[SECURITY] Fedora 31 Update: PyYAML-5.3-2.fc31
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-3162499159
2020-02-29 22:31:35.495168
--------------------------------------------------------------------------------
Name : PyYAML
Product : Fedora 31
Version : 5.3
Release : 2.fc31
URL : https://github.com/yaml/pyyaml
Summary : YAML parser and emitter for Python
Description :
YAML is a data serialization format designed for human readability and
interaction with scripting languages. PyYAML is a YAML parser and
emitter for Python.
PyYAML features a complete YAML 1.1 parser, Unicode support, pickle
support, capable extension API, and sensible error messages. PyYAML
supports standard YAML tags and provides Python-specific tags that
allow to represent an arbitrary Python object.
PyYAML is applicable for a broad range of tasks from complex
configuration files to object serialization and persistence.
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2019-20477
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 28 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 5.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Mon Jan 6 2020 John Eckersberg <eck(a)redhat.com> - 5.3-1
- New upstream release 5.3
* Tue Dec 3 2019 John Eckersberg <eck(a)redhat.com> - 5.2-1
- New upstream release 5.2
* Fri Nov 22 2019 John Eckersberg <eck(a)redhat.com> - 5.1.2-4
- Build without python2 by default (rhbz#1775075)
* Thu Sep 19 2019 Miro Hron��ok <mhroncok(a)redhat.com> - 5.1.2-3
- Stop providing PyYAML from python2-pyyaml, Python now means Python 3
* Thu Aug 15 2019 Miro Hron��ok <mhroncok(a)redhat.com> - 5.1.2-2
- Rebuilt for Python 3.8
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1806005 - CVE-2019-20477 PyYAML: command execution through python/object/apply constructor in FullLoader
https://bugzilla.redhat.com/show_bug.cgi?id=1806005
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-3162499159' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
4 years
Fedora 31 Update: rust-afterburn-4.3.1-2.fc31
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-aa8c1e9575
2020-02-29 22:31:35.495155
--------------------------------------------------------------------------------
Name : rust-afterburn
Product : Fedora 31
Version : 4.3.1
Release : 2.fc31
URL : https://crates.io/crates/afterburn
Summary : Simple cloud provider agent
Description :
Simple cloud provider agent.
--------------------------------------------------------------------------------
Update Information:
New package
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 11 2020 Igor Raits <ignatenkobrain(a)fedoraproject.org> - 4.3.1-2
- Update deps
* Fri Feb 7 2020 Robert Fairley <rfairley(a)redhat.com> - 4.3.1-1
- Update to 4.3.1
* Thu Jan 30 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.2.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Thu Jan 9 2020 Josh Stone <jistone(a)redhat.com> - 4.2.0-2
- Bump to nix 0.16, mockito 0.22
* Tue Oct 15 2019 Robert Fairley <rfairley(a)redhat.com> - 4.2.0-1
- Update to 4.2.0
* Sat Sep 21 2019 Igor Gnatenko <ignatenkobrain(a)fedoraproject.org> - 4.1.3-1
- Update to 4.1.3
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-aa8c1e9575' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
4 years
Fedora 31 Update: oomd-0.3.2-1.fc31
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-88372e5025
2020-02-29 22:31:35.495141
--------------------------------------------------------------------------------
Name : oomd
Product : Fedora 31
Version : 0.3.2
Release : 1.fc31
URL : https://github.com/facebookincubator/oomd/
Summary : Userspace Out-Of-Memory (OOM) killer
Description :
Out of memory killing has historically happened inside kernel space. On a
memory overcommitted linux system, malloc(2) and friends usually never fail.
However, if an application dereferences the returned pointer and the system has
run out of physical memory, the linux kernel is forced take extreme measures,
up to and including killing processes. This is sometimes a slow and painful
process because the kernel can spend an unbounded amount of time swapping in
and out pages and evicting the page cache. Furthermore, configuring policy is
not very flexible while being somewhat complicated.
oomd aims to solve this problem in userspace. oomd leverages PSI and cgroupv2
to monitor a system holistically. oomd then takes corrective action in
userspace before an OOM occurs in kernel space. Corrective action is configured
via a flexible plugin system, in which custom code can be written. By default,
this involves killing offending processes. This enables an unparalleled level
of flexibility where each workload can have custom protection rules.
Furthermore, time spent livedlocked in kernelspace is minimized.
--------------------------------------------------------------------------------
Update Information:
Update to v0.3.2
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 19 2020 Filipe Brandenburger <filbranden(a)gmail.com> - 0.3.2-1
- Update to v0.3.2
* Tue Feb 18 2020 Filipe Brandenburger <filbranden(a)gmail.com> - 0.3.1-1
- Update to v0.3.1
* Wed Jan 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.2.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Thu Nov 14 2019 Bj��rn Esser <besser82(a)fedoraproject.org> - 0.2.0-5
- Rebuild (jsoncpp)
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-88372e5025' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
4 years
Fedora 31 Update: libfido2-1.3.1-1.fc31
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-e16a44b885
2020-02-29 22:31:35.495114
--------------------------------------------------------------------------------
Name : libfido2
Product : Fedora 31
Version : 1.3.1
Release : 1.fc31
URL : https://github.com/Yubico/libfido2
Summary : FIDO2 library
Description :
libfido2 is an open source library to support the FIDO2 protocol. FIDO2 is
an open authentication standard that consists of the W3C Web Authentication
specification (WebAuthn API), and the Client to Authentication Protocol
(CTAP). CTAP is an application layer protocol used for communication
between a client (browser) or a platform (operating system) with an external
authentication device (for example the Yubico Security Key).
--------------------------------------------------------------------------------
Update Information:
Update to 1.3.1 release ---- New libfido2 package
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 20 2020 Gary Buhrmaster <gary.buhrmaster(a)gmail.com> 1.3.1-1
- 1.3.1 release
* Mon Dec 16 2019 Gary Buhrmaster <gary.buhrmaster(a)gmail.com> 1.3.0-3
- use yubico corp release site for sources and gpg signature
* Sat Dec 14 2019 Gary Buhrmaster <gary.buhrmaster(a)gmail.com> 1.3.0-2
- packaging cleanups
* Sat Nov 30 2019 Gary Buhrmaster <gary.buhrmaster(a)gmail.com> 1.3.0-1
- 1.3.0 release
* Mon Jul 29 2019 Gary Buhrmaster <gary.buhrmaster(a)gmail.com> 1.2.0-1
- 1.2.0 release
* Sat May 11 2019 Gary Buhrmaster <gary.buhrmaster(a)gmail.com> 1.1.0-1
- 1.1.0 release
* Fri Apr 5 2019 Gary Buhrmaster <gary.buhrmaster(a)gmail.com> 1.0.0-2
- include backported upstream patches for compiler dependencies and soname version
- modify libdir glob to meet newer packaging recommendations
* Thu Mar 21 2019 Gary Buhrmaster <gary.buhrmaster(a)gmail.com> 1.0.0-1
- 1.0.0 release
* Mon Jan 7 2019 Gary Buhrmaster <gary.buhrmaster(a)gmail.com> 0.4.0-1
- 0.4.0 release
* Wed Sep 12 2018 Gary Buhrmaster <gary.buhrmaster(a)gmail.com> 0.3.0-1
- 0.3.0 release
* Fri Sep 7 2018 Gary Buhrmaster <gary.buhrmaster(a)gmail.com> 0.3.0-0.8.20180907git878fcd8
- update to upstream master
* Thu Sep 6 2018 Gary Buhrmaster <gary.buhrmaster(a)gmail.com> 0.3.0-0.7.20180906gitff7ece8
- update to upstream master
* Wed Sep 5 2018 Gary Buhrmaster <gary.buhrmaster(a)gmail.com> 0.3.0-0.6.20180905gitcb4951c
- update to upstream master
* Tue Sep 4 2018 Gary Buhrmaster <gary.buhrmaster(a)gmail.com> 0.3.0-0.5.20180904git2b5f0d0
- update to upstream master
* Mon Aug 27 2018 Gary Buhrmaster <gary.buhrmaster(a)gmail.com> 0.3.0-0.4.20180827git9d178b2
- Update to upstream master
* Thu Aug 23 2018 Gary Buhrmaster <gary.buhrmaster(a)gmail.com> 0.3.0-0.3.20180823git0f40181
- Update to upstream master
* Tue Aug 21 2018 Gary Buhrmaster <gary.buhrmaster(a)gmail.com> 0.3.0-0.2.20180821gitfff65a4
- Update to upstream master
* Wed Aug 8 2018 Gary Buhrmaster <gary.buhrmaster(a)gmail.com> 0.3.0-0.1.20180808git5be8903
- Update to new spec
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-e16a44b885' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
4 years
Fedora 31 Update: indistarter-2.2.0-1.fc31
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-e8f401c66d
2020-02-29 22:31:35.495128
--------------------------------------------------------------------------------
Name : indistarter
Product : Fedora 31
Version : 2.2.0
Release : 1.fc31
URL : http://indistarter.sourceforge.net/
Summary : GUI to start, stop and control an INDI server
Description :
Indistarter is a user interface to run a INDI server.
You can configure different profile for your astronomical equipment.
The INDI server can be launched locally or remotely on another computer.
In this last case a ssh tunnel is established to allow local client connection.
--------------------------------------------------------------------------------
Update Information:
Update to 2.2.0
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 21 2020 Mattia Verga <mattia.verga(a)protonmail.com> 2.2.0-1
- Upgrade to 2.2.0
* Wed Jan 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.1.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Sun Jan 5 2020 Mattia Verga <mattia.verga(a)protonmail.com> 2.1.0-1
- Upgrade to 2.1.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1803386 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1803386
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-e8f401c66d' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
4 years
Fedora 31 Update: nordugrid-arc-6.5.0-1.fc31
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-48f8bba3d0
2020-02-29 22:31:35.495100
--------------------------------------------------------------------------------
Name : nordugrid-arc
Product : Fedora 31
Version : 6.5.0
Release : 1.fc31
URL : http://www.nordugrid.org/
Summary : Advanced Resource Connector Middleware
Description :
NorduGrid is a collaboration aiming at development, maintenance and
support of the middleware, known as the Advanced Resource
Connector (ARC).
The ARC middleware is a software solution that uses distributed
computing technologies to enable sharing and federation of computing
resources across different administrative and application domains.
ARC is used to create distributed infrastructures of various scope and
complexity, from campus to national and global deployments.
--------------------------------------------------------------------------------
Update Information:
NorduGrid ARC 6.5.0.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 18 2020 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 6.5.0-1
- Update to version 6.5.0
- Put the arcctl tool in a separate nordugrid-arc-arcctl package
- Add nordugrid-arc-community-rtes package (tech preview)
- Split the nordugrid-arc-plugins-globus package into several packages
- nordugrid-arc-plugins-globus-common
- nordugrid-arc-plugins-gridftp
- nordugrid-arc-plugins-lcas-lcmaps
- nordugrid-arc-plugins-gridftpjob
* Wed Jan 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 6.4.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Sun Dec 1 2019 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 6.4.1-1
- Update to version 6.4.1
* Mon Nov 18 2019 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 6.4.0-1
- Update to version 6.4.0
* Thu Oct 17 2019 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 6.3.0-1
- Update to version 6.3.0
- Build infosys-ldap package for Fedora 32+ and EPEL 8+ again
(bdii was ported to Python 3)
- Build gfal2 plugin for EPEL 8 (dependency now available)
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-48f8bba3d0' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
4 years
Fedora 31 Update: fop-2.4-1.fc31
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-9e2c693a16
2020-02-29 22:31:35.495087
--------------------------------------------------------------------------------
Name : fop
Product : Fedora 31
Version : 2.4
Release : 1.fc31
URL : https://xmlgraphics.apache.org/fop
Summary : XSL-driven print formatter
Description :
FOP is the world's first print formatter driven by XSL formatting
objects. It is a Java application that reads a formatting object tree
and then turns it into a PDF document. The formatting object tree, can
be in the form of an XML document (output by an XSLT engine like XT or
Xalan) or can be passed in memory as a DOM Document or (in the case of
XT) SAX events.
--------------------------------------------------------------------------------
Update Information:
Fop ver. 2.4
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 21 2020 Peter Lemenkov <lemenkov(a)gmail.com> - 2.4-1
- Ver. 2.4
- No nonger requires avalon framework
* Tue Jan 28 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.2-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Thu Jul 25 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.2-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1735216 - fop: FTBFS in Fedora rawhide/f31
https://bugzilla.redhat.com/show_bug.cgi?id=1735216
[ 2 ] Bug #1582494 - fop-2.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1582494
[ 3 ] Bug #1799365 - fop: FTBFS in Fedora rawhide/f32
https://bugzilla.redhat.com/show_bug.cgi?id=1799365
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-9e2c693a16' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
4 years
Fedora 31 Update: sdbus-cpp-0.8.1-1.fc31
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-1327bb78ab
2020-02-29 22:31:35.495073
--------------------------------------------------------------------------------
Name : sdbus-cpp
Product : Fedora 31
Version : 0.8.1
Release : 1.fc31
URL : https://github.com/Kistler-Group/sdbus-cpp
Summary : High-level C++ D-Bus library
Description :
High-level C++ D-Bus library for Linux designed to provide easy-to-use
yet powerful API in modern C++
--------------------------------------------------------------------------------
Update Information:
New package sdbus-cpp - high-level C++ D-Bus library for Linux designed to
provide easy-to-use yet powerful API in modern C++.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 7 2020 Marek Blaha <mblaha(a)redhat.com> - 0.8.1-1
- Update to release 0.8.1
* Fri Jan 24 2020 Marek Blaha <mblaha(a)redhat.com> - 0.7.8-1
- Initial release 0.7.8
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-1327bb78ab' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
4 years
Fedora 31 Update: rebase-helper-0.21.0-1.fc31
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-93bdf07207
2020-02-29 22:31:35.495060
--------------------------------------------------------------------------------
Name : rebase-helper
Product : Fedora 31
Version : 0.21.0
Release : 1.fc31
URL : https://github.com/rebase-helper/rebase-helper
Summary : The tool that helps you to rebase your package to the latest version
Description :
rebase-helper is a tool which helps package maintainers to rebase their
packages to latest upstream versions.
There are several steps that need to be done when rebasing a package.
The goal of rebase-helper is to automate most of these steps.
--------------------------------------------------------------------------------
Update Information:
**News in version 0.21.0:** - Added public API tests for `Tags` class - Added
support for *%patchlist* and *%sourcelist* - Added support for automatic
*Source*/*Patch* numbering - **commit-hash-updater** SPEC hook now handles empty
release name - *sources* is now ignored if it's not a regular file - Fixed
summary and report paths when using `--bugzila-id` or `--results-dir` - Fixed
and extended detection of ABI changes reported by **abipkgdiff** - Removed
deprecated encoding parameter in `json.load()` for Python 3.9 - Fixed processing
of remote patches - Fixed handling of intermediate macros in
`SpecFile.set_tag()` - All RPM macros are now reset when `SpecFile` object is
destroyed - Renamed docker directory to containers and Dockerfiles to
Containerfiles - Switched from Docker Hub to quay.io for automatic image
building - Improved and cleaned up `SpecFile` tests - **replace-old-version**
SPEC hook can now replace also extraversion
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 21 2020 Packit Service <user-cont-team+packit-service(a)redhat.com> - 0.21.0-1
- new upstream release: 0.21.0
* Wed Dec 11 2019 Nikola Forr�� <nforro(a)redhat.com> - 0.20.0-1
- new upstream release: 0.20.0
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-93bdf07207' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
4 years
[SECURITY] Fedora 31 Update: rubygem-loofah-2.2.3-4.fc31
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-03c0964b6a
2020-02-29 22:31:35.495046
--------------------------------------------------------------------------------
Name : rubygem-loofah
Product : Fedora 31
Version : 2.2.3
Release : 4.fc31
URL : https://github.com/flavorjones/loofah
Summary : Manipulate and transform HTML/XML documents and fragments
Description :
Loofah is a general library for manipulating and transforming HTML/XML
documents and fragments. It's built on top of Nokogiri and libxml2, so
it's fast and has a nice API.
Loofah excels at HTML sanitization (XSS prevention). It includes some
nice HTML sanitizers, which are based on HTML5lib's whitelist, so it
most likely won't make your codes less secure.
--------------------------------------------------------------------------------
Update Information:
Fix XXS when a crafted SVG element is republished.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 21 2020 V��t Ondruch <vondruch(a)redhat.com> - 2.2.3-4
- Fix XXS when a crafted SVG element is republished.
Resolves: CVE-2019-15587
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1774081 - CVE-2019-15587 rubygem-loofah: XXS when a crafted SVG element is republished
https://bugzilla.redhat.com/show_bug.cgi?id=1774081
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-03c0964b6a' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
4 years