The following Fedora 30 Security updates need testing: Age URL 29 https://bodhi.fedoraproject.org/updates/FEDORA-2019-71b2273a9f libarchive-3.3.3-7.fc30 11 https://bodhi.fedoraproject.org/updates/FEDORA-2019-69da274284 grub2-2.02-87.fc30 7 https://bodhi.fedoraproject.org/updates/FEDORA-2019-11dddb785b samba-4.10.11-0.fc30 7 https://bodhi.fedoraproject.org/updates/FEDORA-2019-1cec196e20 git-2.21.1-1.fc30 6 https://bodhi.fedoraproject.org/updates/FEDORA-2019-533a72fec5 fribidi-1.0.5-5.fc30 6 https://bodhi.fedoraproject.org/updates/FEDORA-2019-46b6bd2459 libssh-0.9.3-1.fc30 6 https://bodhi.fedoraproject.org/updates/FEDORA-2019-6bf27b45b3 cacti-1.2.8-1.fc30 cacti-spine-1.2.8-1.fc30 5 https://bodhi.fedoraproject.org/updates/FEDORA-2019-8f27a14efa chromium-79.0.3945.79-1.fc30 5 https://bodhi.fedoraproject.org/updates/FEDORA-2019-2e12bd3a9a xen-4.11.3-2.fc30 5 https://bodhi.fedoraproject.org/updates/FEDORA-2019-1051e10c1e wordpress-5.3.1-1.fc30 5 https://bodhi.fedoraproject.org/updates/FEDORA-2019-3230b2aae9 spamassassin-3.4.3-1.fc30 5 https://bodhi.fedoraproject.org/updates/FEDORA-2019-c7b5103d2a unbound-1.9.6-1.fc30 3 https://bodhi.fedoraproject.org/updates/FEDORA-2019-c4177f74f5 drupal7-l10n_update-2.3-1.fc30 3 https://bodhi.fedoraproject.org/updates/FEDORA-2019-6abe00cae1 drupal7-webform-4.21-1.fc30 1 https://bodhi.fedoraproject.org/updates/FEDORA-2019-7938c21723 cyrus-imapd-3.0.13-1.fc30 0 https://bodhi.fedoraproject.org/updates/FEDORA-2019-437d94e271 php-7.3.13-1.fc30 0 https://bodhi.fedoraproject.org/updates/FEDORA-2019-e039dfaa30 htmldoc-1.9.7-1.fc30
The following Fedora 30 Critical Path updates have yet to be approved: Age URL 161 https://bodhi.fedoraproject.org/updates/FEDORA-2019-c05e4425d1 dash-0.5.10.2-3.fc30 29 https://bodhi.fedoraproject.org/updates/FEDORA-2019-71b2273a9f libarchive-3.3.3-7.fc30 21 https://bodhi.fedoraproject.org/updates/FEDORA-2019-ed226e6112 xorg-x11-server-1.20.6-1.fc30 13 https://bodhi.fedoraproject.org/updates/FEDORA-2019-1c4b3119a7 passwd-0.80-7.fc30 13 https://bodhi.fedoraproject.org/updates/FEDORA-2019-0d122cc67a dnf-4.2.17-1.fc30 dnf-plugins-core-4.0.12-1.fc30 libcomps-0.1.14-1.fc30 libdnf-0.39.1-1.fc30 microdnf-3.3.0-1.fc30 11 https://bodhi.fedoraproject.org/updates/FEDORA-2019-32a8da0e3a bash-5.0.11-1.fc30 11 https://bodhi.fedoraproject.org/updates/FEDORA-2019-69da274284 grub2-2.02-87.fc30 11 https://bodhi.fedoraproject.org/updates/FEDORA-2019-b436a3156c gnupg2-2.2.18-2.fc30 11 https://bodhi.fedoraproject.org/updates/FEDORA-2019-df017ddeb7 pungi-4.1.41-3.fc30 10 https://bodhi.fedoraproject.org/updates/FEDORA-2019-decb570505 python-jsonschema-3.2.0-1.fc30 8 https://bodhi.fedoraproject.org/updates/FEDORA-2019-395944db07 glib-networking-2.60.4-1.fc30 8 https://bodhi.fedoraproject.org/updates/FEDORA-2019-11d1e41933 librepo-1.11.1-1.fc30 7 https://bodhi.fedoraproject.org/updates/FEDORA-2019-bd81ed62bf make-4.2.1-14.fc30 7 https://bodhi.fedoraproject.org/updates/FEDORA-2019-1cec196e20 git-2.21.1-1.fc30 7 https://bodhi.fedoraproject.org/updates/FEDORA-2019-3454e38e8c supermin-5.1.20-11.fc30 7 https://bodhi.fedoraproject.org/updates/FEDORA-2019-212afebfaf emacs-26.3-1.fc30 7 https://bodhi.fedoraproject.org/updates/FEDORA-2019-11dddb785b samba-4.10.11-0.fc30 7 https://bodhi.fedoraproject.org/updates/FEDORA-2019-8bcab526a8 tigervnc-1.10.0-2.fc30 6 https://bodhi.fedoraproject.org/updates/FEDORA-2019-6a84b238e6 libedit-3.1-30.20191211cvs.fc30 6 https://bodhi.fedoraproject.org/updates/FEDORA-2019-46b6bd2459 libssh-0.9.3-1.fc30 5 https://bodhi.fedoraproject.org/updates/FEDORA-2019-2e12bd3a9a xen-4.11.3-2.fc30 1 https://bodhi.fedoraproject.org/updates/FEDORA-2019-888f4b53e8 python3-3.7.5-2.fc30 0 https://bodhi.fedoraproject.org/updates/FEDORA-2019-2c34f36434 libsolv-0.7.10-1.fc30 0 https://bodhi.fedoraproject.org/updates/FEDORA-2019-e531f61d41 libseccomp-2.4.2-2.fc30
The following builds have been pushed to Fedora 30 updates-testing
adobe-source-sans-pro-fonts-3.006-1.fc30 cinnamon-settings-daemon-4.4.0-2.fc30 dc3dd-7.2.646-9.fc30 drupal7-7.69-1.fc30 freeciv-2.6.1-1.fc30 glpi-9.4.5-1.fc30 libfm-qt-0.14.1-4.fc30_2 mongo-c-driver-1.15.3-1.fc30 php-getid3-1.9.19-1.fc30 python-sqlalchemy-1.3.12-1.fc30 rng-tools-6.9-1.fc30 vim-8.2.019-1.fc30 wafw00f-2.0.0-1.fc30
Details about builds:
================================================================================ adobe-source-sans-pro-fonts-3.006-1.fc30 (FEDORA-2019-3797947ebe) A set of OpenType fonts designed for user interfaces -------------------------------------------------------------------------------- Update Information:
* Harmonizes glyph set between Roman and Italic styles (with the exception of small capitals) * Adds Cyrillic and Greek to italic fonts (GitHub issue [#87](https://github.com/adobe-fonts/source-sans-pro/issues/87)) * Adds Bulgarian Cyrillic support to fonts (GitHub issue [#104](https://github.com/adobe-fonts/source-sans-pro/issues/104)) * Adjusts the sizing of geometric shapes (GitHub issue [#39](https://github.com/adobe- fonts/source-sans-pro/issues/39)) * Changes florin (U+0192) to letter form (GitHub issue [#42](https://github.com/adobe-fonts/source-sans-pro/issues/42)) * Fixes broken Greek transliteration character sequence for macron + acute (uni0304 + uni0301) (GitHub issue [#74](https://github.com/adobe-fonts/source- sans-pro/issues/74)) * Fixes issue with glyphs not reachable by feature (GitHub issue [#147](https://github.com/adobe-fonts/source-sans-pro/issues/147)) * Restores caron alternate (caroncmb.a) (GitHub issue [#149](https://github.com/adobe-fonts/source-sans-pro/issues/149)) * Adds support for ERASE TO THE RIGHT (U+2326) (GitHub issue [#153](https://github.com/adobe-fonts/source-sans-pro/issues/153)) * Adds COPYLEFT sign (U+1F12F) (GitHub issue [#156](https://github.com/adobe- fonts/source-sans-pro/issues/156)) * Adds diacritics for Pe��h-��e-j�� (U+030D, U+0358) (GitHub issue [#157](https://github.com/adobe-fonts/source-sans- pro/issues/157)) * Adds support for two IPA superscripts: h hook and glottal stop modifiers (U+02B1, U+02C0) (GitHub issue [#160](https://github.com/adobe- fonts/source-sans-pro/issues/160)) * Adds lookupflag IgnoreMarks to kern feature (GitHub issue [#167](https://github.com/adobe-fonts/source-sans-pro/issues/167)) -------------------------------------------------------------------------------- ChangeLog:
* Wed Dec 18 2019 Mohamed El Morabity melmorabity@fedoraproject.org - 3.006-1 - Update to 3.006 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1784630 - None https://bugzilla.redhat.com/show_bug.cgi?id=1784630 --------------------------------------------------------------------------------
================================================================================ cinnamon-settings-daemon-4.4.0-2.fc30 (FEDORA-2019-0a538f130b) The daemon sharing settings from CINNAMON to GTK+/KDE applications -------------------------------------------------------------------------------- Update Information:
- Restore old check for logind -------------------------------------------------------------------------------- ChangeLog:
* Wed Dec 18 2019 Leigh Scott leigh123linux@googlemail.com - 4.4.0-2 - Restore old check for logind -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1784779 - Suspend does not work from cinnamon quit menu suspend button even though 'systemctl suspend' does work https://bugzilla.redhat.com/show_bug.cgi?id=1784779 --------------------------------------------------------------------------------
================================================================================ dc3dd-7.2.646-9.fc30 (FEDORA-2019-2e604cc8a7) Patched version of GNU dd for use in computer forensics -------------------------------------------------------------------------------- Update Information:
Update to bugfix release. Fix FTBS. -------------------------------------------------------------------------------- ChangeLog:
* Mon Oct 28 2019 Michal Ambroz <rebus [AT] seznam.cz> - 7.2.646-9 - License change to GPLv3+ (the lib/getdate.c is no longer gplv2+) * Sun Oct 20 2019 Michal Ambroz <rebus [AT] seznam.cz> - 7.2.646-8 - use Archlinux patch to fix FTBFS, do not update gnulib embedded library files * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 7.2.646-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Tue Aug 28 2018 Michal Ambroz <rebus [AT] seznam.cz> - 7.2.646-6 - fix FTBFS, update gnulib embedded library files * Thu Jul 12 2018 Fedora Release Engineering releng@fedoraproject.org - 7.2.646-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ drupal7-7.69-1.fc30 (FEDORA-2019-5f1a2cc839) An open-source content-management platform -------------------------------------------------------------------------------- Update Information:
RPM notes: - All docs are now in `/usr/share/doc/drupal7/` - All licenses are now in `/usr/share/licenses/drupal7/` - Requires have been updated to include all [phpcompatinfo](http://php5.laurent-laville.org/compatinfo/) extension findings ### 7.69 Maintenance and security release of the Drupal 7 series. This release fixes **security vulnerabilities**. Sites are **[urged to upgrade immediately](https://www.drupal.org/docs/7/update/introduction)** after reading the notes below and the security announcement: - [Drupal core - Critical - Multiple vulnerabilities - SA-CORE-2019-012](https://www.drupal.org/sa- core-2019-012) No other fixes are included. #### Important update information - Drupal 7 includes a bundled version of the pear/archive_tar project, the included version has been updated from 1.4.5 to 1.4.9 in order to mitigate [Drupal core - Critical - Multiple vulnerabilities - SA- CORE-2019-012](https://www.drupal.org/sa-core-2019-012) No changes have been made to the `.htaccess`, `web.config`, `robots.txt`, or default `settings.php` files in this release, so upgrading custom versions of those files is not necessary. ### 7.68 Maintenance release of the Drupal 7 series. Includes bug fixes and small API/feature improvements only (no major, non-backwards- compatible new functionality). No security fixes are included in this release. **This is the first release to fully support PHP 7.3. Please test and report any bugs in the issue queue.** No changes have been made to robots.txt in this release, so upgrading custom versions of that file is not necessary. However, changes have been made to .htaccess, web.config and sites/default/default.settings.php in this release. The .htaccess and web.config changes are detailed in this Change Record: - Access to web.config is blocked in .htaccess (and vice-versa): https://www.drupal.org/node/3098687 Upgrading custom versions of .htaccess and web.config to incorporate this change is recommended, but not required. There is one change to the sites/default/default.settings.php file in this release, but the only change is to file permissions: - [Regression] Fix default.settings.php permission: https://www.drupal.org/node/3035772 #### Major changes since 7.67 - Fully support PHP 7.3 - drupal_http_request() accepts data as an array in Drupal 7 - Access to web.config is blocked in .htaccess (and vice-versa) - New "scripts" element - theme_table() takes an optional footer variable and produces <tfoot> #### All changes since 7.67 - #3098664 by mcdruid: drupal_http_build_query() only accepts arrays (followup to #3059391) - #3097342 by mcdruid, Fabianx: Prepare Drupal 7.68 (CHANGELOG.txt) - #3088938 by DamienMcKenna, webchick, mcdruid: Update the D7 maintainers list - #2902430 by stefanos.petrakis, joseph.olstad, SergFromSD, kiamlaluno, Ayesh, mcdruid, alexpott: [PHP 7.1] A non-numeric value encountered in theme_pager() - #2472025 by stupiddingo, stefanos.petrakis: [D7] Hide toolbar when printing - #2171113 by Pol, wiifm, mw4ll4c3, David_Rothstein, douggreen, Fabianx: Settings returned via ajax are not run through hook_js_alter() - #3059391 by Liam Morland: Use drupal_http_build_query() in drupal_http_request() - #2966335 by mcdruid, dvandijk, David_Rothstein: Avoid DrupalRequestSanitizer not found fatal error when bootstrap phase order is changed - #3025335 by mcdruid, mfb, joseph.olstad, Fabianx, kiamlaluno, Pol: [PHP 7.3] Cannot change session id when session is active - #3055805 by mcdruid, greggles, Ayesh, Darren Oh, David_Rothstein, sidharrell, pwolanin, mkalkbrenner, Sweetchuck, YesCT: file.inc generated .htaccess does not cover PHP 7 - #3047412 by mcdruid, Chi, beckydev, DKAN, alexpott, sammuell, rabbitlair, longwave, greggles, interX: Block web.config in .htaccess (and vice-versa) - #3047844 by mfb, jordanwood, Taran2L: Fix test failures on PHP 5.3 - #3088557: Add mcdruid as provisional Drupal 7 branch maintainer - #3051370 by Pol, markcarver, Fabianx: Create "scripts" element to align rendering workflow to how "styles" are handled - #2814031 by Liam Morland: In drupal_http_request(), allow passing data as array - #1861604 by hefox, joseph.olstad, Sivaji, mgifford, webchick: Skip module_invoke/module_hook in calling hook_watchdog (excessive function_exist) - #2666908 by iamEAP, cilefen: HTTP status 200 returned for ���Additional uncaught exception thrown while handling exception��� - #1892654 by Pol, willvincent, Fabianx: D7 Backport: theme_table() should take an optional footer variable and produce - #3009351 by Pol, mfb, BrianLP: [PHP ��� 7.2] "session_id(): Cannot change session id" - #2684337 by geoffray, Pol, jweowu, Fabianx: Warning: uasort() expects parameter 1 to be array, null given in node_view_multiple() - #3035772 by Pol: [Regression] Fix default.settings.php permission -------------------------------------------------------------------------------- ChangeLog:
* Wed Dec 18 2019 Shawn Iwinski shawn.iwinski@gmail.com - 7.69-1 - Update to 7.69 (RHBZ #1784967 / SA-CORE-2019-012) - https://www.drupal.org/sa-core-2019-012 * Mon Dec 16 2019 Shawn Iwinski shawn.iwinski@gmail.com - 7.68-2 - Fix ssh2 dependency (`php-ssh2` => `php-pecl(ssh2)`) * Sat Dec 14 2019 Shawn Iwinski shawn.iwinski@gmail.com - 7.68-1 - Update to 7.68 (RHBZ #1779680) - Use official drupal.org source - Expand requires to include full phpcompatinfo findings - Spec, docs, licenses, and %files revamp -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1779680 - drupal7-7.68 is available https://bugzilla.redhat.com/show_bug.cgi?id=1779680 [ 2 ] Bug #1784967 - drupal7-7.69 is available https://bugzilla.redhat.com/show_bug.cgi?id=1784967 --------------------------------------------------------------------------------
================================================================================ freeciv-2.6.1-1.fc30 (FEDORA-2019-c2aec590a6) A multi-player strategy game -------------------------------------------------------------------------------- Update Information:
2.6.1 -------------------------------------------------------------------------------- ChangeLog:
* Wed Dec 18 2019 Gwyn Ciesla gwync@protonmail.com - 2.6.1-1 - 2.6.1 * Thu Jul 25 2019 Fedora Release Engineering releng@fedoraproject.org - 2.6.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ glpi-9.4.5-1.fc30 (FEDORA-2019-2c514fbf79) Free IT asset management software -------------------------------------------------------------------------------- Update Information:
**Version 9.4.5** Non exhaustive list of changes: * add link PDU on tickets, * fix several issues on search queries, * fix LDAP group import, * fix linking on ITIL objects depending on status * fix case issues synchronizing Active Directoy emails * and more! See [changelog](https://github.com/glpi-project/glpi/milestone/38?closed=1) for details. -------------------------------------------------------------------------------- ChangeLog:
* Wed Dec 18 2019 Remi Collet remi@remirepo.net - 9.4.5-1 - update to 9.4.5 - disable test suite with PHP 7.4 --------------------------------------------------------------------------------
================================================================================ libfm-qt-0.14.1-4.fc30_2 (FEDORA-2019-34e73ef1ec) Companion library for PCManFM -------------------------------------------------------------------------------- Update Information:
rebuild libfm-qt for qt5-qtbase-5.12.5 -------------------------------------------------------------------------------- ChangeLog:
* Wed Dec 18 2019 Zamir SUN sztsian@gmail.com - 0.14.1-4_2 - rebuild for qt5-qtbase-5.12.5 - Fixes RHBZ 1774360 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1774360 - libfm-qt need to be rebuilt for qt5-qtbase-5.12.5 https://bugzilla.redhat.com/show_bug.cgi?id=1774360 --------------------------------------------------------------------------------
================================================================================ mongo-c-driver-1.15.3-1.fc30 (FEDORA-2019-0a4c78809c) Client library written in C for MongoDB -------------------------------------------------------------------------------- Update Information:
**Version 1.15.3** Bug fixes: * Fix a hang on macOS when connecting to a server over TLS * Add zstd as a dependency when libmongoc static library is compiled with zstd support * Fix compilation on AIX 6.1 -------------------------------------------------------------------------------- ChangeLog:
* Wed Dec 18 2019 Remi Collet remi@remirepo.net - 1.15.3-1 - update to 1.15.3 --------------------------------------------------------------------------------
================================================================================ php-getid3-1.9.19-1.fc30 (FEDORA-2019-956e3dd69a) The PHP media file parser -------------------------------------------------------------------------------- Update Information:
**Version 1.9.19**: (2019-12-17) * add placeholder support for WTV (Windows Recorded TV Show) * bugfix (G:210) PHP 7.4 deprecated get_magic_quotes * bugfix (G:207) improved LAME version string parsing * bugfix (G:206) inverted logic in CopyTagsToComments * bugfix (G:203) use getimagesizefromstring if available * Quicktime decode 'uuid' atom for 360fly cameras -------------------------------------------------------------------------------- ChangeLog:
* Wed Dec 18 2019 Remi Collet remi@remirepo.net - 1.9.19-1 - update to 1.9.19 --------------------------------------------------------------------------------
================================================================================ python-sqlalchemy-1.3.12-1.fc30 (FEDORA-2019-08d5923d78) Modular and flexible ORM library for python -------------------------------------------------------------------------------- Update Information:
This is a bugfix release. The upstream [announcement](https://www.sqlalchemy.or g/blog/2019/12/16/sqlalchemy-1.3.12-released/) contains a summary and the [chang elog](https://docs.sqlalchemy.org/en/13/changelog/changelog_13.html#change-1.3.1 2) contains a detailed list of changes in version 1.3.12. -------------------------------------------------------------------------------- ChangeLog:
* Wed Dec 18 2019 Nils Philippsen nils@tiptoe.de - 1.3.12-1 - version 1.3.12 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1784124 - python-sqlalchemy-1.3.12 is available https://bugzilla.redhat.com/show_bug.cgi?id=1784124 --------------------------------------------------------------------------------
================================================================================ rng-tools-6.9-1.fc30 (FEDORA-2019-b6158d5147) Random number generator related utilities -------------------------------------------------------------------------------- Update Information:
Update to latest upstream (bz 1781346) -------------------------------------------------------------------------------- ChangeLog:
* Wed Dec 18 2019 Neil Horman nhorman@redhat.com - 6.9-1 - Update to latest upstream (bz 1781346( -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1781346 - rngd uses 100% CPU while in a yield() loop https://bugzilla.redhat.com/show_bug.cgi?id=1781346 --------------------------------------------------------------------------------
================================================================================ vim-8.2.019-1.fc30 (FEDORA-2019-870994ef73) The VIM editor -------------------------------------------------------------------------------- Update Information:
The newest upstream commit -------------------------------------------------------------------------------- ChangeLog:
* Wed Dec 18 2019 Zdenek Dohnal zdohnal@redhat.com - 2:8.2.019-1 - patchlevel 019 * Mon Dec 16 2019 Zdenek Dohnal zdohnal@redhat.com - 2:8.2.012-1 - patchlevel 012 * Thu Dec 12 2019 Zdenek Dohnal zdohnal@redhat.com - 2:8.1.2424-1 - patchlevel 2424 * Thu Nov 28 2019 Zdenek Dohnal zdohnal@redhat.com - 2:8.1.2352-1 - patchlevel 2352 * Thu Nov 28 2019 Zdenek Dohnal zdohnal@redhat.com - 2:8.1.2267-2 - leave out f29, will be soon EOL --------------------------------------------------------------------------------
================================================================================ wafw00f-2.0.0-1.fc30 (FEDORA-2019-827b8f2d61) A tool to identifies and fingerprints Web Application Firewall (WAF) -------------------------------------------------------------------------------- Update Information:
Update to latest upstream release 2.0.0 -------------------------------------------------------------------------------- ChangeLog:
* Wed Dec 18 2019 Fabian Affolter mail@fabian-affolter.ch - 2.0.0-1 - Update to latest upstream release 2.0.0 - Fix installation issue (rhbz#1770879) - Remove patch * Mon Oct 7 2019 Fabian Affolter mail@fabian-affolter.ch - 1.0.0-3 - Add patch to remove release pinning * Wed Sep 11 2019 Fabian Affolter mail@fabian-affolter.ch - 1.0.0-2 - Remane BRs * Sun May 5 2019 Fabian Affolter mail@fabian-affolter.ch - 1.0.0-1 - Fix files section and add tests - Update to latest upstream release 1.0.0 * Thu Apr 11 2019 Fabian Affolter mail@fabian-affolter.ch - 0.9.6-1 - Update to latest upstream release 0.9.6 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1770879 - wafw00f fails to install in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1770879 --------------------------------------------------------------------------------