The following Fedora 35 Security updates need testing: Age URL 269 https://bodhi.fedoraproject.org/updates/FEDORA-2022-dfc6924a11 mysql-connector-java-8.0.28-1.fc35 12 https://bodhi.fedoraproject.org/updates/FEDORA-2022-39688a779d curl-7.79.1-7.fc35 5 https://bodhi.fedoraproject.org/updates/FEDORA-2022-ebbac924d3 exim-4.96-5.fc35 5 https://bodhi.fedoraproject.org/updates/FEDORA-2022-7ad73a633f dotnet6.0-6.0.110-2.fc35 5 https://bodhi.fedoraproject.org/updates/FEDORA-2022-99af00f60e xen-4.15.3-7.fc35 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-fcf5dbb447 libxml2-2.10.3-2.fc35 xmlsec1-1.2.29-5.fc35 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-76b3530ac2 php-pear-CAS-1.6.0-1.fc35 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-ae2559a8f4 mingw-pixman-0.42.2-1.fc35 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-c43235716e mingw-expat-2.5.0-1.fc35 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-061f857481 mingw-libtasn1-4.19.0-1.fc35 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-3d354ef0fb vim-9.0.828-1.fc35 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-8ac4104a02 systemd-249.13-6.fc35 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-e7726761c4 webkit2gtk3-2.38.2-1.fc35 1 https://bodhi.fedoraproject.org/updates/FEDORA-2022-7f14b7d45e android-tools-33.0.3p1-2.fc35 0 https://bodhi.fedoraproject.org/updates/FEDORA-2022-de515f765f nodejs-16.18.1-1.fc35 0 https://bodhi.fedoraproject.org/updates/FEDORA-2022-2dc2d8cb7c samba-4.15.11-0.fc35
The following Fedora 35 Critical Path updates have yet to be approved: Age URL 88 https://bodhi.fedoraproject.org/updates/FEDORA-2022-bca7996d14 annobin-10.81-1.fc35 52 https://bodhi.fedoraproject.org/updates/FEDORA-2022-97f6c4fd2a libblockdev-2.28-2.fc35 23 https://bodhi.fedoraproject.org/updates/FEDORA-2022-7c5789009a python3-docs-3.10.8-1.fc35 python3.10-3.10.8-1.fc35 13 https://bodhi.fedoraproject.org/updates/FEDORA-2022-8cc2a55191 libidn2-2.3.4-1.fc35 12 https://bodhi.fedoraproject.org/updates/FEDORA-2022-39688a779d curl-7.79.1-7.fc35 12 https://bodhi.fedoraproject.org/updates/FEDORA-2022-a044f89f66 koji-1.30.1-2.fc35 10 https://bodhi.fedoraproject.org/updates/FEDORA-2022-569e7560ec python-rpm-macros-3.10-13.fc35 9 https://bodhi.fedoraproject.org/updates/FEDORA-2022-0535a53522 cmake-3.24.2-1.fc35 9 https://bodhi.fedoraproject.org/updates/FEDORA-2022-80b7db48db rust-packaging-23-1.fc35 rust-srpm-macros-23-1.fc35 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-8b2695fc0e hwdata-0.364-1.fc35 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-596a8be8cf expat-2.5.0-1.fc35 5 https://bodhi.fedoraproject.org/updates/FEDORA-2022-99af00f60e xen-4.15.3-7.fc35 5 https://bodhi.fedoraproject.org/updates/FEDORA-2022-3c76b13e24 libxcrypt-4.4.30-1.fc35 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-1eb121f472 thunderbird-102.4.1-1.fc35 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-fcf5dbb447 libxml2-2.10.3-2.fc35 xmlsec1-1.2.29-5.fc35 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-e7726761c4 webkit2gtk3-2.38.2-1.fc35 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-8ac4104a02 systemd-249.13-6.fc35 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-3d354ef0fb vim-9.0.828-1.fc35 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-26c41f14c8 gnutls-3.7.8-3.fc35 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-0b5c497fe0 kernel-6.0.7-100.fc35 0 https://bodhi.fedoraproject.org/updates/FEDORA-2022-2dc2d8cb7c samba-4.15.11-0.fc35
The following builds have been pushed to Fedora 35 updates-testing
AusweisApp2-1.24.4-1.fc35 aerc-0.13.0-1.fc35 arts-1.5.10-54.fc35 baresip-2.9.0-3.fc35 cinfo-0.5.1-1.fc35 golang-github-charmbracelet-bubbles-0.14.0-1.fc35 golang-sr-rockorager-tcell-term-0.3.0-1.fc35 linux-system-roles-1.22.0-2.fc35 retsnoop-0.9.3-2.fc35 scummvm-2.6.1-1.fc35 vorta-0.8.9-1.fc35 xq-1.0.0-1.fc35
Details about builds:
================================================================================ AusweisApp2-1.24.4-1.fc35 (FEDORA-2022-51af310580) Online identification with German ID card (Personalausweis) -------------------------------------------------------------------------------- Update Information:
- New upstream release. -------------------------------------------------------------------------------- ChangeLog:
* Sun Nov 6 2022 Bj��rn Esser besser82@fedoraproject.org - 1.24.4-1 - New upstream release --------------------------------------------------------------------------------
================================================================================ aerc-0.13.0-1.fc35 (FEDORA-2022-a05c2452ed) Email client for your terminal -------------------------------------------------------------------------------- Update Information:
## aerc - Update to 0.13.0. Fixes rhbz#2136668. ## golang-sr-rockorager-tcell- term - Initial package (rhbz#2139489). -------------------------------------------------------------------------------- ChangeLog:
* Wed Nov 2 2022 Maxwell G gotmax@e.email 0.13.0-1 - Update to 0.13.0. Fixes rhbz#2136668. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2136668 - aerc-0.13.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2136668 [ 2 ] Bug #2139489 - Review Request: golang-sr-rockorager-tcell-term - An embeddable terminal widget for tcell https://bugzilla.redhat.com/show_bug.cgi?id=2139489 --------------------------------------------------------------------------------
================================================================================ arts-1.5.10-54.fc35 (FEDORA-2022-117fc747b1) aRts (analog realtime synthesizer) - the KDE sound system -------------------------------------------------------------------------------- Update Information:
This update makes aRts work (successfully produce sound) again instead of crashing on startup. The crash was due to a miscompilation by LTO (link-time optimization), where the wrong symbol version of ALSA symbols was used, leading to an ABI mismatch between the caller (in aRts) and the callee (in ALSA). This update disables LTO at build time, leading to working aRts binaries. -------------------------------------------------------------------------------- ChangeLog:
* Tue Nov 8 2022 Kevin Kofler Kevin@tigcc.ticalc.org - 8:1.5.10-54 - Disable LTO because it breaks ALSA versioned symbol use, crashing (#1910437) * Wed Jul 20 2022 Fedora Release Engineering releng@fedoraproject.org - 8:1.5.10-53 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Mon Jan 24 2022 Timm B��der tbaeder@redhat.com - 8:1.5.10-52 - Opt out of .la file removal - https://fedoraproject.org/wiki/Changes/RemoveLaFiles * Wed Jan 19 2022 Fedora Release Engineering releng@fedoraproject.org - 8:1.5.10-51 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Tue Aug 31 2021 Than Ngo than@redhat.com - 8:1.5.10-50 - Fixed bz#1999495, FTBFS against autoconf-2.7x -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1910437 - [abrt] arts: snd1_pcm_hw_param_set_near(): artsd killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1910437 --------------------------------------------------------------------------------
================================================================================ baresip-2.9.0-3.fc35 (FEDORA-2022-cbe4c5f485) Modular SIP user-agent with audio and video support -------------------------------------------------------------------------------- Update Information:
- Added upstream patch to fix GTK+ dial segfault regression -------------------------------------------------------------------------------- ChangeLog:
* Tue Nov 8 2022 Robert Scheck robert@fedoraproject.org 2.9.0-3 - Added upstream patch to fix GTK+ dial segfault regression * Mon Nov 7 2022 Richard Shaw hobbes1069@gmail.com - 2.9.0-2 - Rebuild for updated codec2. --------------------------------------------------------------------------------
================================================================================ cinfo-0.5.1-1.fc35 (FEDORA-2022-b899ada00e) Fast and minimal system information tool -------------------------------------------------------------------------------- Update Information:
update to 0.5.1 -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Jonathan Wright jonathan@almalinux.org 0.5.1-1 - update to 0.5.1 rhbz#2140024 --------------------------------------------------------------------------------
================================================================================ golang-github-charmbracelet-bubbles-0.14.0-1.fc35 (FEDORA-2022-c3e6f2205f) TUI components for Bubble Tea -------------------------------------------------------------------------------- Update Information:
Initial package -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Mikel Olasagasti Uranga mikel@olasagasti.info 0.14.0-1 - Initial package - Closes rhbz#2131497 --------------------------------------------------------------------------------
================================================================================ golang-sr-rockorager-tcell-term-0.3.0-1.fc35 (FEDORA-2022-a05c2452ed) An embeddable terminal widget for tcell -------------------------------------------------------------------------------- Update Information:
## aerc - Update to 0.13.0. Fixes rhbz#2136668. ## golang-sr-rockorager-tcell- term - Initial package (rhbz#2139489). -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 4 2022 Maxwell G gotmax@e.email - 0.3.0-1 - Initial package (rhbz#2139489). -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2136668 - aerc-0.13.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2136668 [ 2 ] Bug #2139489 - Review Request: golang-sr-rockorager-tcell-term - An embeddable terminal widget for tcell https://bugzilla.redhat.com/show_bug.cgi?id=2139489 --------------------------------------------------------------------------------
================================================================================ linux-system-roles-1.22.0-2.fc35 (FEDORA-2022-82f2513aa1) Set of interfaces for unified system management -------------------------------------------------------------------------------- Update Information:
add back docs/CHANGELOG.md ---- new roles - ad_integration, podman; use certificate, firewall, selinux roles from other roles -------------------------------------------------------------------------------- ChangeLog:
* Thu Nov 3 2022 Rich Megginson rmeggins@redhat.com - 1.22.0-1 - ad_integration - new role - cockpit - use the firewall, selinux, certificate roles - ha_cluster - use the firewall, selinux, certificate roles - ha_cluster - fix decoding Vault variables - ha_cluster - support configuring qnetd, qdevice - ha_cluster - fix sbd config file template - logging - use the firewall, selinux, certificate roles - metrics - use the firewall, selinux roles - metrics - support Grafana v9 - nbde_client - Add default clevis luks askpass unit - nbde_client - correct clevis askpass unit conditional - nbde_client - use no_log: true where secrets might be revealed - nbde_server - add support for custom ports - nbde_server - use the firewall, selinux roles - network - Support looking up named route table in routing rule - network - bond: improve the validation for setting peer_notif_delay - network - bond: test arp_all_targets only when arp_interval is enabled - network - bond: attach ports when creating the bonding connection - network - Support 'route_metric4' for initscripts provider - network - use rpm -i instead of yum install for epel7 - network - Support the DNS priority - podman - new role - postfix - use the firewall, selinux roles - selinux - add 'local' parameter to seport - ssh - add RSAMinSize, RequiredRSASize - ssh - cast Jinja variables to correct type - sshd - add RSAMinSize, RequiredRSASize - sshd - Adding support for OpenWrt 21.03 - sshd - Moves internal non-overridable variables out of defaults - sshd - cast Jinja variables to correct type - storage - Fixed calculation of relative thinp sizes - storage - Fixed size and percentage handling for thin pools - timesync - cast Jinja variables to correct type - timesync - Update timestamping checks using ethtool - vpn - Check for /usr/bin/openssl on controller - do not use package_facts - vpn - Add support for the parameters shared_key_content, leftid, rightid, ike, esp, type, ikelifetime, salifetime, retransmit_timeout, dpddelay, dpdtimeout, dpdaction, leftupdown - vpn - use the firewall, selinux roles * Wed Nov 2 2022 Sergei Petrosian spetrosi@redhat.com - 1.21.1-5 - Simplify spec file and remove unused code - Remove unused and redundant macros - Replace ansible_collection_build_install with separate _build _install It is required to build in the %build stage and install in the %install for proper RPM build process - 's|$RPM_BUILD_ROOT|%{buildroot}|g' for consistency - Set BuildRequires: ansible-packaging on Fedora - Define BuildRequires and bcond_with_ansible separately for clarity - Remove %_sourcedir for best practicies https://fedoraproject.org/wiki/Packaging:RPM_Source_Dir - Resolve rpmlint issues mixed-use-of-spaces-and-tabs macro-in-comment - Replace installbase with ansible_roles_dir - Create symlinks for upstream naming on RHEL - Define ansible_roles_dir the same way as ansible_collection_files - Remove workaround for EPEL because we can build coll artifact from RHEL9 - Define helper macros on RHEL only - Fedora must fail if macros provided by ansible-packager are not available - Define whole %{_pkglicensedir} and %{_pkgdocdir} dirs in %files - Refactor generating files section - Do not conditionalize sources, get vendored collections from galaxy - Replace files copies in _pkgdocdir and _pkglicensedir with symlinks - Remove old Obsoletes entry from 2018 The -techpreview package got only into RHEL 7 Extras briefly. The change happened in RHEL 8 before GA, so there is no risk of anybody having the -techpreview subpackage in RHEL 8. - Define python3-ruamel-yaml requirement in one line - Add bundled Provides - Fix processing %license in format_item_for_files on EL7 Resolves: rhbz#2126902 * Tue Nov 1 2022 Sergei Petrosian spetrosi@redhat.com - 1.21.1-4 - Update community.general * Thu Sep 15 2022 Sergei Petrosian spetrosi@redhat.com - 1.21.1-3 - Update community.general * Thu Sep 1 2022 Sergei Petrosian spetrosi@redhat.com - 1.21.1-2 - Update community.general --------------------------------------------------------------------------------
================================================================================ retsnoop-0.9.3-2.fc35 (FEDORA-2022-caad883403) A tool for investigating kernel error call stacks -------------------------------------------------------------------------------- Update Information:
`retsnoop` now supports DWARF-based symbolization (i.e., source code file/line info and inline functions); works on KASLR-enabled Linux kernels. -------------------------------------------------------------------------------- ChangeLog:
* Tue Nov 8 2022 Michel Alexandre Salim salimma@fedoraproject.org 0.9.3-1 - Update to 0.9.3; this adds KASLR support Document installing `kernel- debuginfo` for better tracing --------------------------------------------------------------------------------
================================================================================ scummvm-2.6.1-1.fc35 (FEDORA-2022-e5bbfb989a) Interpreter for several adventure games -------------------------------------------------------------------------------- Update Information:
Update to bugfix release 2.6.1 * many bug fixes and minor enhancements * upstream release notes: https://downloads.scummvm.org/frs/scummvm/2.6.1/ReleaseNotes.html -------------------------------------------------------------------------------- ChangeLog:
* Sun Nov 6 2022 Christian Krause chkr@fedoraproject.org - 2.6.1-1 - Update to 2.6.1 (#2135801) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2135801 - scummvm-2.6.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2135801 --------------------------------------------------------------------------------
================================================================================ vorta-0.8.9-1.fc35 (FEDORA-2022-a6d46f8e13) A GUI for Borg Backup -------------------------------------------------------------------------------- Update Information:
update to 0.8.9 -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Jonathan Wright jonathan@almalinux.org - 0.8.9-1 - Update to 0.8.9 rhbz#2140355 --------------------------------------------------------------------------------
================================================================================ xq-1.0.0-1.fc35 (FEDORA-2022-ae1806efc9) Command-line XML and HTML beautifier and content extractor -------------------------------------------------------------------------------- Update Information:
Update to 1.0.0 -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Mikel Olasagasti Uranga mikel@olasagasti.info 1.0.0-1 - Update to 1.0.0 * Mon Aug 29 2022 Mikel Olasagasti Uranga mikel@olasagasti.info 0.0.8-2 - Use correct package name * Mon Aug 29 2022 Mikel Olasagasti Uranga mikel@olasagasti.info 0.0.8-1 - Update to 0.0.8 - Closes rhbz#2122039 * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org 0.0.7-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Tue Jul 19 2022 Maxwell G gotmax@e.email 0.0.7-5 - Rebuild for CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in golang --------------------------------------------------------------------------------
test-reports@lists.fedoraproject.org