The following Fedora 36 Security updates need testing:
Age URL
56
https://bodhi.fedoraproject.org/updates/FEDORA-2022-3f20cdb0eb
booth-1.0-262.2.d0ac26c.git.fc36
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-d048c0dde2
dokuwiki-20200729a-1.fc36
5
https://bodhi.fedoraproject.org/updates/FEDORA-2022-a77b646471
webkit2gtk3-2.38.0-2.fc36
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-95000d85e2
libofx-0.10.7-2.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-b60ea83571 gajim-1.5.1-1.fc36
python-nbxmpp-3.2.2-1.fc36
The following Fedora 36 Critical Path updates have yet to be approved:
Age URL
29
https://bodhi.fedoraproject.org/updates/FEDORA-2022-610322a65f ipset-7.15-5.fc36
7
https://bodhi.fedoraproject.org/updates/FEDORA-2022-206976e1e4
evolution-3.44.4-2.fc36
5
https://bodhi.fedoraproject.org/updates/FEDORA-2022-a77b646471
webkit2gtk3-2.38.0-2.fc36
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-e5e6a98b04 xen-4.16.2-1.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-bbeb9c7745
appstream-data-36-4.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-f676018070
langtable-0.0.60-1.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-90b108024e
kernel-5.19.10-200.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-1d26b49e2b
mtools-4.0.41-1.fc36
The following builds have been pushed to Fedora 36 updates-testing
aardvark-dns-1.1.0-1.fc36
asymptote-2.83-1.fc36
bind-9.16.33-1.fc36
bind-dyndb-ldap-11.9-20.fc36
boxes-2.2.0-1.fc36
edk2-20220826gitba0e0e4c6a17-1.fc36
flare-1.13.04-2.fc36
flare-engine-1.13.04-2.fc36
golang-github-tonistiigi-archvariant-1.0.0-1.fc36
golang-github-xuri-nfp-0-0.1.20220918git5e722a1.fc36
i3-4.21-1.fc36
java-latest-openjdk-19.0.0.0.36-3.rolling.fc36
kitty-0.26.3-1.fc36
knot-resolver-5.5.3-1.fc36
libwebp-1.2.4-2.fc36
nanovna-saver-0.5.3-1.fc36
netavark-1.1.0-1.fc36
openfec-1.4.2.4-3.fc36
pdftk-java-3.3.3-1.fc36
pgadmin4-6.12-6.fc36
pipewire-0.3.58-3.fc36
podman-4.2.1-2.fc36
python-flask-compress-1.13-1.fc36
python3.6-3.6.15-11.fc36
Details about builds:
================================================================================
aardvark-dns-1.1.0-1.fc36 (FEDORA-2022-29c1ba1101)
Authoritative DNS server for A/AAAA container records
--------------------------------------------------------------------------------
Update Information:
use correct tarball
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 28 2022 RH Container Bot <rhcontainerbot(a)fedoraproject.org> 1.1.0-1
- auto bump to v1.1.0
* Wed Jul 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> 1.0.3-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Fri May 27 2022 Lokesh Mandvekar <lsm5(a)fedoraproject.org> 1.0.3-2
- build dep packages using debbuild
--------------------------------------------------------------------------------
================================================================================
asymptote-2.83-1.fc36 (FEDORA-2022-ffe0231373)
Descriptive vector graphics language
--------------------------------------------------------------------------------
Update Information:
Update to 2.83 to resolve incompatibilities with the latest ghostscript.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 21 2022 Tom Callaway <spot(a)fedoraproject.org> - 2.83-1
- update to 2.83
* Tue Aug 23 2022 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 2.81-3
- Rebuild for gsl-2.7.1
* Wed Jul 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.81-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2116163 - asymptote-2.83.src is available
https://bugzilla.redhat.com/show_bug.cgi?id=2116163
[ 2 ] Bug #2127509 - Asymptote 2.81 incompatible with Ghostscript 9.56 - 2.82 required
https://bugzilla.redhat.com/show_bug.cgi?id=2127509
--------------------------------------------------------------------------------
================================================================================
bind-9.16.33-1.fc36 (FEDORA-2022-8268735e06)
The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server
--------------------------------------------------------------------------------
Update Information:
- Upstream [release
notes](https://downloads.isc.org/isc/bind9/9.16.33/doc/arm/h
tml/notes.html#notes-for-bind-9-16-33)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 22 2022 Petr Men����k <pemensik(a)redhat.com> - 32:9.16.33-1
- Update to 9.16.33 (CVE-2022-2795, CVE-2022-3080, CVE-2022-38178,
CVE-2022-38177)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2128705 - CVE-2022-2795 bind: processing large delegations may severely
degrade resolver performance [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2128705
[ 2 ] Bug #2128706 - CVE-2022-3080 bind: BIND 9 resolvers configured to answer from
cache with zero stale-answer-timeout may terminate unexpectedly [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2128706
[ 3 ] Bug #2128709 - CVE-2022-38178 bind: memory leaks in EdDSA DNSSEC verification code
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2128709
[ 4 ] Bug #2128710 - CVE-2022-38177 bind: memory leak in ECDSA DNSSEC verification code
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2128710
--------------------------------------------------------------------------------
================================================================================
bind-dyndb-ldap-11.9-20.fc36 (FEDORA-2022-8268735e06)
LDAP back-end plug-in for BIND
--------------------------------------------------------------------------------
Update Information:
- Upstream [release
notes](https://downloads.isc.org/isc/bind9/9.16.33/doc/arm/h
tml/notes.html#notes-for-bind-9-16-33)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 22 2022 Petr Men����k <pemensik(a)redhat.com> - 11.9-20
- Rebuilt for BIND 9.16.33
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2128705 - CVE-2022-2795 bind: processing large delegations may severely
degrade resolver performance [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2128705
[ 2 ] Bug #2128706 - CVE-2022-3080 bind: BIND 9 resolvers configured to answer from
cache with zero stale-answer-timeout may terminate unexpectedly [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2128706
[ 3 ] Bug #2128709 - CVE-2022-38178 bind: memory leaks in EdDSA DNSSEC verification code
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2128709
[ 4 ] Bug #2128710 - CVE-2022-38177 bind: memory leak in ECDSA DNSSEC verification code
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2128710
--------------------------------------------------------------------------------
================================================================================
boxes-2.2.0-1.fc36 (FEDORA-2022-6cabcf1575)
Command line ASCII boxes unlimited!
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 22 2022 Artem Polishchuk <ego.cordatus(a)gmail.com> 2.2.0-1
- chore(update): 2.2.0
* Wed Jul 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.1.1-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
edk2-20220826gitba0e0e4c6a17-1.fc36 (FEDORA-2022-9ea05d4c5e)
UEFI firmware for 64-bit virtual machines
--------------------------------------------------------------------------------
Update Information:
update edk2 to 2022-08 stable tag.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 20 2022 Gerd Hoffmann <kraxel(a)redhat.com> - 20220826gitba0e0e4c6a17-1
- update edk2 to 2022-08 stable tag.
- update openssl bundle to rhel-8.7 level.
- add stdvga fix.
- add 4MB firmware builds.
--------------------------------------------------------------------------------
================================================================================
flare-1.13.04-2.fc36 (FEDORA-2022-624f024c26)
A single player, 2D-isometric, action Role-Playing Game
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 25 2022 Sandro <gui1ty(a)penguinpee.nl> - 1.13.04-2
- Fixed %cmake in spec file (#2059201)
* Wed Aug 24 2022 Sandipan Roy <bytehackr(a)fedoraproject.org> - 1.13.04-1
- Updated to 1.13.04 (#2003478)
--------------------------------------------------------------------------------
================================================================================
flare-engine-1.13.04-2.fc36 (FEDORA-2022-d2d0c0dc96)
A single player, 2D-isometric, action Role-Playing Engine
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 25 2022 Sandro <gui1ty(a)penguinpee.nl> - 1.13.04-2
- Fixed issues in spec file
* Mon Aug 22 2022 Sandipan Roy <bytehackr(a)fedoraproject.org> - 1.13.04-1
- Update to 1.13.04
--------------------------------------------------------------------------------
================================================================================
golang-github-tonistiigi-archvariant-1.0.0-1.fc36 (FEDORA-2022-180523d082)
None
--------------------------------------------------------------------------------
Update Information:
Initial import
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 22 2022 Robert-Andr�� Mauchin <zebob.m(a)gmail.com> 1.0.0-1
- Initial import
--------------------------------------------------------------------------------
================================================================================
golang-github-xuri-nfp-0-0.1.20220918git5e722a1.fc36 (FEDORA-2022-8dd8b5ef8b)
Go Language Microsoft Excel��� Number Format Parser
--------------------------------------------------------------------------------
Update Information:
Initial import
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 22 2022 Robert-Andr�� Mauchin <zebob.m(a)gmail.com> 0-0.1
- Initial import
--------------------------------------------------------------------------------
================================================================================
i3-4.21-1.fc36 (FEDORA-2022-c08df40449)
Improved tiling window manager
--------------------------------------------------------------------------------
Update Information:
New upstream release 4.21
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 22 2022 Dan ��erm��k <dan.cermak(a)cgc-instruments.com> 4.21-1
- New upstream release 4.21, fixes rhbz#2128878, rhbz#2128310
* Wed Aug 10 2022 Dan ��erm��k <dan.cermak(a)cgc-instruments.com> 4.20.1-6
- Remove calls to xdg-user-dirs-update from Fedora branded i3 config
* Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> 4.20.1-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Wed Jun 1 2022 Jitka Plesnikova <jplesnik(a)redhat.com> 4.20.1-4
- Perl 5.36 rebuild
* Fri Dec 10 2021 Peter Georg <peter.georg(a)physik.uni-regensburg.de> 4.20.1-2
- Enable Recommends for EL
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2128310 - Please port your pcre dependency to pcre2. Pcre has been
deprecated
https://bugzilla.redhat.com/show_bug.cgi?id=2128310
[ 2 ] Bug #2128878 - i3-4.21 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2128878
--------------------------------------------------------------------------------
================================================================================
java-latest-openjdk-19.0.0.0.36-3.rolling.fc36 (FEDORA-2022-b36855b873)
OpenJDK 19 Runtime Environment
--------------------------------------------------------------------------------
Update Information:
# OpenJDK 19 [OpenJDK 19 has been
released](https://mail.openjdk.org/pipermail/jdk-dev/2022-September/00693...
Java Enhancement Proposals (JEPs) included: *
[
405](https://openjdk.org/jeps/405): Record Patterns (Preview) *
[
422](https://openjdk.org/jeps/422): Linux/RISC-V Port *
[
424](https://openjdk.org/jeps/424): Foreign Function & Memory API (Preview) *
[
425](https://openjdk.org/jeps/425): Virtual Threads (Preview) *
[
426](https://openjdk.org/jeps/426): Vector API (Fourth Incubator) *
[
427](https://openjdk.org/jeps/427): Pattern Matching for switch (Third Preview)
* [
428](https://openjdk.org/jeps/428): Structured Concurrency (Incubator) See
the included `NEWS` file for more details.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 21 2022 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:19.0.0.0.36-3.rolling
- The stdc++lib, zlib & freetype options should always be set from the global, so they
are not altered for staticlibs builds
- Remove freetype sources along with zlib sources
* Tue Sep 20 2022 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:19.0.0.0.36-3.rolling
- Switch buildjdkver temporarily to 18, as java-19-openjdk is not yet available in the
buildroot
* Tue Sep 20 2022 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:19.0.0.0.36-3.rolling
- Flip the use of system libraries back on by default, as in-tree libraries should only be
used on Fedora 37+
* Tue Aug 30 2022 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:19.0.0.0.36-2.rolling
- Switch buildjdkver back to being featurever, now java-19-openjdk is available in the
buildroot
* Mon Aug 29 2022 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:19.0.0.0.36-2.rolling
- Switch to static builds, reducing system dependencies and making build more portable
* Mon Aug 29 2022 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:19.0.0.0.36-1.rolling
- Update to RC version of OpenJDK 19
- Update release notes to 19.0.0
- Rebase FIPS patches from fips-19u branch
- Need to include the '.S' suffix in debuginfo checks after JDK-8284661
- Add patch to provide translations for Europe/Kyiv added in tzdata2022b
- Add test to ensure timezones can be translated
- Remove references to sample directory removed by JDK-8284999
--------------------------------------------------------------------------------
================================================================================
kitty-0.26.3-1.fc36 (FEDORA-2022-f9af82a5f0)
Cross-platform, fast, feature full, GPU based terminal emulator
--------------------------------------------------------------------------------
Update Information:
version 0.26.3
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 22 2022 Yaroslav Sidlovsky <zawertun(a)gmail.com> 0.26.3-1
- version 0.26.3
--------------------------------------------------------------------------------
================================================================================
knot-resolver-5.5.3-1.fc36 (FEDORA-2022-2a4ca7b18d)
Caching full DNS Resolver
--------------------------------------------------------------------------------
Update Information:
Latest upstream version 5.5.3 with fix for CVE-2022-40188
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 22 2022 Jakub Ru��i��ka <jakub.ruzicka(a)nic.cz> - 5.5.3-1
- update to upstream version 5.5.3
--------------------------------------------------------------------------------
================================================================================
libwebp-1.2.4-2.fc36 (FEDORA-2022-6476d33b8c)
Library and tools for the WebP graphics format
--------------------------------------------------------------------------------
Update Information:
Fix incorrect libdir in pkg-config files on systems with lib64.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 22 2022 Sandro Mani <manisandro(a)gmail.com> - 1.2.4-2
- Add libwebp_libsuffix.patch
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2128259 - x86_64 .pc files contain incorrect library path
https://bugzilla.redhat.com/show_bug.cgi?id=2128259
--------------------------------------------------------------------------------
================================================================================
nanovna-saver-0.5.3-1.fc36 (FEDORA-2022-1c5a392a35)
Tool for reading, displaying and saving data from the NanoVNA
--------------------------------------------------------------------------------
Update Information:
This is new version of nanovna-saver.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 22 2022 Jaroslav ��karvada <jskarvad(a)redhat.com> - 0.5.3-1
- New version
Resolves: rhbz#2125428
* Fri Jul 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.4.0-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue Jun 14 2022 Python Maint <python-maint(a)redhat.com> - 0.4.0-4
- Rebuilt for Python 3.11
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2125428 - nanovna-saver-0.5.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2125428
--------------------------------------------------------------------------------
================================================================================
netavark-1.1.0-1.fc36 (FEDORA-2022-29c1ba1101)
OCI network stack
--------------------------------------------------------------------------------
Update Information:
use correct tarball
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 28 2022 RH Container Bot <rhcontainerbot(a)fedoraproject.org> 1.1.0-1
- auto bump to v1.1.0
* Fri Jul 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> 1.0.3-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Fri May 27 2022 Lokesh Mandvekar <lsm5(a)fedoraproject.org> 1.0.3-4
- build deb packages using debbuild
--------------------------------------------------------------------------------
================================================================================
openfec-1.4.2.4-3.fc36 (FEDORA-2022-91a52e6a08)
Application-Level Forward Erasure Correction codes
--------------------------------------------------------------------------------
Update Information:
This is new package openfec.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 5 2022 Jaroslav ��karvada <jskarvad(a)redhat.com> - 1.4.2.4-3
- Updated license according to the review
Related: rhbz#2121558
* Tue Aug 30 2022 Jaroslav ��karvada <jskarvad(a)redhat.com> - 1.4.2.4-2
- Fixed tests on s390x
* Mon Aug 29 2022 Jaroslav ��karvada <jskarvad(a)redhat.com> - 1.4.2.4-1
- New version
- Switched to roc-streaming fork
* Tue Aug 23 2022 Jaroslav ��karvada <jskarvad(a)redhat.com> - 1.4.2-1
- Initial version
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2121558 - Review Request: openfec - Application-Level Forward Erasure
Correction codes
https://bugzilla.redhat.com/show_bug.cgi?id=2121558
--------------------------------------------------------------------------------
================================================================================
pdftk-java-3.3.3-1.fc36 (FEDORA-2022-ee2d82f7bf)
GCJ-free toolkit for manipulating PDF documents
--------------------------------------------------------------------------------
Update Information:
# pdftk-java 3.3.3 ## Added * Support UTF-8 encoded FDF files ## Changed *
Preserve external links originating from stamps ## Fixed * Crash reading
invalid bookmarks * Detect invalid parent entries in root form fields *
Crash reading invalid XFDF forms * Crashes with non-conforming inputs
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 23 2022 Robert Scheck <robert(a)fedoraproject.org> 3.3.3-1
- Upgrade to 3.3.3 (#2129183)
* Fri Jul 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.3.2-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Fri Jul 8 2022 Jiri Vanek <jvanek(a)redhat.com> - 3.3.2-4
- Rebuilt for Drop i686 JDKs
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2129183 - pdftk-java-3.3.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2129183
--------------------------------------------------------------------------------
================================================================================
pgadmin4-6.12-6.fc36 (FEDORA-2022-da51c253f9)
Administration tool for PostgreSQL
--------------------------------------------------------------------------------
Update Information:
Fix pgAdmin failing to start.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 22 2022 Sandro Mani <manisandro(a)gmail.com> - 6.12-6
- Drop pgadmin4-socketio.patch
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2128264 - pgadmin4-qt stopped launch
https://bugzilla.redhat.com/show_bug.cgi?id=2128264
--------------------------------------------------------------------------------
================================================================================
pipewire-0.3.58-3.fc36 (FEDORA-2022-51e792bef7)
Media Sharing Server
--------------------------------------------------------------------------------
Update Information:
Add patch to fix ffmpeg capture and other stutterings.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 22 2022 Wim Taymans <wtaymans(a)redhat.com> - 0.3.58-3
- Add patch to fix ffmpeg capture and other stutterings.
--------------------------------------------------------------------------------
================================================================================
podman-4.2.1-2.fc36 (FEDORA-2022-29c1ba1101)
Manage Pods, Containers and Container Images
--------------------------------------------------------------------------------
Update Information:
use correct tarball
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 7 2022 Lokesh Mandvekar <lsm5(a)fedoraproject.org> 4:4.2.1-2
- use correct tarball
* Wed Sep 7 2022 RH Container Bot <rhcontainerbot(a)fedoraproject.org> 4:4.2.1-1
- auto bump to v4.2.1
* Mon Sep 5 2022 Lokesh Mandvekar <lsm5(a)fedoraproject.org> 4:4.2.0-11
- update license for debbuild
* Fri Aug 26 2022 Lokesh Mandvekar <lsm5(a)fedoraproject.org> 4:4.2.0-10
- Packit: remove files installed by unreleased versions
* Wed Aug 24 2022 Lokesh Mandvekar <lsm5(a)fedoraproject.org> 4:4.2.0-9
- use tmpfilesdir macro
* Wed Aug 24 2022 Lokesh Mandvekar <lsm5(a)fedoraproject.org> 4:4.2.0-8
- account for upcoming /usr/lib/user-tmpfiles.d/podman-docker.conf in
podman-docker
* Wed Aug 24 2022 Lokesh Mandvekar <lsm5(a)fedoraproject.org> 4:4.2.0-7
- account for upcoming tmpfilesdir/podman-docker.conf
* Mon Aug 22 2022 Lokesh Mandvekar <lsm5(a)fedoraproject.org> 4:4.2.0-6
- install systemd units for debbuild
* Fri Aug 19 2022 Lokesh Mandvekar <lsm5(a)fedoraproject.org> 4:4.2.0-5
- Attempt to fix debian 11 and ubuntu 18.04, 20.04
* Wed Aug 17 2022 Lokesh Mandvekar <lsm5(a)fedoraproject.org> 4:4.2.0-4
- use easier tag macros to make both fedora and debbuild happy
* Tue Aug 16 2022 Lokesh Mandvekar <lsm5(a)fedoraproject.org> 4:4.2.0-3
- Fix debbuild maintainer issue
--------------------------------------------------------------------------------
================================================================================
python-flask-compress-1.13-1.fc36 (FEDORA-2022-bc9c969bbb)
Compress responses in your Flask app with gzip or brotli
--------------------------------------------------------------------------------
Update Information:
Upgrade to 1.13
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 22 2022 Iztok Fister Jr. <iztokf AT fedoraproject DOT org> - 1.13-1
- New upstream's release
* Fri Jul 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.12-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue Jun 14 2022 Python Maint <python-maint(a)redhat.com> - 1.12-2
- Rebuilt for Python 3.11
--------------------------------------------------------------------------------
================================================================================
python3.6-3.6.15-11.fc36 (FEDORA-2022-a2be4bd5d8)
Version 3.6 of the Python interpreter
--------------------------------------------------------------------------------
Update Information:
Fix for CVE-2021-28861
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 14 2022 Lum��r Balhar <lbalhar(a)redhat.com> - 3.6.15-11
- Fix for CVE-2021-28861
Resolves: rhbz#2120785
* Wed Jul 20 2022 Charalampos Stratakis <cstratak(a)redhat.com> - 3.6.15-10
- Fix test_tarfile on ppc64le
Resolves: rhbz#2109120
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2120785 - CVE-2021-28861 python3.6: python: an open redirection vulnerability
in lib/http/server.py may lead to information disclosure [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2120785
--------------------------------------------------------------------------------