The following Fedora 36 Security updates need testing: Age URL 12 https://bodhi.fedoraproject.org/updates/FEDORA-2022-15729fa33d protobuf-3.19.6-1.fc36 11 https://bodhi.fedoraproject.org/updates/FEDORA-2022-6d2b6ad1a6 golang-1.18.9-1.fc36 7 https://bodhi.fedoraproject.org/updates/FEDORA-2022-3f40d00dd9 xorg-x11-server-Xwayland-22.1.7-1.fc36 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-db674bafd9 containerd-1.6.14-2.fc36 golang-github-containerd-cgroups-1.0.4-3.fc36 moby-engine-20.10.21-1.fc36 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-489ea47e69 trafficserver-9.1.4-1.fc36 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-ef4f57b072 systemd-250.9-1.fc36 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-bcf089dd07 python3.6-3.6.15-15.fc36 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-e63bc3eca2 OpenImageIO-2.3.21.0-1.fc36 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-71121c44a4 webkit2gtk3-2.38.3-1.fc36 3 https://bodhi.fedoraproject.org/updates/FEDORA-2022-ce04ff8b49 w3m-0.5.3-58.git20220429.fc36
The following Fedora 36 Critical Path updates have yet to be approved: Age URL 44 https://bodhi.fedoraproject.org/updates/FEDORA-2022-beaae40a8f python-rpmautospec-0.3.1-1.fc36 42 https://bodhi.fedoraproject.org/updates/FEDORA-2022-ca291a78cf glibc-2.35-21.fc36 19 https://bodhi.fedoraproject.org/updates/FEDORA-2022-df7e4caec9 gnome-shell-42.7-1.fc36 mutter-42.7-1.fc36 13 https://bodhi.fedoraproject.org/updates/FEDORA-2022-94f19142ab gnome-bluetooth-42.5-1.fc36 13 https://bodhi.fedoraproject.org/updates/FEDORA-2022-ef64b1b39e libxcrypt-4.4.33-4.fc36 12 https://bodhi.fedoraproject.org/updates/FEDORA-2022-15729fa33d protobuf-3.19.6-1.fc36 12 https://bodhi.fedoraproject.org/updates/FEDORA-2022-55ba74effb breeze-icon-theme-5.101.0-1.fc36 extra-cmake-modules-5.101.0-1.fc36 kf5-5.101.0-1.fc36 kf5-attica-5.101.0-1.fc36 kf5-baloo-5.101.0-1.fc36 kf5-bluez-qt-5.101.0-1.fc36 kf5-frameworkintegration-5.101.0-1.fc36 kf5-kactivities-5.101.0-1.fc36 kf5-kactivities-stats-5.101.0-1.fc36 kf5-kapidox-5.101.0-1.fc36 kf5-karchive-5.101.0-1.fc36 kf5-kauth-5.101.0-1.fc36 kf5-kbookmarks-5.101.0-1.fc36 kf5-kcalendarcore-5.101.0-1.fc36 kf5-kcmutils-5.101.0-1.fc36 kf5-kcodecs-5.101.0-1.fc36 kf5-kcompletion-5.101.0-1.fc36 kf5-kconfig-5.101.0-1.fc36 kf5-kconfigwidgets-5.101.0-2.fc36 kf5-kcontacts-5.101.0-1.fc36 kf5-kcoreaddons-5.101.0-1.fc36 kf5-kcrash-5.101.0-1.fc36 kf5-kdav-5.101.0-1.fc36 kf5-kdbusaddons-5.101.0-1.fc36 kf5-kdeclarative-5.101.0-1.fc36 kf5-kded-5.101.0-1.fc36 kf5-kdelibs4support-5.101.0-1.fc36 kf5-kdesignerplugin-5.101.0-1.fc36 kf5-kdesu-5.101.0-1.fc36 kf5-kdewebkit-5.101.0-1.fc36 kf5-kdnssd-5.101.0-1.fc36 kf5-kdoctools-5. 101.0-1.fc36 kf5-kemoticons-5.101.0-1.fc36 kf5-kfilemetadata-5.101.0-1.fc36 kf5-kglobalaccel-5.101.0-1.fc36 kf5-kguiaddons-5.101.0-1.fc36 kf5-kholidays-5.101.0-1.fc36 kf5-khtml-5.101.0-1.fc36 kf5-ki18n-5.101.0-1.fc36 kf5-kiconthemes-5.101.0-1.fc36 kf5-kidletime-5.101.0-1.fc36 kf5-kimageformats-5.101.0-1.fc36 kf5-kinit-5.101.0-1.fc36 kf5-kio-5.101.0-1.fc36 kf5-kirigami2-5.101.0-1.fc36 kf5-kitemmodels-5.101.0-1.fc36 kf5-kitemviews-5.101.0-1.fc36 kf5-kjobwidgets-5.101.0-1.fc36 kf5-kjs-5.101.0-1.fc36 kf5-kjsembed-5.101.0-1.fc36 kf5-kmediaplayer-5.101.0-1.fc36 kf5-knewstuff-5.101.0-1.fc36 kf5-knotifications-5.101.0-1.fc36 kf5-knotifyconfig-5.101.0-1.fc36 kf5-kpackage-5.101.0-1.fc36 kf5-kparts-5.101.0-1.fc36 kf5-kpeople-5.101.0-1.fc36 kf5-kplotting-5.101.0-1.fc36 kf5-kpty-5.101.0-1.fc36 kf5-kquickcharts-5.101.0-1.fc36 kf5-kross-5.101.0-1.fc36 kf5-krunner-5.101.0-1.fc36 kf5-kservice-5.101.0-1.fc36 kf5-ktexteditor-5.101.0-1.fc36 kf5-ktextwidgets-5.101.0-1.fc36 kf5-kunitconversion-5.101.0-1. fc36 kf5-kwallet-5.101.0-1.fc36 kf5-kwayland-5.101.0-1.fc36 kf5-kwidgetsaddons-5.101.0-1.fc36 kf5-kwindowsystem-5.101.0-1.fc36 kf5-kxmlgui-5.101.0-1.fc36 kf5-kxmlrpcclient-5.101.0-1.fc36 kf5-modemmanager-qt-5.101.0-1.fc36 kf5-networkmanager-qt-5.101.0-1.fc36 kf5-plasma-5.101.0-1.fc36 kf5-prison-5.101.0-1.fc36 kf5-purpose-5.101.0-1.fc36 kf5-solid-5.101.0-1.fc36 kf5-sonnet-5.101.0-1.fc36 kf5-syndication-5.101.0-1.fc36 kf5-syntax-highlighting-5.101.0-1.fc36 kf5-threadweaver-5.101.0-1.fc36 oxygen-icon-theme-5.101.0-1.fc36 qqc2-desktop-style-5.101.0-1.fc36 9 https://bodhi.fedoraproject.org/updates/FEDORA-2022-4848fe117b git-2.39.0-1.fc36 7 https://bodhi.fedoraproject.org/updates/FEDORA-2022-cbee720c8f xen-4.16.3-1.fc36 7 https://bodhi.fedoraproject.org/updates/FEDORA-2022-3f40d00dd9 xorg-x11-server-Xwayland-22.1.7-1.fc36 7 https://bodhi.fedoraproject.org/updates/FEDORA-2022-fabaf54050 gdb-12.1-3.fc36 7 https://bodhi.fedoraproject.org/updates/FEDORA-2022-19e019f39c tpm2-tss-3.2.1-1.fc36 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-290f715c04 grub2-2.06-59.fc36 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-3cff953f4b edk2-20221117gitfff6d81270b5-8.fc36 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-a31f25c6a1 samba-4.16.8-1.fc36 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-ef4f57b072 systemd-250.9-1.fc36 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-9b30518993 linux-firmware-20221214-145.fc36 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-8d30f218d5 ethtool-6.1-1.fc36 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-71121c44a4 webkit2gtk3-2.38.3-1.fc36 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-b6c29072a3 thunderbird-102.6.0-2.fc36 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-e7408b527a libksba-1.6.3-1.fc36 3 https://bodhi.fedoraproject.org/updates/FEDORA-2022-e538a8b8e7 btrfs-progs-6.1-1.fc36 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-2a77cf04a0 libretls-3.7.0-1.fc36 netcat-1.219-2.fc36 rpki-client-8.2-3.fc36
The following builds have been pushed to Fedora 36 updates-testing
archlinux-keyring-20221220-1.fc36 binwalk-2.3.3-1.fc36 borgbackup-1.2.3-1.fc36 ddgr-2.1-1.fc36 ghc9.4-9.4.4-15.fc36 jitterentropy-3.4.1-3.fc36 kvantum-1.0.7-1.fc36 lastpass-cli-1.3.4-1.fc36 libspng-0.7.3-1.fc36 mozilla-ublock-origin-1.46.0-1.fc36 nnn-4.7-1.fc36 papirus-icon-theme-20221201-1.fc36 pdd-1.7-1.fc36 perl-Finance-Quote-1.5400-1.fc36 python-limits-2.8.0-1.fc36 python-whois-0.9.19-1.fc36 rng-tools-6.15-5.fc36 swaylock-1.7-1.fc36 zita-alsa-pcmi-0.5.1-1.fc36
Details about builds:
================================================================================ archlinux-keyring-20221220-1.fc36 (FEDORA-2022-67a8507b34) GPG keys used by Arch distribution to sign packages -------------------------------------------------------------------------------- Update Information:
Version 20221220 (#2154797) -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 27 2022 Frantisek Sumsal frantisek@sumsal.cz 20221220-1 - Version 20221220 (#2154797) --------------------------------------------------------------------------------
================================================================================ binwalk-2.3.3-1.fc36 (FEDORA-2022-3727f00e4b) Firmware analysis tool -------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2021-4287 -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 27 2022 Scott Talbert swt@techie.net - 2.3.3-1 - Update to new upstream release 2.3.3 (#2003337 #2156566) * Wed Jul 20 2022 Fedora Release Engineering releng@fedoraproject.org - 2.3.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Mon Jun 13 2022 Python Maint python-maint@redhat.com - 2.3.2-3 - Rebuilt for Python 3.11 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2156565 - CVE-2021-4287 binwalk: symlink directory traversal vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=2156565 --------------------------------------------------------------------------------
================================================================================ borgbackup-1.2.3-1.fc36 (FEDORA-2022-747200e381) A deduplicating backup program with compression and authenticated encryption -------------------------------------------------------------------------------- Update Information:
update to latest version from upstream -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 27 2022 Felix Schwarz fschwarz@fedoraproject.org - 1.2.3-1 - update to 1.2.3 --------------------------------------------------------------------------------
================================================================================ ddgr-2.1-1.fc36 (FEDORA-2022-93d3a92677) DuckDuckGo from the terminal -------------------------------------------------------------------------------- Update Information:
Update to 2.1 -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 27 2022 Robert-Andr�� Mauchin zebob.m@gmail.com 2.1-1 - Update to 2.1 * Thu Jul 21 2022 Fedora Release Engineering releng@fedoraproject.org 2.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2137481 - ddgr-2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2137481 --------------------------------------------------------------------------------
================================================================================ ghc9.4-9.4.4-15.fc36 (FEDORA-2022-c204ff2c99) Glasgow Haskell Compiler -------------------------------------------------------------------------------- Update Information:
- https://www.haskell.org/ghc/blog/20221224-ghc-9.4.4-released.html - https://downloads.haskell.org/~ghc/9.4.4/docs/users_guide/9.4.4-notes.html -------------------------------------------------------------------------------- ChangeLog:
* Mon Dec 26 2022 Jens Petersen petersen@redhat.com - 9.4.4-15 - https://www.haskell.org/ghc/blog/20221224-ghc-9.4.4-released.html - https://downloads.haskell.org/~ghc/9.4.4/docs/users_guide/9.4.4-notes.html * Tue Nov 22 2022 Florian Weimer fweimer@redhat.com - 9.4.3-14 - Avoid implicit declaration of exit in configure check * Wed Nov 9 2022 Jens Petersen petersen@redhat.com - 9.4.3-13 - epel9: disable hadrian for s390x (#2141054) - epel9: disable docs on s390x with make --------------------------------------------------------------------------------
================================================================================ jitterentropy-3.4.1-3.fc36 (FEDORA-2022-09a9ebf80c) Library implementing the jitter entropy source -------------------------------------------------------------------------------- Update Information:
Update rngd to the upstream @ cb8cc624. Update jitter-entropy to the upstream @ 7bf9f85d. Fix a stack corruption on s390x. -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 27 2022 Vladis Dronov vdronov@redhat.com - 3.4.1-3 - Update to the upstream v3.4.1 @ 7bf9f85d - Fix a stack corruption on s390x --------------------------------------------------------------------------------
================================================================================ kvantum-1.0.7-1.fc36 (FEDORA-2022-ac2d741bcc) SVG-based theme engine for Qt5, KDE and LXQt -------------------------------------------------------------------------------- Update Information:
Update to 1.0.7 -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 27 2022 Robert-Andr�� Mauchin zebob.m@gmail.com 1.0.7-1 - Update to 1.0.7 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2138144 - kvantum-1.0.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=2138144 --------------------------------------------------------------------------------
================================================================================ lastpass-cli-1.3.4-1.fc36 (FEDORA-2022-99b88f44ed) Command line interface to LastPass.com -------------------------------------------------------------------------------- Update Information:
Update to 1.3.4 -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 27 2022 Robert-Andr�� Mauchin zebob.m@gmail.com 1.3.4-1 - Update to 1.3.4 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2152341 - lastpass-cli-1.3.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2152341 --------------------------------------------------------------------------------
================================================================================ libspng-0.7.3-1.fc36 (FEDORA-2022-86afd27237) Simple, modern libpng alternative -------------------------------------------------------------------------------- Update Information:
Update to 0.7.3 -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 27 2022 Robert-Andr�� Mauchin zebob.m@gmail.com 0.7.3-1 - Update to 0.7.3 * Thu Jul 21 2022 Fedora Release Engineering releng@fedoraproject.org 0.7.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2152141 - libspng-0.7.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2152141 --------------------------------------------------------------------------------
================================================================================ mozilla-ublock-origin-1.46.0-1.fc36 (FEDORA-2022-9cc8ab7ced) An efficient blocker for Firefox -------------------------------------------------------------------------------- Update Information:
* Add `options` stub to `nofab` scriptlet * Rewrite logger's "exceptor" feature * Use Blob URLs to reliably inject scriptlets -- as suggested by @evilpie * Add `:remove-attr()` and `:remove-class()` pseudo selector operators * Add pseudo- operator `:matches-attr()` * Detect invalid usage of combinators in `:not()` pseudoclass * Give more time for viewport to be ready (in popup panel) -- related feedback * Handle potentially invalid CSS selector (in logger) * Ensure state of more/less in panel reflect locked/disabled sections * Isolate generic cosmetic filters from specific ones in generated stylesheet * Do not cname- uncloak same-origin network requests * Prevent the creation of non-cosmetic extended filters in element picker * Fix visual of DOM inspector layer in dark theme mode * Improve extraction of tokens from regexes * Use placeholders to minimize vertical shifting at page load time * Bundled filter lists in releases are not timestamped * Ensure procedural filters are applied at least once -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 27 2022 Dominik Mierzejewski dominik@greysector.net - 1.46.0-1 - update to 1.46.0 (#2156059) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2156059 - mozilla-ublock-origin-1.46.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2156059 --------------------------------------------------------------------------------
================================================================================ nnn-4.7-1.fc36 (FEDORA-2022-4d141d53fa) The missing terminal file browser for X -------------------------------------------------------------------------------- Update Information:
Update to 4.7 -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 27 2022 Robert-Andr�� Mauchin zebob.m@gmail.com 4.7-1 - Update to 4.7 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2148530 - nnn-4.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=2148530 --------------------------------------------------------------------------------
================================================================================ papirus-icon-theme-20221201-1.fc36 (FEDORA-2022-5ca4f4c6dd) Free and open source SVG icon theme based on Paper Icon Set -------------------------------------------------------------------------------- Update Information:
Update to 20221201 -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 27 2022 Robert-Andr�� Mauchin zebob.m@gmail.com 20221201-1 - Update to 20221201 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2150442 - papirus-icon-theme-20221201 is available https://bugzilla.redhat.com/show_bug.cgi?id=2150442 --------------------------------------------------------------------------------
================================================================================ pdd-1.7-1.fc36 (FEDORA-2022-8e566b2838) Tiny date, time diff calculator -------------------------------------------------------------------------------- Update Information:
Update to 1.7 -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 27 2022 Robert-Andr�� Mauchin zebob.m@gmail.com 1.7-1 - Update to 1.7 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2150613 - pdd-1.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=2150613 --------------------------------------------------------------------------------
================================================================================ perl-Finance-Quote-1.5400-1.fc36 (FEDORA-2022-9f9bf76eea) A Perl module that retrieves stock and mutual fund quotes -------------------------------------------------------------------------------- Update Information:
Current upstream release, with new sources and bug fixes for some existing sources. -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 27 2022 Paul Howarth paul@city-fan.org - 1.5400-1 - Update to 1.54 - Fix to AEX.pm (GH#235, GH#244) - New modules Sinvestor.pm, Tradegate.pm and XETRA.pm (GH#243) - Updates to TMX.pm (Toronto Stock Exchange) (GH#248 and GH#253) - Reverted API change (GH#230) in CurrencyRates/AlphaVantage.pm (GH#249) - Fix to Fondsweb.pm (GH#250) * Wed Oct 12 2022 Gwyn Ciesla gwync@protonmail.com - 1.5301-1 - 1.5301 --------------------------------------------------------------------------------
================================================================================ python-limits-2.8.0-1.fc36 (FEDORA-2022-a6f7379ebb) Utilities to implement rate limiting using various strategies -------------------------------------------------------------------------------- Update Information:
Update to 2.8.0 -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 27 2022 Benjamin A. Beasley code@musicinmybrain.net - 2.8.0-1 - Drop F35 conditionals - Update to 2.8.0 (close RHBZ#2152428) --------------------------------------------------------------------------------
================================================================================ python-whois-0.9.19-1.fc36 (FEDORA-2022-c78cb306e1) Python module for retrieving WHOIS information of domains -------------------------------------------------------------------------------- Update Information:
Update to v0.9.19 -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 27 2022 Artur Frenszek-Iwicki fedora@svgames.pl - 0.9.19-1 - Update to v0.9.19 - Switch to using GitHub tarballs (PyPi sources do not contain tests) --------------------------------------------------------------------------------
================================================================================ rng-tools-6.15-5.fc36 (FEDORA-2022-09a9ebf80c) Random number generator related utilities -------------------------------------------------------------------------------- Update Information:
Update rngd to the upstream @ cb8cc624. Update jitter-entropy to the upstream @ 7bf9f85d. Fix a stack corruption on s390x. -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 27 2022 Vladis Dronov vdronov@redhat.com - 6.15-5 - Update to the upstream v6.15 + tip of origin/master @ cb8cc624 --------------------------------------------------------------------------------
================================================================================ swaylock-1.7-1.fc36 (FEDORA-2022-29bb0f8f68) Screen locker for Wayland -------------------------------------------------------------------------------- Update Information:
Update to 1.7 (#2148746) -------------------------------------------------------------------------------- ChangeLog:
* Sat Dec 3 2022 Aleksei Bavshin alebastr@fedoraproject.org 1.7-1 - Update to 1.7 (#2148746) * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org 1.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ zita-alsa-pcmi-0.5.1-1.fc36 (FEDORA-2022-bbb16df6fc) ALSA C++ library -------------------------------------------------------------------------------- Update Information:
Update to 0.5.1 -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 27 2022 Guido Aulisi guido.aulisi@gmail.com - 0.5.1-1 - Update to 0.5.1 - Fix bug 2156573 * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org - 0.4.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2156573 - bug in previous versions causes incorrect operation with common audio format https://bugzilla.redhat.com/show_bug.cgi?id=2156573 --------------------------------------------------------------------------------