package-announce May 2020

package-announce@lists.fedoraproject.org

1 participants
2584 discussions

Fedora 32 Update: gnome-flashback-3.36.3-5.fc32
by updates＠fedoraproject.org 31 May '20

31 May '20

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2020-20a15172e7 2020-05-31 03:28:10.749599 -------------------------------------------------------------------------------- Name : gnome-flashback Product : Fedora 32 Version : 3.36.3 Release : 5.fc32 URL : https://wiki.gnome.org/Projects/GnomeFlashback Summary : GNOME Flashback session Description : GNOME Flashback is a session for GNOME 3 which was initially called "GNOME Fallback", and shipped as a stand-alone session in Debian and Ubuntu. It provides a similar user experience to the GNOME 2.x series sessions. The differences to the MATE project is that GNOME Flashback uses GTK+ 3 and tries to follow the current GNOME development by integrating recent changes of the GNOME libraries. The development currently lags behind a little but a lot of progress has been made and most importantly many open bugs have been fixed. -------------------------------------------------------------------------------- Update Information: RH#1840146 -------------------------------------------------------------------------------- ChangeLog: * Fri May 29 2020 Artem Polishchuk <ego.cordatus(a)gmail.com> - 3.36.3-5 - Rebuilt | https://pagure.io/koji/issue/2286 * Wed May 27 2020 Artem Polishchuk <ego.cordatus(a)gmail.com> - 3.36.3-4 - Add weak dep: alacarte * Tue May 26 2020 Yaakov Selkowitz <yselkowi(a)redhat.com> - 3.36.3-3 - Add PAM file | Fix RH#1840146 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1840146 - GNOME Flashback Lock Screen does not fuction https://bugzilla.redhat.com/show_bug.cgi?id=1840146 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-20a15172e7' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 32 Update: crypto-policies-20200527-1.gitb234a47.fc32
by updates＠fedoraproject.org 31 May '20

31 May '20

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2020-feb2e50aa4 2020-05-31 03:28:10.749584 -------------------------------------------------------------------------------- Name : crypto-policies Product : Fedora 32 Version : 20200527 Release : 1.gitb234a47.fc32 URL : https://gitlab.com/redhat-crypto/fedora-crypto-policies Summary : System-wide crypto policies Description : This package provides pre-built configuration files with cryptographic policies for various cryptographic back-ends, such as SSL/TLS libraries. -------------------------------------------------------------------------------- Update Information: Refresh from upstream repository with many bug fixes, clean-ups and enhancements. -------------------------------------------------------------------------------- ChangeLog: * Wed May 27 2020 Tom�� Mr��z <tmraz(a)redhat.com> - 20200527-1.gitb234a47 - explicitly enable DHE-DSS in gnutls config if enabled in policy - use grubby with --update-kernel=ALL to avoid breaking kernelopts - OSPP subpolicy: Allow GCM for SSH protocol - openssh: Support newly standardized ECDHE-GSS and DHE-GSS key exchanges - if the policy in FIPS mode is not a FIPS policy print a message - openssl: Add SignatureAlgorithms support * Thu Mar 12 2020 Tom�� Mr��z <tmraz(a)redhat.com> - 20200312-1.git3ae59d2 - custom crypto policies: enable completely overriding contents of the list value - added ECDHE-ONLY.pmod policy module example - openssh: make LEGACY policy to prefer strong public key algorithms - openssh: support FIDO/U2F (with the exception of FIPS policy) - gnutls: add support for GOST ciphers - various python code cleanups - update-crypto-policies: dump the current policy to /etc/crypto-policies/state/CURRENT.pol -------------------------------------------------------------------------------- References: [ 1 ] Bug #1830285 - openssh-8.2 missing PubKeyAcceptedTypes for u2f in crypto-policies https://bugzilla.redhat.com/show_bug.cgi?id=1830285 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-feb2e50aa4' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

[SECURITY] Fedora 32 Update: marked-1.1.0-3.fc32
by updates＠fedoraproject.org 31 May '20

31 May '20

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2020-d714c08261 2020-05-31 03:28:10.749569 -------------------------------------------------------------------------------- Name : marked Product : Fedora 32 Version : 1.1.0 Release : 3.fc32 URL : https://github.com/markedjs/marked Summary : A markdown parser for Node.js built for speed Description : Install this for command line tool and man page. marked is a full-featured markdown compiler that can parse huge chunks of markdown without having to worry about caching the compiled output or blocking for an unnecessarily long time. marked is extremely fast and frequently outperforms similar markdown parsers. marked is very concise and still implements all markdown features, as well as GitHub Flavored Markdown features. marked more or less passes the official markdown test suite in its entirety. This is important because a surprising number of markdown compilers cannot pass more than a few tests. -------------------------------------------------------------------------------- Update Information: New upstream release with bug and security fixes. Also, consolidates duplicate pakages marked and nodejs-marked. I tested upgrades from both, but may have missed some wonky situation. -------------------------------------------------------------------------------- ChangeLog: * Fri May 22 2020 Stuart Gathman <stuart(a)gathman.org> - 1.1.0-3 - Move web assets to js-marked * Fri May 22 2020 Stuart Gathman <stuart(a)gathman.org> - 1.1.0-2 - Move module files to nodejs-marked - Fix shebang no longer autofixed in /usr/lib/node_modules * Fri May 22 2020 Stuart Gathman <stuart(a)gathman.org> - 1.1.0-1 - New upstream release - CVE-2015-8854 ReDos fixed in 0.3.9 - bz#1529736 bz#1529738 - XSS w/ mangling disabled fixed in 0.3.9 - bz#1702320 ReDos vuln - CVE removed, problem not in marked - CVE-2016-1000013 fixed in 0.7.0 - CVE-2017-17461 ReDos in dependency (still open) - CVE-2017-1000427 XSS via data URI fixed in 0.3.7 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1185162 - NodeJS marked: VBScript Content Injection [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1185162 [ 2 ] Bug #1186221 - marked-1.1.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1186221 [ 3 ] Bug #1328407 - CVE-2016-1000013 marked: sanitization bypass using HTML [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=1328407 [ 4 ] Bug #1328408 - CVE-2016-1000013 marked: sanitization bypass using HTML [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1328408 [ 5 ] Bug #1329535 - CVE-2015-8854 marked: regular expression denial of service [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=1329535 [ 6 ] Bug #1329537 - CVE-2015-8854 marked: regular expression denial of service [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1329537 [ 7 ] Bug #1417926 - CVE-2017-1000427 marked: Cross-site scripting via Data URIs [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1417926 [ 8 ] Bug #1417927 - CVE-2017-1000427 marked: Cross-site scripting via Data URIs [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1417927 [ 9 ] Bug #1417928 - CVE-2017-1000427 marked: Cross-site scripting via Data URIs [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=1417928 [ 10 ] Bug #1529729 - marked: Cross-site Scripting (XSS) attacks via hexadecimal form of HTML [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1529729 [ 11 ] Bug #1529730 - marked: Cross-site Scripting (XSS) attacks via hexadecimal form of HTML [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1529730 [ 12 ] Bug #1529737 - marked: Cross-site Scripting (XSS) via autolink with mangling disabled [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1529737 [ 13 ] Bug #1529738 - marked: Cross-site Scripting (XSS) via autolink with mangling disabled [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1529738 [ 14 ] Bug #1550778 - marked: Regular expression denial of service in marked.js [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1550778 [ 15 ] Bug #1550779 - marked: Regular expression denial of service in marked.js [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1550779 [ 16 ] Bug #1702320 - marked: Regular expression denial of service in inline.text regex [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1702320 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-d714c08261' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 32 Update: R-callr-3.4.3-1.fc32
by updates＠fedoraproject.org 31 May '20

31 May '20

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2020-66e1a178a7 2020-05-31 03:28:10.749553 -------------------------------------------------------------------------------- Name : R-callr Product : Fedora 32 Version : 3.4.3 Release : 1.fc32 URL : https://CRAN.R-project.org/package=callr Summary : Call R from R Description : It is sometimes useful to perform a computation in a separate R process, without affecting the current R process at all. This packages does exactly that. -------------------------------------------------------------------------------- Update Information: Update to latest version -------------------------------------------------------------------------------- ChangeLog: * Thu May 21 2020 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 3.4.3-1 - Update to latest version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1818450 - R-callr-3.4.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1818450 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-66e1a178a7' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 32 Update: R-ps-1.3.3-1.fc32
by updates＠fedoraproject.org 31 May '20

31 May '20

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2020-a653ed93de 2020-05-31 03:28:10.749538 -------------------------------------------------------------------------------- Name : R-ps Product : Fedora 32 Version : 1.3.3 Release : 1.fc32 URL : https://CRAN.R-project.org/package=ps Summary : List, Query, Manipulate System Processes Description : List, query and manipulate all system processes, on 'Windows', 'Linux' and 'macOS'. -------------------------------------------------------------------------------- Update Information: Update to latest version -------------------------------------------------------------------------------- ChangeLog: * Thu May 21 2020 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 1.3.3-1 - Update to latest version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1833298 - R-ps-1.3.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1833298 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-a653ed93de' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 32 Update: R-purrr-0.3.4-1.fc32
by updates＠fedoraproject.org 31 May '20

31 May '20

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2020-16b44b5854 2020-05-31 03:28:10.749523 -------------------------------------------------------------------------------- Name : R-purrr Product : Fedora 32 Version : 0.3.4 Release : 1.fc32 URL : https://CRAN.R-project.org/package=purrr Summary : Functional Programming Tools Description : A complete and consistent functional programming toolkit for R. -------------------------------------------------------------------------------- Update Information: Update to latest version -------------------------------------------------------------------------------- ChangeLog: * Thu May 21 2020 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 0.3.4-1 - Update to latest version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1825309 - R-purrr-0.3.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1825309 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-16b44b5854' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 32 Update: R-rematch2-2.1.2-1.fc32
by updates＠fedoraproject.org 31 May '20

31 May '20

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2020-1e9ba1e62c 2020-05-31 03:28:10.749508 -------------------------------------------------------------------------------- Name : R-rematch2 Product : Fedora 32 Version : 2.1.2 Release : 1.fc32 URL : https://CRAN.R-project.org/package=rematch2 Summary : Tidy Output from Regular Expression Matching Description : Wrappers on 'regexpr' and 'gregexpr' to return the match results in tidy data frames. -------------------------------------------------------------------------------- Update Information: Update to latest version -------------------------------------------------------------------------------- ChangeLog: * Thu May 21 2020 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 2.1.2-1 - Update to latest version * Fri Apr 10 2020 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 2.1.1-1 - Update to latest version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1818484 - R-rematch2-2.1.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1818484 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-1e9ba1e62c' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 32 Update: R-pkgbuild-1.0.8-1.fc32
by updates＠fedoraproject.org 31 May '20

31 May '20

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2020-e66cef79c6 2020-05-31 03:28:10.749492 -------------------------------------------------------------------------------- Name : R-pkgbuild Product : Fedora 32 Version : 1.0.8 Release : 1.fc32 URL : https://CRAN.R-project.org/package=pkgbuild Summary : Find Tools Needed to Build R Packages Description : Provides functions used to build R packages. Locates compilers needed to build R packages on various platforms and ensures the PATH is configured appropriately so R can use them. -------------------------------------------------------------------------------- Update Information: Update to latest version -------------------------------------------------------------------------------- ChangeLog: * Thu May 21 2020 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 1.0.8-1 - Update to latest version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1827928 - R-pkgbuild-1.0.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=1827928 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-e66cef79c6' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 32 Update: swift-lang-5.2.4-1.fc32
by updates＠fedoraproject.org 31 May '20

31 May '20

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2020-df2f90c91f 2020-05-31 03:28:10.749477 -------------------------------------------------------------------------------- Name : swift-lang Product : Fedora 32 Version : 5.2.4 Release : 1.fc32 URL : https://swift.org Summary : Apple's Swift programming language Description : Swift is a general-purpose programming language built using a modern approach to safety, performance, and software design patterns. The goal of the Swift project is to create the best available language for uses ranging from systems programming, to mobile and desktop apps, scaling up to cloud services. Most importantly, Swift is designed to make writing and maintaining correct programs easier for the developer. -------------------------------------------------------------------------------- Update Information: Updated to swift-5.2.4-RELEASE -------------------------------------------------------------------------------- ChangeLog: * Wed May 20 2020 Ron Olson <tachoknight(a)gmail.com> 5.2.4-1 - Updated to swift-5.2.4-RELEASE -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-df2f90c91f' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 32 Update: R-unitizer-1.4.10-1.fc32
by updates＠fedoraproject.org 31 May '20

31 May '20

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2020-a8e6ed3097 2020-05-31 03:28:10.749461 -------------------------------------------------------------------------------- Name : R-unitizer Product : Fedora 32 Version : 1.4.10 Release : 1.fc32 URL : https://CRAN.R-project.org/package=unitizer Summary : Interactive R Unit Tests Description : Simplifies regression tests by comparing objects produced by test code with earlier versions of those same objects. If objects are unchanged the tests pass, otherwise execution stops with error details. If in interactive mode, tests can be reviewed through the provided interactive environment. -------------------------------------------------------------------------------- Update Information: Update to latest version -------------------------------------------------------------------------------- ChangeLog: * Thu May 21 2020 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 1.4.10-1 - Update to latest version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1834971 - R-unitizer-1.4.10 is available https://bugzilla.redhat.com/show_bug.cgi?id=1834971 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-a8e6ed3097' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

← Newer
1
2
3
4
5
6
7
8
9
...
259
Older →

Jump to page:

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

package-announce May 2020