The following Fedora 35 Security updates need testing: Age URL 294 https://bodhi.fedoraproject.org/updates/FEDORA-2022-dfc6924a11 mysql-connector-java-8.0.28-1.fc35 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-cb7084ae1c moodle-3.11.11-1.fc35 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-d50ded078e woff-0.20091126-33.fc35 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-a0a27f63ce freerdp-2.9.0-1.fc35 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-b9b710f199 ruby-3.0.5-155.fc35 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-458378be7a sfnt2woff-zopfli-1.3.1-3.fc35 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-49b20342c0 nextcloud-25.0.1-1.fc35
The following Fedora 35 Critical Path updates have yet to be approved: Age URL 113 https://bodhi.fedoraproject.org/updates/FEDORA-2022-bca7996d14 annobin-10.81-1.fc35 77 https://bodhi.fedoraproject.org/updates/FEDORA-2022-97f6c4fd2a libblockdev-2.28-2.fc35 20 https://bodhi.fedoraproject.org/updates/FEDORA-2022-43fa48ce4e python-rpmautospec-0.3.1-1.fc35 11 https://bodhi.fedoraproject.org/updates/FEDORA-2022-7184211fc4 koji-1.31.0-1.fc35 11 https://bodhi.fedoraproject.org/updates/FEDORA-2022-1b29661d86 vim-9.0.915-1.fc35 9 https://bodhi.fedoraproject.org/updates/FEDORA-2022-32e69d01a9 libbsd-0.11.7-1.fc35 9 https://bodhi.fedoraproject.org/updates/FEDORA-2022-9fde12c816 gcc-11.3.1-4.fc35 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-ae162c4397 libxcrypt-4.4.33-3.fc35 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-a644404329 appstream-data-35-9.fc35 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-6299256f20 langtable-0.0.61-2.fc35 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-6a61088a67 mutter-41.9-2.fc35 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-a0a27f63ce freerdp-2.9.0-1.fc35 1 https://bodhi.fedoraproject.org/updates/FEDORA-2022-689d8fe8db libbluray-1.3.4-1.fc35
The following builds have been pushed to Fedora 35 updates-testing
bcel-6.4.1-10.fc35 fedora-release-35-40 hwdata-0.365-1.fc35 mrack-1.12.2-1.fc35 nicotine+-3.2.7-1.fc35 packit-0.64.0-1.fc35 python-google-auth-2.15.0-1.fc35 python-trimesh-3.17.0-2.fc35 testcloud-0.8.2-1.fc35 thunderbird-102.5.1-1.fc35 tzdata-2022g-1.fc35 wlr-randr-0.2.0-1.fc35
Details about builds:
================================================================================ bcel-6.4.1-10.fc35 (FEDORA-2022-f60a52e054) Byte Code Engineering Library -------------------------------------------------------------------------------- Update Information:
Security fix: CVE-2022-42920 bcel: Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing -------------------------------------------------------------------------------- ChangeLog:
* Thu Dec 1 2022 Mikolaj Izdebski mizdebsk@redhat.com - 6.4.1-10 - Fix arbitrary bytecode produced via out-of-bounds writing - Resolves: CVE-2022-42920 * Sat Feb 5 2022 Jiri Vanek jvanek@redhat.com - 6.4.1-9 - Rebuilt for java-17-openjdk as system jdk * Wed Jan 19 2022 Fedora Release Engineering releng@fedoraproject.org - 6.4.1-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2142727 - CVE-2022-42920 bcel: Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing [fedora-35] https://bugzilla.redhat.com/show_bug.cgi?id=2142727 --------------------------------------------------------------------------------
================================================================================ fedora-release-35-40 (FEDORA-2022-01f4c53e2c) Fedora release files -------------------------------------------------------------------------------- Update Information:
Add (projected) EOL date -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 21 2022 Ben Cotton bcotton@fedoraproject.org 35-40 - Add F35 EOL date -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2105402 - [RFE] start using os-release SUPPORT_END=YYYY-MM-DD https://bugzilla.redhat.com/show_bug.cgi?id=2105402 --------------------------------------------------------------------------------
================================================================================ hwdata-0.365-1.fc35 (FEDORA-2022-69dba93072) Hardware identification and configuration data -------------------------------------------------------------------------------- Update Information:
Update pci and vendor ids -------------------------------------------------------------------------------- ChangeLog:
* Fri Dec 2 2022 Vitezslav Crhonek vcrhonek@redhat.com - 0.365-1 - Update pci and vendor ids --------------------------------------------------------------------------------
================================================================================ mrack-1.12.2-1.fc35 (FEDORA-2022-d8d8d556a6) Multicloud use-case based multihost async provisioner -------------------------------------------------------------------------------- Update Information:
Automatic update for mrack-1.12.2-1.fc35. ##### **Changelog for mrack** ``` * Fri Dec 02 2022 Packit hello@packit.dev - 1.12.2-1 - chore: Release version 1.12.2 (github-actions) - chore: Use python 3.10 in GH actions (Tibor Dudl��k) - refactor: pylint fixes related to Python 3.10 (Tibor Dudl��k) - test: Fix test_utils.py to be included in pytest run (Tibor Dudl��k) - chore(pytest): add missing python_path when using pytest >=7.0.0 (Tibor Dudl��k) - test: Add test for value_to_bool util function (Tibor Dudl��k) - fix: Owner requirement boolean parsing from string (Tibor Dudl��k) - chore(Packit): Add upstream_tag_template to .packit.yaml (Tibor Dudl��k) ``` -------------------------------------------------------------------------------- ChangeLog:
* Fri Dec 2 2022 Packit hello@packit.dev - 1.12.2-1 - chore: Release version 1.12.2 (github-actions) - chore: Use python 3.10 in GH actions (Tibor Dudl��k) - refactor: pylint fixes related to Python 3.10 (Tibor Dudl��k) - test: Fix test_utils.py to be included in pytest run (Tibor Dudl��k) - chore(pytest): add missing python_path when using pytest >=7.0.0 (Tibor Dudl��k) - test: Add test for value_to_bool util function (Tibor Dudl��k) - fix: Owner requirement boolean parsing from string (Tibor Dudl��k) - chore(Packit): Add upstream_tag_template to .packit.yaml (Tibor Dudl��k) --------------------------------------------------------------------------------
================================================================================ nicotine+-3.2.7-1.fc35 (FEDORA-2022-6a0db774d7) A graphical client for Soulseek -------------------------------------------------------------------------------- Update Information:
## Version 3.2.7 (December 1, 2022) ### Corrections * Fixed a crash when selecting a user picture * Fixed a crash when removing private chat logs * Fixed an issue where the main window could become unresponsive when showing it from the tray icon * Minor fixes related to UPnP compatibility with certain routers * Reduce the number of connection timeouts when searching for popular files ### Issues closed on GitHub * Notification string too long (ValueError crash) on Windows ([#2233](https://github.com/nicotine- plus/nicotine-plus/issues/2233)) * Private chat, Delete chat log... >> Value: 'PrivateChats' object has no attribute 'history' ([#2247](https://github.com/nicotine-plus/nicotine-plus/issues/2247)) -------------------------------------------------------------------------------- ChangeLog:
* Thu Dec 1 2022 Mohamed El Morabity melmorabity@fedoraproject.org - 3.2.7-1 - Update to 3.2.7 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2149830 - nicotine+-3.2.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=2149830 --------------------------------------------------------------------------------
================================================================================ packit-0.64.0-1.fc35 (FEDORA-2022-2b0916ce2f) A tool for integrating upstream projects with Fedora operating system -------------------------------------------------------------------------------- Update Information:
Automatic update for packit-0.64.0-1.fc35. ##### **Changelog for packit** ``` * Fri Dec 02 2022 Packit hello@packit.dev - 0.64.0-1 - `packit propose- downstream` now uploads all remote sources (those specified as URLs) and the source specified by `spec_source_id` (whether remote or not) to lookaside. Previously, only Source0 was uploaded. Source0 is no longer treated specially, but as `spec_source_id` is `Source0` by default, Source0 is still being uploaded by default unless `spec_source_id` is overriden. (#1778) ``` -------------------------------------------------------------------------------- ChangeLog:
* Fri Dec 2 2022 Packit hello@packit.dev - 0.64.0-1 - `packit propose-downstream` now uploads all remote sources (those specified as URLs) and the source specified by `spec_source_id` (whether remote or not) to lookaside. Previously, only Source0 was uploaded. Source0 is no longer treated specially, but as `spec_source_id` is `Source0` by default, Source0 is still being uploaded by default unless `spec_source_id` is overriden. (#1778) --------------------------------------------------------------------------------
================================================================================ python-google-auth-2.15.0-1.fc35 (FEDORA-2022-7e8bfd1962) Google Auth Python Library -------------------------------------------------------------------------------- Update Information:
Update python-google-auth to 2.15.0 -------------------------------------------------------------------------------- ChangeLog:
* Fri Dec 2 2022 Jason Montleon jmontleo@redhat.com - 1:2.15.0-1 - Update to 2.15.0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2141138 - python-google-auth-2.15.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2141138 --------------------------------------------------------------------------------
================================================================================ python-trimesh-3.17.0-2.fc35 (FEDORA-2022-7c5059a30a) Import, export, process, analyze and view triangular meshes -------------------------------------------------------------------------------- Update Information:
Update to 3.17.0 (close RHBZ#2150113) -------------------------------------------------------------------------------- ChangeLog:
* Fri Dec 2 2022 Benjamin A. Beasley code@musicinmybrain.net 3.17.0-2 - Skip a new 32-bit test failure * Fri Dec 2 2022 Benjamin A. Beasley code@musicinmybrain.net 3.17.0-1 - Update to 3.17.0 (close RHBZ#2150113) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2150113 - python-trimesh-3.17.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2150113 --------------------------------------------------------------------------------
================================================================================ testcloud-0.8.2-1.fc35 (FEDORA-2022-d0e0ded1b1) Tool for running cloud images locally -------------------------------------------------------------------------------- Update Information:
- CentOS Stream {8,9}: bump image version - Leave boot drive address guessing to libvirt - Workaround libvirt/qemu PCI auto-assign issue -------------------------------------------------------------------------------- ChangeLog:
* Fri Dec 2 2022 Frantisek Zatloukal fzatlouk@redhat.com - 0.8.2-1 - CentOS Stream {8,9}: bump image version - Leave boot drive address guessing to libvirt - Workaround libvirt/qemu PCI auto-assign issue * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org - 0.8.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ thunderbird-102.5.1-1.fc35 (FEDORA-2022-9cdf7bdeb3) Mozilla Thunderbird mail/newsgroup client -------------------------------------------------------------------------------- Update Information:
Update to 102.5.1 ; https://www.mozilla.org/en- US/security/advisories/mfsa2022-50/ ; https://www.thunderbird.net/en- US/thunderbird/102.5.1/releasenotes/ -------------------------------------------------------------------------------- ChangeLog:
* Thu Dec 1 2022 Eike Rathke erack@redhat.com - 102.5.1-1 - Update to 102.5.1 --------------------------------------------------------------------------------
================================================================================ tzdata-2022g-1.fc35 (FEDORA-2022-7e70abbf84) Timezone data -------------------------------------------------------------------------------- Update Information:
Resolves: #2149397 Rebase to tzdata-2022g - The northern edge of the Mexican state of Chihuahua will change time zone to agree with nearby US locations on 2022-11-30. - Added a new Zone America/Ciudad_Juarez that splits from America/Ojinaga. -------------------------------------------------------------------------------- ChangeLog:
* Fri Dec 2 2022 Patsy Griffin patsy@redhat.com - 2022g-1 - Rebase to tzdata-2022g - The northern edge of the Mexican state of Chihuahua will change time zone to agree with nearby US locations on 2022-11-30. - Added a new Zone America/Ciudad_Juarez that splits from America/Ojinaga. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2149397 - tzdata-2022g is available https://bugzilla.redhat.com/show_bug.cgi?id=2149397 --------------------------------------------------------------------------------
================================================================================ wlr-randr-0.2.0-1.fc35 (FEDORA-2022-8c5ea08ea4) An xrandr clone for wlroots compositors -------------------------------------------------------------------------------- Update Information:
- Update to 0.2.0 - Convert License tag to SPDX - Update upstream URL - Verify source signature -------------------------------------------------------------------------------- ChangeLog:
* Fri Dec 2 2022 Aleksei Bavshin alebastr@fedoraproject.org - 0.2.0-1 - Update to 0.2.0 - Convert License tag to SPDX - Update upstream URL - Verify source signature * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org - 0-9.20200408git5ff601a - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Sat Jan 22 2022 Fedora Release Engineering releng@fedoraproject.org - 0-8.20200408git5ff601a - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild --------------------------------------------------------------------------------