------------------------------------------- Update Information:
**Version 3.3.9** (2022-03-25) * Fix custom escapers when using multiple Twig environments * Add support for "constant('class', object)" * Do not reuse internally generated variable names during parsing -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 28 2022 Remi Collet remi@remirepo.net - 3.3.9-1 - update to 3.3.9 --------------------------------------------------------------------------------
================================================================================ plasma-wallpapers-dynamic-4.0.0~git20220328.d37f412-1.fc35 (FEDORA-2022-9d156dfa0b) Dynamic wallpaper plugin for KDE Plasma -------------------------------------------------------------------------------- Update Information:
Bump snapshot, fixes a crash when creating a preview ---- Initial package for Fedora -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 28 2022 I��aki ��car iucar@fedoraproject.org - 4.0.0~git20220328.d37f412-1 - Bump snapshot, fixes a crash when creating a preview * Sun Mar 27 2022 Neal Gompa ngompa@fedoraproject.org - 4.0.0~git20220327.ca7b129-1 - Bump to snapshot version using AVIF instead HEIF - Modernize spec - Add checks for appstream metainfo and desktop files * Wed Feb 9 2022 RPM Fusion Release Engineering sergiomb@rpmfusion.org - 3.3.9-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Tue Aug 3 2021 RPM Fusion Release Engineering leigh123linux@gmail.com - 3.3.9-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Sat Jun 5 2021 I��aki ��car iucar@fedoraproject.org - 3.3.9-1 - Update to v3.3.9 * Sat Nov 14 2020 I��aki ��car iucar@fedoraproject.org - 3.3.5-1 - Initial packaging for Fedora -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2068907 - Review Request: plasma-wallpapers-dynamic - Dynamic wallpaper plugin for KDE Plasma https://bugzilla.redhat.com/show_bug.cgi?id=2068907 --------------------------------------------------------------------------------
================================================================================ python-ast-monitor-0.1.2-1.fc35 (FEDORA-2022-44cee83c3f) AST-Monitor is a wearable Raspberry Pi computer for cyclists -------------------------------------------------------------------------------- Update Information:
New package -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 1 2022 Iztok Fister Jr. <iztokf AT fedoraproject DOT org> - 0.1.2-1 - Initial package --------------------------------------------------------------------------------
================================================================================ python-kiwisolver-1.4.1-1.fc35 (FEDORA-2022-07ae69445e) A fast implementation of the Cassowary constraint solver -------------------------------------------------------------------------------- Update Information:
Update to latest version -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 28 2022 Elliott Sales de Andrade quantum.analyst@gmail.com 1.4.1-1 - Update to latest version (#2068926) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2068926 - python-kiwisolver-1.4.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2068926 --------------------------------------------------------------------------------
================================================================================ python-myrepos-utils-0.0.1.1-1.fc35 (FEDORA-2022-2459a2dbb6) Additional utilities for myrepos -------------------------------------------------------------------------------- Update Information:
Initial Fedora release of myrepos-utils -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 28 2022 Michel Alexandre Salim salimma@fedoraproject.org 0.0.1.1-1 - Initial Fedora package -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2068623 - Review Request: python-myrepos-utils - Additional utilities for myrepos https://bugzilla.redhat.com/show_bug.cgi?id=2068623 --------------------------------------------------------------------------------
================================================================================ python-pillow-8.3.2-3.fc35 (FEDORA-2022-64332f2a7c) Python image processing library -------------------------------------------------------------------------------- Update Information:
Backport fix for CVE-2022-24303. -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 28 2022 Sandro Mani manisandro@gmail.com - 8.3.2-3 - Backport patch for CVE-2022-24303 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2052683 - CVE-2022-24303 mingw-python-pillow: python-pillow: temporary directory with a space character allows removal of unrelated file after im.show() and related actions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2052683 --------------------------------------------------------------------------------
================================================================================ remmina-1.4.25-2.fc35 (FEDORA-2022-91a639cd39) Remote Desktop Client -------------------------------------------------------------------------------- Update Information:
Bugfix release. - Add patch: 0001_vnc_close_all_close_git_55e2324a.patch - Add patch: 0002_rdp_possible_segv_git_3620efda.patch -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 28 2022 Phil Wyett philip.wyett@kathenas.org - 1.4.25-2 - Add patch: 0001_vnc_close_all_close_git_55e2324a.patch - Add patch: 0002_rdp_possible_segv_git_3620efda.patch --------------------------------------------------------------------------------
================================================================================ rust-1.59.0-4.fc35 (FEDORA-2022-3d2814b672) The Rust Programming Language -------------------------------------------------------------------------------- Update Information:
Fix wasm32-wasi's static archives. -------------------------------------------------------------------------------- ChangeLog:
* Fri Mar 25 2022 Josh Stone jistone@redhat.com - 1.59.0-4 - Fix the archive index for wasm32-wasi's libc.a * Fri Mar 4 2022 Stephen Gallagher sgallagh@redhat.com - 1.59.0-3 - Rebuild against the bootstrapped build * Fri Mar 4 2022 Stephen Gallagher sgallagh@redhat.com - 1.59.0-2.1 - Bootstrapping for Fedora ELN --------------------------------------------------------------------------------
================================================================================ rust-zram-generator-1.1.2-1.fc35 (FEDORA-2022-95003a8fd5) Systemd unit generator for zram swap devices -------------------------------------------------------------------------------- Update Information:
Minor bugfix update for the linked bug. -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 28 2022 Zbigniew J��drzejewski-Szmek zbyszek@in.waw.pl 1.1.2-1 - Version 1.1.2 * Mon Mar 28 2022 Zbigniew J��drzejewski-Szmek zbyszek@in.waw.pl 1.1.1-4 - Use correct path in Recommends (rhbz#2068983) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2037392 - zram generaor with writeback device - permission denied https://bugzilla.redhat.com/show_bug.cgi?id=2037392 [ 2 ] Bug #2069090 - rust-zram-generator-1.1.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2069090 --------------------------------------------------------------------------------
================================================================================ salt-3004.1-1.fc35 (FEDORA-2022-cdb12b5027) A parallel remote execution system -------------------------------------------------------------------------------- Update Information:
Update to CVE release 3004.1-1 for Python 3 -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 28 2022 Salt Project Packaging saltproject-packaging@vmware.com - 3004.1-1 - Update to CVE release 3004.1-1 for Python 3 * Tue Oct 19 2021 Salt Project Packaging saltproject-packaging@vmware.com - 3004-1 - Update to feature release 3004-1 for Python 3 --------------------------------------------------------------------------------
================================================================================ sdl-telnet-1.0.0-5.20220328gite0e2a91.fc35 (FEDORA-2022-e27536ed81) Simple RFC-compliant TELNET implementation for SDL-Hercules-390 -------------------------------------------------------------------------------- Update Information:
Update summary and description to make it clear this is a fork -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 28 2022 Davide Cavalca dcavalca@fedoraproject.org - 1.0.0-5.20220328gite0e2a91 - Update summary and description to make it clear this is a fork - Update to e0e2a91 git snapshot - Drop f32 logic and tidy up the specfile * Sat Jan 22 2022 Fedora Release Engineering releng@fedoraproject.org - 1.0.0-4.20210321git2aca101 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ solaar-1.1.2-1.fc35 (FEDORA-2022-4f397f8544) Device manager for a wide range of Logitech devices -------------------------------------------------------------------------------- Update Information:
# 1.1.2 * Update documentation on supported devices and translations * Include evdev as a dependency * Try to use uinput for fake input if XTest extension not available * Add Nano receiver C542 for M190 mice * Broaden range of HID++ Bluetooth devices * Add setting to divert gestures * Rule editor can edit all rule components * Configuation via solaar config takes effect in Solaar UI if it is running * Add setting to disable Onboard Profiles and decouple from Polling Rate setting * Add setting for PERSISTENT_REMAPPABLE_ACTION, common keyboard and mouse cases only * Split Test rule condition into Test and TestBytes and support in rule editor * Fix bug in speed-change setting * Support Backlight3 feature * Ensure that settings are pushed in resume * Update German, Polish, and zh_CN translations * Determine device number for direct-connected devices from protocol * fix bug in add and delete button actions in rule editor * dispose of no-op notifications quickly * add rule condition for checking device settings * use local file for conversion from key names to keysyms * get keyboard group and use to get correct keycodes (X11 only) * improve how rules work under Wayland * add settings for M-Key LEDs and MR-Key LED * fix bug in unpacking M and MR key notification * add G815 keyboard and MX518 mouse * add new special keys for recent keyboards * track M and MR keys for use in rules * make sure that device is online when searching for devices in solaar show * don't check for device kind in dpi sliding setting * fix problem with devices that report 0 DPI * handle missing divert-setting in action RW for settings * add id property (unitId or serial) and don't use ? for unknown serial * fix contains for NamedInts and eliminate use of has_element * check for xtest and disable modifier checking if not available * improve determination of gesture information * add Set rules to rule GUI * add gesture params to Set rules * hide system tray when there are no devices to control * add G733 headset, G9 mouse, G502 Hero mouse * Use greyscale solaar icon in tray when using symbolic icons * Fix bugs in solaar config * Use classes for settings to hep with modularity * Accept '~' and Toggle for toggling boolean settings in cli and rules * handle errors when writing to devices * refactor config_panel.py to use classes for widgets * add rules action to set Solaar settings * decrease amount of logging at each debug level * don't stretch toggles in settings * use key structure for key remapping setting * optimize ReprogrammableKey implementation * keep track of settings that are absent from device * add G512 keyboard and G402 mouse * reformat descriptors.py * use feature numbers for reprogrammable key versions * don't use new_from_icon_set in menu as it is deprecated -------------------------------------------------------------------------------- ChangeLog:
* Sun Mar 27 2022 Dominik Mierzejewski rpm@greysector.net - 1.1.2-1 - update to 1.1.2 (#2068769) - patch to lower evdev version requirement - add explicit build dependency on setuptools - sort build dependencies -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2068769 - solaar-1.1.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2068769 --------------------------------------------------------------------------------
================================================================================ twinkle-1.10.3-1.git15ece11.fc35 (FEDORA-2022-37c6c361b2) SIP-based VoIP client -------------------------------------------------------------------------------- Update Information:
Update to latest snapshot. -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 15 2022 Sandro Mani manisandro@gmail.com - 1.10.3-1.git15ece11 - Update to git 15ece11 * Sat Jan 22 2022 Fedora Release Engineering releng@fedoraproject.org - 1.10.2-12.git2301b66 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ wayland-1.20.0-4.fc35 (FEDORA-2022-ca717e6f35) Wayland Compositor Infrastructure -------------------------------------------------------------------------------- Update Information:
Close file descriptors not needed -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 21 2022 Olivier Fourdan ofourdan@redhat.com - 1.20.0-4 - Close file descriptors not needed rhbz#2062030 * Sat Jan 22 2022 Fedora Release Engineering releng@fedoraproject.org - 1.20.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Sat Jan 8 2022 Miro Hron��ok mhroncok@redhat.com - 1.20.0-2 - Rebuilt for https://fedoraproject.org/wiki/Changes/LIBFFI34 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2062030 - Xwayland fails with "wl_display@1: error 1: invalid arguments for wl_shm@6.create_pool" https://bugzilla.redhat.com/show_bug.cgi?id=2062030 --------------------------------------------------------------------------------