The following Fedora 36 Security updates need testing: Age URL 11 https://bodhi.fedoraproject.org/updates/FEDORA-2022-6ec78b2586 device-mapper-multipath-0.8.7-9.fc36 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-d1682fef04 mingw-python3-3.10.8-1.fc36 5 https://bodhi.fedoraproject.org/updates/FEDORA-2022-185482f0a7 mediawiki-1.37.6-1.fc36 5 https://bodhi.fedoraproject.org/updates/FEDORA-2022-c9a1fd5370 mingw-gcc-11.2.1-6.fc36 5 https://bodhi.fedoraproject.org/updates/FEDORA-2022-ebd5bb0478 exim-4.96-5.fc36 5 https://bodhi.fedoraproject.org/updates/FEDORA-2022-07438e12df xen-4.16.2-3.fc36 5 https://bodhi.fedoraproject.org/updates/FEDORA-2022-5f28fceec0 dotnet6.0-6.0.110-2.fc36 4 https://bodhi.fedoraproject.org/updates/FEDORA-2022-37c2d26f59 php-pear-CAS-1.6.0-1.fc36 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-3cf0e7ebc7 mingw-pixman-0.42.2-1.fc36 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-49db80f821 mingw-expat-2.5.0-1.fc36 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-3c933ffaca mingw-libtasn1-4.19.0-1.fc36 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-ce32af66d6 webkit2gtk3-2.38.2-1.fc36 1 https://bodhi.fedoraproject.org/updates/FEDORA-2022-9a9a638d09 android-tools-33.0.3p1-1.fc36
The following Fedora 36 Critical Path updates have yet to be approved: Age URL 16 https://bodhi.fedoraproject.org/updates/FEDORA-2022-57ee5658ba annobin-10.91-1.fc36 11 https://bodhi.fedoraproject.org/updates/FEDORA-2022-362bd01539 python3-docs-3.10.8-1.fc36 python3.10-3.10.8-1.fc36 11 https://bodhi.fedoraproject.org/updates/FEDORA-2022-6ec78b2586 device-mapper-multipath-0.8.7-9.fc36 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-95075fcd45 gnome-control-center-42.4-1.fc36 6 https://bodhi.fedoraproject.org/updates/FEDORA-2022-7ef19edbdc expat-2.5.0-1.fc36 5 https://bodhi.fedoraproject.org/updates/FEDORA-2022-0c6f7be0c2 xorg-x11-server-Xwayland-22.1.5-1.fc36 5 https://bodhi.fedoraproject.org/updates/FEDORA-2022-07438e12df xen-4.16.2-3.fc36 5 https://bodhi.fedoraproject.org/updates/FEDORA-2022-e7a369b2b8 libxcrypt-4.4.30-1.fc36 3 https://bodhi.fedoraproject.org/updates/FEDORA-2022-d7349a124a libxml2-2.10.3-2.fc36 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-ce32af66d6 webkit2gtk3-2.38.2-1.fc36 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-e50a5b9a6e gnome-shell-42.6-1.fc36 mutter-42.6-1.fc36 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-edcd70289a gnutls-3.7.8-3.fc36 2 https://bodhi.fedoraproject.org/updates/FEDORA-2022-dd32e9e6e4 kernel-6.0.7-200.fc36
The following builds have been pushed to Fedora 36 updates-testing
R-littler-0.3.17-1.fc36 ardour7-7.1.0-2.fc36 avahi-0.8-16.fc36 cockpit-279-1.fc36 cockpit-ostree-191-1.fc36 cockpit-podman-56-1.fc36 crosswords-0.3.6-2.fc36 crun-1.7-1.fc36 etcd-3.5.5-2.fc36 gerbera-1.12.0-1.fc36 golang-github-geoffgarside-ber-1.1.0-1.fc36 golang-github-hirochachacha-smb2-1.1.0-1.fc36 golang-github-hokaccha-prettyjson-0-0.1.20220921git0474bc6.fc36 golang-github-max-sum-base32768-0-0.2.20220523git7937843.fc36 golang-github-rclone-ftp-0-0.3.20221103gite44dedb.fc36 golang-storj-uplink-1.9.0-1.fc36 golang-uber-ratelimit-0.2.0-1.fc36 kitty-0.26.5-3.fc36 libfido2-1.10.0-5.fc36 libipuz-0.3.0-1.fc36 magic-8.3.335-1.fc36 nodejs-16.18.1-1.fc36 php-bartlett-PHP-CompatInfo-6.5.3-1.fc36 php-pecl-igbinary-3.2.12-1.fc36 php-ramsey-uuid-4.6.0-1.fc36 pungi-4.3.6-2.fc36 python-Mastodon-1.5.2-1.fc36 python-authlib-1.1.0-1.fc36 python-colcon-alias-0.0.2-2.fc36 python-colcon-python-setup-py-0.2.8-1.fc36 rcs-5.10.1-3.fc36 rust-byte-unit-4.0.17-1.fc36 rust-caps-0.5.5-1.fc36 rust-defer-drop-1.3.0-1.fc36 rust-fs-err-2.9.0-1.fc36 rust-html-escape-0.2.12-1.fc36 rust-ipnet-2.5.1-1.fc36 rust-libloading-0.7.4-1.fc36 rust-num_cpus-1.14.0-1.fc36 rust-ppv-lite86-0.2.17-1.fc36 rust-scoped-tls-1.0.1-1.fc36 rust-stderrlog-0.5.4-1.fc36 rust-sys-locale-0.2.3-1.fc36 supertuxkart-1.4-2.fc36
Details about builds:
================================================================================ R-littler-0.3.17-1.fc36 (FEDORA-2022-3c72f6d4a2) littler: R at the Command-Line via 'r' -------------------------------------------------------------------------------- Update Information:
littler 0.3.17 -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Mattias Ellert mattias.ellert@physics.uu.se - 0.3.17-1 - New upstream release 0.3.17 --------------------------------------------------------------------------------
================================================================================ ardour7-7.1.0-2.fc36 (FEDORA-2022-2ec88fe375) Digital Audio Workstation -------------------------------------------------------------------------------- Update Information:
This package contains version 7.x of the Ardour Digital Audio Workstation. It will attempt to convert existing projects to its new format, but is not 100% compatible so please keep the old version around if you want to work with old projects. -------------------------------------------------------------------------------- ChangeLog:
* Sun Nov 6 2022 Nils Philippsen nils@tiptoe.de 7.1.0-1 - Initial version of the package --------------------------------------------------------------------------------
================================================================================ avahi-0.8-16.fc36 (FEDORA-2022-03f34f2943) Local network service discovery -------------------------------------------------------------------------------- Update Information:
- ``avahi-discover`` fix -------------------------------------------------------------------------------- ChangeLog:
* Tue Nov 1 2022 Christian Krause chkr@fedoraproject.org - 0.8-16 - Install glade file for avahi-discover-standalone unconditionally (fixes #2036073 and #2126721) - Install desktop files for bssh and bvnc unconditionally -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2036073 - avahi-disconver-standalone does not start https://bugzilla.redhat.com/show_bug.cgi?id=2036073 [ 2 ] Bug #2126721 - avahi-discover-standalone shows no GUI https://bugzilla.redhat.com/show_bug.cgi?id=2126721 --------------------------------------------------------------------------------
================================================================================ cockpit-279-1.fc36 (FEDORA-2022-9dd5ded435) Web Console for Linux servers -------------------------------------------------------------------------------- Update Information:
- Dark theme support -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Packit hello@packit.dev - 279-1 - Dark theme support --------------------------------------------------------------------------------
================================================================================ cockpit-ostree-191-1.fc36 (FEDORA-2022-873be3ff86) Cockpit user interface for rpm-ostree -------------------------------------------------------------------------------- Update Information:
New upstream release: 191 -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Packit hello@packit.dev - 1:191-1 - Dark theme support --------------------------------------------------------------------------------
================================================================================ cockpit-podman-56-1.fc36 (FEDORA-2022-b401d4cc2c) Cockpit component for Podman containers -------------------------------------------------------------------------------- Update Information:
New upstream release: 55 -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Packit hello@packit.dev - 56-1 - Dark theme support --------------------------------------------------------------------------------
================================================================================ crosswords-0.3.6-2.fc36 (FEDORA-2022-a749d71cb1) Solve crossword puzzles -------------------------------------------------------------------------------- Update Information:
crosswords 0.3.6 -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Davide Cavalca dcavalca@fedoraproject.org 0.3.6-2 - Relax gtk4 dependency on f36 * Sun Nov 6 2022 Davide Cavalca dcavalca@fedoraproject.org 0.3.6-1 - Update to 0.3.6; Fixes: RHBZ#2140452 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2140442 - libipuz-0.3.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2140442 [ 2 ] Bug #2140452 - crosswords-0.3.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=2140452 --------------------------------------------------------------------------------
================================================================================ crun-1.7-1.fc36 (FEDORA-2022-3469e5976d) OCI runtime written in C -------------------------------------------------------------------------------- Update Information:
New release of crun with wasm support. ---- enable wasm support, depends on FEDORA-2022-ff1b11ae98 -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Daniel J Walsh dwalsh@redhat.com 1.7-1 - local build * Fri Nov 4 2022 Lokesh Mandvekar lsm5@fedoraproject.org 1.6-8 - enable wasm support * Fri Nov 4 2022 Troy Dawson tdawson@fedoraproject.org 1.6-7 - Add ExclusiveArch * Fri Oct 7 2022 Lokesh Mandvekar lsm5@fedoraproject.org 1.6-6 - Revert "auto bump to 1.6" * Fri Oct 7 2022 RH Container Bot rhcontainerbot@fedoraproject.org 1.6-5 - auto bump to 1.6 * Tue Oct 4 2022 Lokesh Mandvekar lsm5@fedoraproject.org 1.6-4 - remove debbuild macros to comply with fedora guidelines * Wed Sep 28 2022 Daniel J Walsh dwalsh@redhat.com 1.6-3 - local build --------------------------------------------------------------------------------
================================================================================ etcd-3.5.5-2.fc36 (FEDORA-2022-0cc58bf8a9) Distributed reliable key-value store for the most critical data of a distributed system -------------------------------------------------------------------------------- Update Information:
Update to 3.5.5 -------------------------------------------------------------------------------- ChangeLog:
* Sun Nov 6 2022 Robert-Andr�� Mauchin zebob.m@gmail.com 3.5.5-2 - Update to 3.5.5 * Sun Nov 6 2022 Robert-Andr�� Mauchin zebob.m@gmail.com 3.5.5-1 - Bootstrap * Wed Aug 10 2022 Maxwell G gotmax@e.email 3.5.0-11 - Rebuild to fix FTBFS * Wed Aug 10 2022 Maxwell G gotmax@e.email 3.5.0-10 - Rebuild to fix FTBFS * Thu Jul 21 2022 Fedora Release Engineering releng@fedoraproject.org 3.5.0-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Tue Jul 19 2022 Maxwell G gotmax@e.email 3.5.0-8 - Rebuild for CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in golang * Thu Jun 23 2022 Maxwell G gotmax@e.email 3.5.0-7 - Rebuild to mitigate CVE-2022-21698 (rhbz#2067400). * Sun Jun 19 2022 Robert-Andr�� Mauchin zebob.m@gmail.com 3.5.0-6 - Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191, CVE-2022-29526, CVE-2022-30629 * Thu Jan 20 2022 Fedora Release Engineering releng@fedoraproject.org 3.5.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2014732 - etcd-3.6.0-alpha.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2014732 [ 2 ] Bug #2045359 - etcd: FTBFS in Fedora rawhide/f36 https://bugzilla.redhat.com/show_bug.cgi?id=2045359 --------------------------------------------------------------------------------
================================================================================ gerbera-1.12.0-1.fc36 (FEDORA-2022-22f6ed302f) UPnP Media Server -------------------------------------------------------------------------------- Update Information:
1.12.0 -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Gwyn Ciesla gwync@protonmail.com - 1.12.0-1 - 1.12.0 * Thu Nov 3 2022 Vitaly Zaitsev vitaly@easycoding.org - 1.11.0-4 - Rebuilt due to spdlog update. - Fixed FTBFS on Rawhide. Closes rhbz#2139904. * Thu Jul 21 2022 Fedora Release Engineering releng@fedoraproject.org - 1.11.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Wed Jul 20 2022 Mamoru TASAKA mtasaka@fedoraproject.org - 1.11.0-2 - Patch for fmt-9 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2140402 - gerbera-1.12.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2140402 --------------------------------------------------------------------------------
================================================================================ golang-github-geoffgarside-ber-1.1.0-1.fc36 (FEDORA-2022-06051865de) Fork of golang pkg `encoding/asn1` to support the Basic Encoding Rules -------------------------------------------------------------------------------- Update Information:
Initial package -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Mikel Olasagasti Uranga mikel@olasagasti.info 1.1.0-1 - Initial package - Closes rhbz#2139919 --------------------------------------------------------------------------------
================================================================================ golang-github-hirochachacha-smb2-1.1.0-1.fc36 (FEDORA-2022-e7a0a4d19d) SMB2/3 client library written in Go -------------------------------------------------------------------------------- Update Information:
Initial package -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Mikel Olasagasti Uranga mikel@olasagasti.info 1.1.0-1 - Initial package - Closes rhbz#2139920 --------------------------------------------------------------------------------
================================================================================ golang-github-hokaccha-prettyjson-0-0.1.20220921git0474bc6.fc36 (FEDORA-2022-68b0758591) JSON pretty print for Golang -------------------------------------------------------------------------------- Update Information:
Initial package -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Mikel Olasagasti Uranga mikel@olasagasti.info 0-0.1 - Initial package - Closes rhzb#2128596 --------------------------------------------------------------------------------
================================================================================ golang-github-max-sum-base32768-0-0.2.20220523git7937843.fc36 (FEDORA-2022-7c4bb482ec) Go implementation of base32768, optimized for UTF-16 -------------------------------------------------------------------------------- Update Information:
Dep for rclone -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 21 2022 Fedora Release Engineering releng@fedoraproject.org 0-0.2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Mon May 23 2022 Mikel Olasagasti Uranga mikel@olasagasti.info 0-0.1 - Initial package - Closes rhbz#2089267 --------------------------------------------------------------------------------
================================================================================ golang-github-rclone-ftp-0-0.3.20221103gite44dedb.fc36 (FEDORA-2022-8665317600) FTP client package for Go -------------------------------------------------------------------------------- Update Information:
Update for rclone-1.60 -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Mikel Olasagasti Uranga mikel@olasagasti.info 0-0.3 - Update to latest spec * Thu Jul 21 2022 Fedora Release Engineering releng@fedoraproject.org 0-0.2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Mon May 23 2022 Mikel Olasagasti Uranga mikel@olasagasti.info 0-0.1 - Initial package - Closes rhbz#2089268 --------------------------------------------------------------------------------
================================================================================ golang-storj-uplink-1.9.0-1.fc36 (FEDORA-2022-50821d437e) Storj network Go library -------------------------------------------------------------------------------- Update Information:
Update to 1.9.0 for rclone-1.60 -------------------------------------------------------------------------------- ChangeLog:
* Sat Sep 10 2022 Mikel Olasagasti Uranga mikel@olasagasti.info 1.9.0-1 - Update to 1.9.0 - Closes rhbz#1963583 rhbz#2113422 --------------------------------------------------------------------------------
================================================================================ golang-uber-ratelimit-0.2.0-1.fc36 (FEDORA-2022-cd6852593b) A Golang blocking leaky-bucket rate limit implementation -------------------------------------------------------------------------------- Update Information:
Update to 0.2.0 -------------------------------------------------------------------------------- ChangeLog:
* Thu Sep 1 2022 Mikel Olasagasti Uranga mikel@olasagasti.info 0.2.0-1 - Update to 0.2.0 - Fixes rhbz#2113423 * Thu Jul 21 2022 Fedora Release Engineering releng@fedoraproject.org - 0.1.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ kitty-0.26.5-3.fc36 (FEDORA-2022-5722be7707) Cross-platform, fast, feature full, GPU based terminal emulator -------------------------------------------------------------------------------- Update Information:
version 0.26.5 -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Yaroslav Sidlovsky zawertun@gmail.com 0.26.5-1 - version 0.26.5 --------------------------------------------------------------------------------
================================================================================ libfido2-1.10.0-5.fc36 (FEDORA-2022-e9b4931c9c) FIDO2 library -------------------------------------------------------------------------------- Update Information:
Fixes libfido2 release 1.10.0 with OpenSSL 3.0 when using rs256_pk_from_EVP_PKEY. Fixed by upstream patch. -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 4 2022 Iker Pedrosa ipedrosa@redhat.com - 1.10.0-5 - rs256: fix rs256_pk_from_EVP_PKEY with OpenSSL 3 (#2139809) --------------------------------------------------------------------------------
================================================================================ libipuz-0.3.0-1.fc36 (FEDORA-2022-a749d71cb1) Library for parsing .ipuz puzzle files -------------------------------------------------------------------------------- Update Information:
crosswords 0.3.6 -------------------------------------------------------------------------------- ChangeLog:
* Sun Nov 6 2022 Davide Cavalca dcavalca@fedoraproject.org 0.3.0-1 - Update to 0.3.0; Fixes: RHBZ#2140442 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2140442 - libipuz-0.3.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2140442 [ 2 ] Bug #2140452 - crosswords-0.3.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=2140452 --------------------------------------------------------------------------------
================================================================================ magic-8.3.335-1.fc36 (FEDORA-2022-3fc6fdbd48) A very capable VLSI layout tool -------------------------------------------------------------------------------- Update Information:
New version 8.3.335 is released. -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Mamoru TASAKA mtasaka@fedoraproject.org - 8.3.335-1 - 8.3.335 --------------------------------------------------------------------------------
================================================================================ nodejs-16.18.1-1.fc36 (FEDORA-2022-52dec6351a) JavaScript runtime -------------------------------------------------------------------------------- Update Information:
November 2022 Security Updates https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/ ---- [September Security Updates for Node.js](https://nodejs.org/en/blog/vulnerability/september-2022-security- releases/) ---- Update to Node.js 16.17.0 https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V16.md#16.... ---- Fix dependency typo ---- Update to 16.15.0 ---- Update to Node.js 16.14.1 Note that we will be skipping 16.14.2 since the only changes were in the bundled copy of OpenSSL, which we do not use. The relevant security patches are handled in Fedora's `openssl` package. -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Stephen Gallagher sgallagh@redhat.com 1:16.18.1-1 - Update to security release 16.18.1 * Thu Nov 3 2022 Stephen Gallagher sgallagh@redhat.com 1:16.17.1-3 - Update python3_fixup * Fri Sep 23 2022 Stephen Gallagher sgallagh@redhat.com 1:16.17.1-2 - Backport nodejs-sources.sh * Fri Sep 23 2022 Stephen Gallagher sgallagh@redhat.com 1:16.17.1-1 - Update to 16.17.1 * Thu Sep 15 2022 Stephen Gallagher sgallagh@redhat.com 1:16.17.0-3 - Drop epel7 from package.cfg * Thu Sep 15 2022 Stephen Gallagher sgallagh@redhat.com 1:16.17.0-2 - Simplify manpage packaging * Wed Sep 14 2022 Stephen Gallagher sgallagh@redhat.com 1:16.17.0-1 - Update to Node.js 16.17.0 - https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V16.md# 16.17.0 * Fri Jul 15 2022 Stephen Gallagher sgallagh@redhat.com 1:16.16.0-1 - Update to 16.16.0 * Mon Jul 11 2022 Stephen Gallagher sgallagh@redhat.com 1:16.15.1-2 - Backport nodejs-sources.sh from 18 * Mon Jun 13 2022 Stephen Gallagher sgallagh@redhat.com - 1:16.15.1-1 - Update to Node.js 16.15.1 - Re-enable LTO build * Fri May 6 2022 Stephen Gallagher sgallagh@redhat.com - 1:16.15.0-3 - Fix incorrect epoch in v8-devel dependency * Fri Apr 29 2022 Stephen Gallagher sgallagh@redhat.com - 1:16.15.0-2 - Fix file conflicts. - Make dependency on nodejs-libs more strict. * Wed Apr 27 2022 Stephen Gallagher sgallagh@redhat.com - 1:16.15.0-1 - Update to Node.js 16.15.0 - Stop carrying full ICU sources now that the binary data is available - Properly version the v8 virtual Provides - Bundle nghttp2 * Mon Apr 4 2022 Jan Stan��k jstanek@redhat.com - 16.14.1-2 - Unify configure.py calls into single command - Refactor bootstrap-related parts - Decouple dependency bundling from bootstrapping * Thu Mar 17 2022 Stephen Gallagher sgallagh@redhat.com - 1:16.14.1-1 - Update to Node.js 16.14.1 - Drop corepack * Thu Mar 3 2022 Zuzana Svetlikova zsvetlik@redhat.com - 1:16.14.0-3 - Build without corepack -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2105422 - CVE-2022-32212 nodejs: DNS rebinding in --inspect via invalid IP addresses https://bugzilla.redhat.com/show_bug.cgi?id=2105422 [ 2 ] Bug #2105426 - CVE-2022-32215 nodejs: HTTP request smuggling due to incorrect parsing of multi-line Transfer-Encoding https://bugzilla.redhat.com/show_bug.cgi?id=2105426 [ 3 ] Bug #2105430 - CVE-2022-32213 nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding https://bugzilla.redhat.com/show_bug.cgi?id=2105430 [ 4 ] Bug #2130517 - CVE-2022-35255 nodejs: weak randomness in WebCrypto keygen https://bugzilla.redhat.com/show_bug.cgi?id=2130517 [ 5 ] Bug #2130518 - CVE-2022-35256 nodejs: HTTP Request Smuggling due to incorrect parsing of header fields https://bugzilla.redhat.com/show_bug.cgi?id=2130518 --------------------------------------------------------------------------------
================================================================================ php-bartlett-PHP-CompatInfo-6.5.3-1.fc36 (FEDORA-2022-0e4ab41245) Find out version and the extensions required for a piece of code to run -------------------------------------------------------------------------------- Update Information:
**bartlett/php-compatinfo-db 4.8.0** Added * PHP 7.4.33 support Fixed * Project Directory is not well detected with PHAR distribution ---- **bartlett/php-compatinfo-db 4.7.1** Fixed * add missing bartlett/box- manifest dev dependency to allow bartlett/umlwriter to draw diagram classes ---- **bartlett/php-compatinfo-db 4.7.1** Added * PHP 8.0.25 support * PHP 8.1.12 support * PHP 8.2.0RC5 support ---- **bartlett/php-compatinfo 6.5.3** Fixed * Auto-diagnose is not launched with PHAR distribution -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Remi Collet remi@remirepo.net - 6.5.3-1 - update to 6.5.3 - update bundled bartlett/php-compatinfo-db to 4.8.0 --------------------------------------------------------------------------------
================================================================================ php-pecl-igbinary-3.2.12-1.fc36 (FEDORA-2022-4b5f8afadf) Replacement for the standard PHP serializer -------------------------------------------------------------------------------- Update Information:
**Version 3.2.12** * Fix symbol error seen in php 8.2.0 loading zend_class_unserialize_deny, due to failing to load a header defining a macro. ---- **Version 3.2.11** * Fix a bug that could prevent objects/arrays with reference cycles from being properly garbage collected. * Fix bugs in unserializing PHP references to values found in php 7.4 typed properties (#363) ---- **Version 3.2.10** * Add a macro that callers can use to check if igbinary will accept the header for data being unserialized. * Fix bug preventing the unserialization of data containing representations of strings larger than 4GB. -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Remi Collet remi@remirepo.net - 3.2.12-1 - update to 3.2.12 * Mon Nov 7 2022 Remi Collet remi@remirepo.net - 3.2.11-1 - update to 3.2.11 --------------------------------------------------------------------------------
================================================================================ php-ramsey-uuid-4.6.0-1.fc36 (FEDORA-2022-e9b89d1440) Library for generating and working with UUIDs -------------------------------------------------------------------------------- Update Information:
**Version 4.6.0** - 2022-11-05 Added * Add support for version 8, Unix Epoch time UUIDs, as defined in [draft-ietf-uuidrev-rfc4122bis-00, section 5.8][version8]. While still an Internet-Draft, version 8 is stable and unlikely to change in any way that breaks compatibility. * Use `Ramsey\Uuid\Uuid::uuid8()` to generate version 8 UUIDs. * Version 8 UUIDs are of type `Ramsey\Uuid\Rfc4122\UuidV8`. * The constant `Ramsey\Uuid\Uuid::UUID_TYPE_CUSTOM` exists for version 8 UUIDs. -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Remi Collet remi@remirepo.net - 4.6.0-1 - update to 4.6.0 --------------------------------------------------------------------------------
================================================================================ pungi-4.3.6-2.fc36 (FEDORA-2022-1c5dc52592) Distribution compose tool -------------------------------------------------------------------------------- Update Information:
Backport patch to stop including useless comps files in modular repositories. -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Lubom��r Sedl���� lsedlar@redhat.com - 4.3.6-2 - Stop including comps in modular repos --------------------------------------------------------------------------------
================================================================================ python-Mastodon-1.5.2-1.fc36 (FEDORA-2022-380af63e0b) Python wrapper for the Mastodon API -------------------------------------------------------------------------------- Update Information:
1.5.2 -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Gwyn Ciesla gwync@protonmail.com - 1.5.2-1 - 1.5.2 * Fri Jul 22 2022 Fedora Release Engineering releng@fedoraproject.org - 1.5.1-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Mon Jun 13 2022 Python Maint python-maint@redhat.com - 1.5.1-8 - Rebuilt for Python 3.11 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2140477 - python-Mastodon-1.5.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2140477 --------------------------------------------------------------------------------
================================================================================ python-authlib-1.1.0-1.fc36 (FEDORA-2022-d7db386048) Build OAuth and OpenID Connect servers in Python -------------------------------------------------------------------------------- Update Information:
Update to v1.1.0 -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 4 2022 Kai A. Hiller V02460@gmail.com - 1.1.0-1 - Update to v1.1.0 * Fri Jul 22 2022 Fedora Release Engineering releng@fedoraproject.org - 1.0.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Tue Jun 14 2022 Python Maint python-maint@redhat.com - 1.0.1-3 - Rebuilt for Python 3.11 --------------------------------------------------------------------------------
================================================================================ python-colcon-alias-0.0.2-2.fc36 (FEDORA-2022-f951710260) Extension for colcon to create and modify command aliases -------------------------------------------------------------------------------- Update Information:
Initial build of `colcon_alias`. -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 4 2022 Scott K Logan logans@cottsay.net - 0.0.2-2 - Update description - Update project URL * Sun Feb 20 2022 Scott K Logan logans@cottsay.net - 0.0.2-1 - Initial package (rhbz#2056369) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2056369 - Review Request: python-colcon-alias - Extension for colcon to create and modify command aliases https://bugzilla.redhat.com/show_bug.cgi?id=2056369 --------------------------------------------------------------------------------
================================================================================ python-colcon-python-setup-py-0.2.8-1.fc36 (FEDORA-2022-b8912eba54) Extension for colcon to support Python packages with a setup.py file -------------------------------------------------------------------------------- Update Information:
Update to `colcon_python_setup_py` 0.2.8. -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Scott K Logan logans@cottsay.net - 0.2.8-1 - Update to 0.2.8 (rhbz#2128557) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2128557 - python-colcon-python-setup-py-0.2.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=2128557 --------------------------------------------------------------------------------
================================================================================ rcs-5.10.1-3.fc36 (FEDORA-2022-e41f3c9789) Revision Control System (RCS) file version management tools -------------------------------------------------------------------------------- Update Information:
SPDX update -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Christoph Karl <pampelmuse [AT] gmx [DOT] at> - 5.10.1-3 - SPDX * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org - 5.10.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ rust-byte-unit-4.0.17-1.fc36 (FEDORA-2022-f429cc55fe) Library for interaction with units of bytes -------------------------------------------------------------------------------- Update Information:
Update to version 4.0.17. -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Fabio Valentini decathorpe@gmail.com 4.0.17-1 - Update to version 4.0.17; Fixes RHBZ#2139267 * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org 4.0.14-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ rust-caps-0.5.5-1.fc36 (FEDORA-2022-2ef768990a) Pure-Rust library to work with Linux capabilities -------------------------------------------------------------------------------- Update Information:
Update to version 0.5.5. -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Fabio Valentini decathorpe@gmail.com 0.5.5-1 - Update to version 0.5.5; Fixes RHBZ#2139375 --------------------------------------------------------------------------------
================================================================================ rust-defer-drop-1.3.0-1.fc36 (FEDORA-2022-3f465bb557) Defer dropping large types to a background thread -------------------------------------------------------------------------------- Update Information:
Update to version 1.3.0. -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Fabio Valentini decathorpe@gmail.com 1.3.0-1 - Update to version 1.3.0; Fixes RHBZ#2139562 * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org 1.2.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ rust-fs-err-2.9.0-1.fc36 (FEDORA-2022-3b8037897e) Drop-in replacement for std::fs with more helpful error messages -------------------------------------------------------------------------------- Update Information:
Update to version 2.9.0. -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Fabio Valentini decathorpe@gmail.com 2.9.0-1 - Update to version 2.9.0; Fixes RHBZ#2138696 --------------------------------------------------------------------------------
================================================================================ rust-html-escape-0.2.12-1.fc36 (FEDORA-2022-70e448dc2d) Library for escaping special characters and unescaping HTML entities in HTML -------------------------------------------------------------------------------- Update Information:
Update to version 0.2.12. -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Fabio Valentini decathorpe@gmail.com 0.2.12-1 - Update to version 0.2.12; Fixes RHBZ#2139350 * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org 0.2.11-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ rust-ipnet-2.5.1-1.fc36 (FEDORA-2022-780d35063b) Provides types and useful methods for working with IP prefixes -------------------------------------------------------------------------------- Update Information:
Update to version 2.5.1. -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Fabio Valentini decathorpe@gmail.com 2.5.1-1 - Update to version 2.5.1; Fixes RHBZ#2140455 * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org 2.5.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ rust-libloading-0.7.4-1.fc36 (FEDORA-2022-ab87e6e456) Bindings for native dynamic library loading primitives -------------------------------------------------------------------------------- Update Information:
Update to version 0.7.4. -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Fabio Valentini decathorpe@gmail.com 0.7.4-1 - Update to version 0.7.4; Fixes RHBZ#2140482 * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org 0.7.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ rust-num_cpus-1.14.0-1.fc36 (FEDORA-2022-97f502ef59) Get the number of CPUs on a machine -------------------------------------------------------------------------------- Update Information:
Update to version 1.14.0. -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Fabio Valentini decathorpe@gmail.com 1.14.0-1 - Update to version 1.14.0; Fixes RHBZ#2139900 * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org 1.13.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ rust-ppv-lite86-0.2.17-1.fc36 (FEDORA-2022-472b64e627) Implementation of the crypto-simd API for x86 -------------------------------------------------------------------------------- Update Information:
Update to version 0.2.17. -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Fabio Valentini decathorpe@gmail.com 0.2.17-1 - Update to version 0.2.17; Fixes RHBZ#2140252 * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org 0.2.16-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ rust-scoped-tls-1.0.1-1.fc36 (FEDORA-2022-f4f2f8de7b) Provide scoped access to thread local storage (TLS) -------------------------------------------------------------------------------- Update Information:
Update to version 1.0.1. -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Fabio Valentini decathorpe@gmail.com 1.0.1-1 - Update to version 1.0.1; Fixes RHBZ#2138922 * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org 1.0.0-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ rust-stderrlog-0.5.4-1.fc36 (FEDORA-2022-549248994d) Logger that logs to stderr based on verbosity specified -------------------------------------------------------------------------------- Update Information:
Update to version 0.5.4. -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Fabio Valentini decathorpe@gmail.com 0.5.4-1 - Update to version 0.5.4; Fixes RHBZ#2139980 * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org 0.5.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ rust-sys-locale-0.2.3-1.fc36 (FEDORA-2022-cd88cd5269) Small and lightweight library to obtain the active system locale -------------------------------------------------------------------------------- Update Information:
Update to version 0.2.3. -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Fabio Valentini decathorpe@gmail.com 0.2.3-1 - Update to version 0.2.3; Fixes RHBZ#2140449 * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org 0.2.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ supertuxkart-1.4-2.fc36 (FEDORA-2022-770cc824ae) Kids 3D go-kart racing game featuring Tux -------------------------------------------------------------------------------- Update Information:
Fix soccer ball rolling bug. ---- 1.4 -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 7 2022 Gwyn Ciesla gwync@protonmail.com - 1.4-2 - Patch to fix soccer ball rolling. * Tue Nov 1 2022 Gwyn Ciesla gwync@protonmail.com - 1.4-1 - 1.4 * Sat Jul 23 2022 Fedora Release Engineering releng@fedoraproject.org - 1.3-3.2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2127956 - supertuxkart-1.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2127956 [ 2 ] Bug #2140459 - in supertuxkart soccer, ball doesn't rotate https://bugzilla.redhat.com/show_bug.cgi?id=2140459 --------------------------------------------------------------------------------