The following Fedora 34 Security updates need testing:
Age URL
85
https://bodhi.fedoraproject.org/updates/FEDORA-2022-6aba96e1b8
radare2-5.6.4-1.fc34
37
https://bodhi.fedoraproject.org/updates/FEDORA-2022-63de6726ce
libinput-1.19.4-1.fc34
5
https://bodhi.fedoraproject.org/updates/FEDORA-2022-e980dc71b1
golang-github-opencontainers-runc-1.1.2-1.fc34
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-6e226a21ed weechat-3.5-2.fc34
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-8ebd42ce1c
thunderbird-91.9.1-1.fc34
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-c5a8d2c7f4
firefox-100.0.2-2.fc34
The following Fedora 34 Critical Path updates have yet to be approved:
Age URL
415
https://bodhi.fedoraproject.org/updates/FEDORA-2021-1300e131b6 ddpt-0.96-4.fc34
ledmon-0.95-4.fc34 libgpod-0.8.3-38.fc34 libzfcphbaapi-2.2.0-12.fc34 lsvpd-1.7.11-6.fc34
sg3_utils-1.46-1.fc34 udisks-1.0.5-18.fc34
137
https://bodhi.fedoraproject.org/updates/FEDORA-2022-e3b891fe11 gdb-11.1-7.fc34
85
https://bodhi.fedoraproject.org/updates/FEDORA-2022-8f3103b973
hwdata-0.357-1.fc34
66
https://bodhi.fedoraproject.org/updates/FEDORA-2022-dab75a01b8
gnome-shell-40.10-1.fc34 gnome-shell-extensions-40.7-1.fc34 mutter-40.10-1.fc34
52
https://bodhi.fedoraproject.org/updates/FEDORA-2022-eb1d10aba3 libldb-2.3.3-1.fc34
samba-4.14.13-0.fc34
37
https://bodhi.fedoraproject.org/updates/FEDORA-2022-63de6726ce
libinput-1.19.4-1.fc34
13
https://bodhi.fedoraproject.org/updates/FEDORA-2022-b9a676a6de
libretls-3.5.2-1.fc34 netcat-1.218-5.fc34 rpki-client-7.8-2.fc34
13
https://bodhi.fedoraproject.org/updates/FEDORA-2022-4f0b4a4d73
linux-firmware-20220509-132.fc34
10
https://bodhi.fedoraproject.org/updates/FEDORA-2022-43cfd2bbc1 rsync-3.2.4-1.fc34
7
https://bodhi.fedoraproject.org/updates/FEDORA-2022-1180dadb39
ansible-packaging-1-5.fc34 redhat-rpm-config-184-1.fc34
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-45ea77ca58
python3-docs-3.9.13-1.fc34 python3.9-3.9.13-1.fc34
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-4bb6cff5a1
libdv-1.0.0-36.fc34
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-c5a8d2c7f4
firefox-100.0.2-2.fc34
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-8ebd42ce1c
thunderbird-91.9.1-1.fc34
The following builds have been pushed to Fedora 34 updates-testing
ckb-next-0.5.0-1.fc34
dotnet3.1-3.1.419-1.fc34
gnome-shell-extension-system-monitor-applet-38-18.20220527gitb359d88.fc34
gnutls-3.7.6-1.fc34
logrotate-3.18.0-5.fc34
python-catkin_pkg-0.5.2-1.fc34
python-rospkg-1.4.0-1.fc34
Details about builds:
================================================================================
ckb-next-0.5.0-1.fc34 (FEDORA-2022-ae1f5ab39c)
Unofficial driver for Corsair RGB keyboards
--------------------------------------------------------------------------------
Update Information:
Update to v0.5.0
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 27 2022 Artur Frenszek-Iwicki <fedora(a)svgames.pl> - 0.5.0-1
- Update to v0.5.0
--------------------------------------------------------------------------------
================================================================================
dotnet3.1-3.1.419-1.fc34 (FEDORA-2022-21c312c05b)
.NET Core Runtime and SDK
--------------------------------------------------------------------------------
Update Information:
Upstream release notes:
https://github.com/dotnet/core/blob/main/release-
notes/3.1/3.1.25/3.1.25.md
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 26 2022 Omair Majid <omajid(a)redhat.com> - 3.1.419-1
- Update to .NET SDK 3.1.419 and Runtime 3.1.25
--------------------------------------------------------------------------------
================================================================================
gnome-shell-extension-system-monitor-applet-38-18.20220527gitb359d88.fc34
(FEDORA-2022-164274ed61)
A Gnome shell system monitor extension
--------------------------------------------------------------------------------
Update Information:
Added built for RHEL9
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 27 2022 Nicolas Vi��ville <nicolas.vieville(a)uphf.fr> -
1:38-18.20220527gitb359d88
- Added built for RHEL9
- Updated to last upstream commits
- Updated Brazilian Portuguese and Portuguese translations
- Updated README.md file
* Tue Mar 1 2022 Nicolas Vi��ville <nicolas.vieville(a)uphf.fr> -
1:38-17.20220301git2c6eb0a
- Updated to last upstream commits
- Added support for gnome 42
- Fixes SPEC file for rpmlint error rpm-buildroot-usage
* Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
1:38-16.20211103git11d43a8
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
gnutls-3.7.6-1.fc34 (FEDORA-2022-d46bf7581b)
A TLS protocol implementation
--------------------------------------------------------------------------------
Update Information:
Rebase gnutls to version 3.7.6 ---- Rebase gnutls to version 3.7.5
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 27 2022 Zoltan Fridrich <zfridric(a)redhat.com> 3.7.6-1
- [packit] 3.7.6 upstream release
* Tue May 17 2022 Zoltan Fridrich <zfridric(a)redhat.com> 3.7.5-1
- [packit] 3.7.5 upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2084825 - gnutls-3.7.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2084825
[ 2 ] Bug #2087520 - anaconda (Python) crashes with gnutls 3.7.5: free(): invalid next
size (fast)
https://bugzilla.redhat.com/show_bug.cgi?id=2087520
--------------------------------------------------------------------------------
================================================================================
logrotate-3.18.0-5.fc34 (FEDORA-2022-14f7b1a698)
Rotates, compresses, removes and mails system log files
--------------------------------------------------------------------------------
Update Information:
- lockState: do not print `error:` when exit code is unaffected (#2090926) ----
- fix potential DoS from unprivileged users via the state file (CVE-2022-1348)
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 27 2022 Kamil Dudka <kdudka(a)redhat.com> - 3.18.0-5
- lockState: do not print `error:` when exit code is unaffected (#2090926)
* Wed May 25 2022 Kamil Dudka <kdudka(a)redhat.com> - 3.18.0-4
- fix potential DoS from unprivileged users via the state file (CVE-2022-1348)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2090272 - CVE-2022-1348 logrotate: potential DoS from unprivileged users via
the state file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2090272
[ 2 ] Bug #2090926 - error: state file /var/lib/logrotate/logrotate.status is
world-readable and thus can be locked from other unprivileged users. Skipping lock
acquisition
https://bugzilla.redhat.com/show_bug.cgi?id=2090926
--------------------------------------------------------------------------------
================================================================================
python-catkin_pkg-0.5.2-1.fc34 (FEDORA-2022-5a7d09bd92)
Library for retrieving information about catkin packages
--------------------------------------------------------------------------------
Update Information:
Update to the latest ROS infrastructure package releases
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 27 2022 Scott K Logan <logans(a)cottsay.net> - 0.5.2-1
- Update to 0.5.2 (rhbz#2090928)
--------------------------------------------------------------------------------
================================================================================
python-rospkg-1.4.0-1.fc34 (FEDORA-2022-5a7d09bd92)
Utilities for ROS package, stack, and distribution information
--------------------------------------------------------------------------------
Update Information:
Update to the latest ROS infrastructure package releases
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 27 2022 Scott K Logan <logans(a)cottsay.net> - 1.4.0-1
- Update to 1.4.0
--------------------------------------------------------------------------------