The following Fedora 38 Security updates need testing: Age URL 10 https://bodhi.fedoraproject.org/updates/FEDORA-2023-c92be0dfa0 389-ds-base-2.3.5-1.fc38 6 https://bodhi.fedoraproject.org/updates/FEDORA-2023-15b3e80753 grpc-1.48.4-8.fc38 4 https://bodhi.fedoraproject.org/updates/FEDORA-2023-6cfe7492c1 aerc-0.15.2-1.fc38 3 https://bodhi.fedoraproject.org/updates/FEDORA-2023-a004ecb3f8 kitty-0.29.1-1.fc38 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-364ae10761 mingw-qt6-qtbase-6.5.1-2.fc38 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-04243a1845 iperf3-3.14-1.fc38 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-5ead27b6d2 mingw-qt5-qtbase-5.15.10-2.fc38
The following Fedora 38 Critical Path updates have yet to be approved: Age URL 77 https://bodhi.fedoraproject.org/updates/FEDORA-2023-fb366d5ed5 binutils-2.39-12.fc38 19 https://bodhi.fedoraproject.org/updates/FEDORA-2023-cd974cf0a2 ostree-2023.5-2.fc38 10 https://bodhi.fedoraproject.org/updates/FEDORA-2023-c92be0dfa0 389-ds-base-2.3.5-1.fc38 9 https://bodhi.fedoraproject.org/updates/FEDORA-2023-eb3a5a88bd debugedit-5.0-9.fc38 6 https://bodhi.fedoraproject.org/updates/FEDORA-2023-40b1810728 libqalculate-4.7.0-1.fc38 qalculate-gtk-4.7.0-1.fc38 qalculate-qt-4.7.0-1.fc38 4 https://bodhi.fedoraproject.org/updates/FEDORA-2023-1f5693e960 papirus-icon-theme-20230601-1.fc38 3 https://bodhi.fedoraproject.org/updates/FEDORA-2023-18269425be libtpms-0.9.6-2.fc38 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-d1a92108eb annobin-12.20-2.fc38 1 https://bodhi.fedoraproject.org/updates/FEDORA-2023-e045d5a481 libmediainfo-23.07-1.fc38 mediaconch-23.07-1.fc38 mediainfo-23.07-1.fc38 0 https://bodhi.fedoraproject.org/updates/FEDORA-2023-a6ea4ed528 glib2-2.76.4-3.fc38 0 https://bodhi.fedoraproject.org/updates/FEDORA-2023-90047b70d3 osinfo-db-20230719-1.fc38 0 https://bodhi.fedoraproject.org/updates/FEDORA-2023-7d5d497dd4 tracker-3.5.3-2.fc38 0 https://bodhi.fedoraproject.org/updates/FEDORA-2023-75af649677 cmake-3.27.0-1.fc38 0 https://bodhi.fedoraproject.org/updates/FEDORA-2023-3cf9ecc200 pungi-4.4.0-3.fc38
The following builds have been pushed to Fedora 38 updates-testing
bind-9.18.17-1.fc38 bind-dyndb-ldap-11.10-19.fc38 bind9-next-9.19.15-2.fc38 curl-8.0.1-3.fc38 fedora-license-data-1.26-1.fc38 freeipa-4.10.2-1.fc38 golang-github-valyala-fasthttp-1.48.0-5.fc38 kernel-6.4.4-200.fc38 kernel-headers-6.4.4-200.fc38 kernel-tools-6.4.4-200.fc38 libkrun-1.5.0-4.fc38 libopenmpt-0.6.11-1.fc38 linux-system-roles-1.47.0-1.fc38 mingw-adwaita-icon-theme-44.0-1.fc38 msitools-0.102-1.fc38 osbuild-90-1.fc38 php-mockery-1.6.4-1.fc38 python-xarray-2023.7.0-1.fc38 rust-gix-command-0.2.7-1.fc38 rust-kvm-ioctls-0.14.0-1.fc38 rust-sha-1-0.10.1-3.fc38 rust-sha-1_0.9-0.9.8-5.fc38 rust-sha1-0.10.5-3.fc38 rust-sha1-asm-0.5.1-1.fc38 rust-vhost-0.8.1-1.fc38 rust-vhost-user-backend-0.10.0-1.fc38 rust-virtio-bindings-0.2.1-1.fc38 rust-virtio-queue-0.9.0-1.fc38 rust-vm-memory-0.12.0-1.fc38 samba-4.18.5-0.fc38 skopeo-1.13.1-1.fc38 tint2-17.0.2-1.fc38 virtiofsd-1.7.0-2.fc38 xdg-dbus-proxy-0.1.4-2.fc38
Details about builds:
================================================================================ bind-9.18.17-1.fc38 (FEDORA-2023-c6fcb533f5) The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server -------------------------------------------------------------------------------- Update Information:
# Notes for BIND 9.18.17 ## Feature Changes - If a response from an authoritative server has its RCODE set to FORMERR and contains an echoed EDNS COOKIE option that was present in the query, named now retries sending the query to the same server without an EDNS COOKIE option. [GL #4049] - The relaxed QNAME minimization mode now uses NS records. This reduces the number of queries named makes when resolving, as it allows the non-existence of NS RRsets at non- referral nodes to be cached in addition to the normally cached referrals. [GL #3325] ## Bug Fixes - The ability to read HMAC-MD5 key files, which was accidentally lost in BIND 9.18.8, has been restored. [GL #3668] [GL #4154] - Several minor stability issues with the catalog zone implementation have been fixed. [GL #4132] [GL #4136] [GL #4171] source: [upstream release notes](https: //downloads.isc.org/isc/bind9/9.18.17/doc/arm/html/notes.html#notes-for- bind-9-18-17) -------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 19 2023 Petr Men����k pemensik@redhat.com - 32:9.18.17-1 - Update to 9.18.17 (#2223913) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2223913 - bind-9.18.17 is available https://bugzilla.redhat.com/show_bug.cgi?id=2223913 --------------------------------------------------------------------------------
================================================================================ bind-dyndb-ldap-11.10-19.fc38 (FEDORA-2023-c6fcb533f5) LDAP back-end plug-in for BIND -------------------------------------------------------------------------------- Update Information:
# Notes for BIND 9.18.17 ## Feature Changes - If a response from an authoritative server has its RCODE set to FORMERR and contains an echoed EDNS COOKIE option that was present in the query, named now retries sending the query to the same server without an EDNS COOKIE option. [GL #4049] - The relaxed QNAME minimization mode now uses NS records. This reduces the number of queries named makes when resolving, as it allows the non-existence of NS RRsets at non- referral nodes to be cached in addition to the normally cached referrals. [GL #3325] ## Bug Fixes - The ability to read HMAC-MD5 key files, which was accidentally lost in BIND 9.18.8, has been restored. [GL #3668] [GL #4154] - Several minor stability issues with the catalog zone implementation have been fixed. [GL #4132] [GL #4136] [GL #4171] source: [upstream release notes](https: //downloads.isc.org/isc/bind9/9.18.17/doc/arm/html/notes.html#notes-for- bind-9-18-17) -------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 19 2023 Petr Men����k pemensik@redhat.com - 11.10-19 - Rebuild for BIND 9.18.17 (#2223913) * Wed Jul 19 2023 Fedora Release Engineering releng@fedoraproject.org - 11.10-18 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2223913 - bind-9.18.17 is available https://bugzilla.redhat.com/show_bug.cgi?id=2223913 --------------------------------------------------------------------------------
================================================================================ bind9-next-9.19.15-2.fc38 (FEDORA-2023-90218bff5c) The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server -------------------------------------------------------------------------------- Update Information:
# Notes for BIND 9.19.15 ## Feature Changes - The relaxed QNAME minimization mode now uses NS records. This reduces the number of queries named makes when resolving, as it allows the non-existence of NS RRsets at non-referral nodes to be cached in addition to the normally cached referrals. [GL #3325] ## Bug Fixes - The ability to read HMAC-MD5 key files, which was accidentally lost in BIND 9.19.6 and BIND 9.18.8, has been restored. [GL #3668] [GL #4154] - Several minor stability issues with the catalog zone implementation have been fixed. [GL #4132] [GL #4136] [GL #4171] -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 20 2023 Petr Men����k pemensik@redhat.com - 32:9.19.15-2 - Remove --enable-fixed-rrset flag * Thu Jul 20 2023 Petr Men����k pemensik@redhat.com - 32:9.19.15-1 - Update to 9.19.15 (rhbz#2216463) * Wed Jul 19 2023 Fedora Release Engineering releng@fedoraproject.org - 32:9.19.14-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Mon Jun 26 2023 Petr Men����k pemensik@redhat.com - 32:9.19.14-1 - Update to 9.19.14 (#2216463) --------------------------------------------------------------------------------
================================================================================ curl-8.0.1-3.fc38 (FEDORA-2023-6139d4e088) A utility for getting files from remote servers (FTP, HTTP, and others) -------------------------------------------------------------------------------- Update Information:
- fix fopen race condition (CVE-2023-32001) -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 20 2023 Jan Macku jamacku@redhat.com - 8.0.1-3 - fix fopen race condition (CVE-2023-32001) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2223893 - CVE-2023-32001 curl: fopen race condition [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2223893 --------------------------------------------------------------------------------
================================================================================ fedora-license-data-1.26-1.fc38 (FEDORA-2023-4a1f15758d) Fedora Linux license data -------------------------------------------------------------------------------- Update Information:
- add not-allowed LicenseRef-verbatim - Add Apache-2.0 WITH Swift-exception - document timing of releases - mark HPND-sell-variant as variant of MIT in legacy system - Add source-highlight public domain delcarations - Add usage note for CC0-1.0 addressing liboqs issue - Add gdb/GNU libiberty public domain delcarations - Add CFITSIO license - add licenses *GPL*WITH Linux-syscall-note -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 20 2023 Miroslav Such�� msuchy@redhat.com 1.26-1 - add not-allowed LicenseRef-verbatim - Add Apache-2.0 WITH Swift-exception - document timing of releases - mark HPND-sell-variant as variant of MIT in legacy system - Add source-highlight public domain delcarations - Add usage note for CC0-1.0 addressing liboqs issue - Add gdb/GNU libiberty public domain delcarations - Add CFITSIO license - add licenses *GPL*WITH Linux-syscall-note * Thu Jul 6 2023 Miroslav Such�� msuchy@redhat.com 1.25-1 - Add legacy attributes to HP-1986 - variant of legacy MIT license - Add dtoa - Add MulanPSL-2.0 - Add Boehm-GC - add LLGPL - public-domain-text.txt: Add a perl-Barcode-Code128 dedication - Add new file: GPL-2.0-only_WITH_Asterisk-exception --------------------------------------------------------------------------------
================================================================================ freeipa-4.10.2-1.fc38 (FEDORA-2023-95e3fe4d76) The Identity, Policy and Audit system -------------------------------------------------------------------------------- Update Information:
FreeIPA 4.10.2, rebuilt against krb5 1.21. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 20 2023 Alexander Bokovoy abokovoy@redhat.com - 4.10.2-1 - Upstream release FreeIPA 4.10.2 - Synchronize patches with CentOS 9 Stream * Tue Jul 18 2023 Alexander Bokovoy abokovoy@redhat.com - 4.10.1-5 - Rebuild against krb5 1.21 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2182685 - Tolerate absence of PAC ticket signature depending of domain and servers capabilities [rawhide,f38] https://bugzilla.redhat.com/show_bug.cgi?id=2182685 --------------------------------------------------------------------------------
================================================================================ golang-github-valyala-fasthttp-1.48.0-5.fc38 (FEDORA-2023-38596e824b) Fast HTTP package -------------------------------------------------------------------------------- Update Information:
Update to 1.48.0 -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 20 2023 Robert-Andr�� Mauchin zebob.m@gmail.com - 1.48.0-1 - Update to 1.48.0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2178955 - golang-github-valyala-fasthttp-1.46.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2178955 --------------------------------------------------------------------------------
================================================================================ kernel-6.4.4-200.fc38 (FEDORA-2023-e4e985b5dd) The Linux kernel -------------------------------------------------------------------------------- Update Information:
The 6.4.4 stable kernel rebase contains additional hardware support, new features, and a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 19 2023 Justin M. Forbes jforbes@fedoraproject.org [6.4.4-0] - move ownership of /lib/modules/<ver>/ to kernel-core (Thorsten Leemhuis) - Let kernel-modules-core own the files depmod generates. (Thorsten Leemhuis) - Add more bugs fixed in 6.4.4 (Justin M. Forbes) - Add some bugs to be fixed in 6.4.4 (Justin M. Forbes) - Add kunit configs for 6.4.4 (Justin M. Forbes) - Add hid-uclogic-test to mod-internal.list (Thorsten Leemhuis) - Add input_test to mod-intenal.list (Thorsten Leemhuis) - fedora: wifi: tweak ZYDAS WiFI config options (Peter Robinson) - Fix module filters for aarch64 and ppc (Justin M. Forbes) - Fix up some config mismatches (Justin M. Forbes) - Linux v6.4.4 * Tue Jul 11 2023 Justin M. Forbes jforbes@fedoraproject.org [6.4.3-0] - drm/amd: Don't try to enable secure display TA multiple times (Mario Limonciello) - drm/amdgpu: fix number of fence calculations (Christian K��nig) - drm/amdgpu: check RAS irq existence for VCN/JPEG (Tao Zhou) - drm/amd/pm: add abnormal fan detection for smu 13.0.0 (Kenneth Feng) - drm/amdgpu/sdma4: set align mask to 255 (Alex Deucher) - drm/amd/pm: revise the ASPM settings for thunderbolt attached scenario (Evan Quan) - drm/amdgpu: Skip mark offset for high priority rings (Jiadong Zhu) - drm/amdgpu: make sure that BOs have a backing store (Christian K��nig) - drm/amdgpu: make sure BOs are locked in amdgpu_vm_get_memory (Christian K��nig) - Linux 6.4.3 (Greg Kroah-Hartman) - fork: lock VMAs of the parent process when forking (Suren Baghdasaryan) - bootmem: remove the vmemmap pages from kmemleak in free_bootmem_page (Liu Shixin) - mm: call arch_swap_restore() from do_swap_page() (Peter Collingbourne) - mm: lock newly mapped VMA with corrected ordering (Hugh Dickins) - mm: lock newly mapped VMA which can be modified after it becomes visible (Suren Baghdasaryan) - mm: lock a vma before stack expansion (Suren Baghdasaryan) - fedora: arm: some minor updates (Peter Robinson) - fedora: bluetooth: enable AOSP extensions (Peter Robinson) - Fix up buildReqs for UKI (Justin M. Forbes) - mm: disable CONFIG_PER_VMA_LOCK until its fixed (Suren Baghdasaryan) - fork: lock VMAs of the parent process when forking (Suren Baghdasaryan) - Turn on NET_VENDOR_QUALCOMM so that rmnet builds (Justin M. Forbes) - Fix missing rhel config (Justin M. Forbes) - Linux v6.4.3 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2220892 - CVE-2023-35001 kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval() https://bugzilla.redhat.com/show_bug.cgi?id=2220892 [ 2 ] Bug #2220893 - CVE-2023-31248 kernel: nf_tables: use-after-free in nft_chain_lookup_byid() https://bugzilla.redhat.com/show_bug.cgi?id=2220893 --------------------------------------------------------------------------------
================================================================================ kernel-headers-6.4.4-200.fc38 (FEDORA-2023-e4e985b5dd) Header files for the Linux kernel for use by glibc -------------------------------------------------------------------------------- Update Information:
The 6.4.4 stable kernel rebase contains additional hardware support, new features, and a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 19 2023 Justin M. Forbes jforbes@fedoraproject.org - 6.4.4-200 - Linux v6.4.4 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2220892 - CVE-2023-35001 kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval() https://bugzilla.redhat.com/show_bug.cgi?id=2220892 [ 2 ] Bug #2220893 - CVE-2023-31248 kernel: nf_tables: use-after-free in nft_chain_lookup_byid() https://bugzilla.redhat.com/show_bug.cgi?id=2220893 --------------------------------------------------------------------------------
================================================================================ kernel-tools-6.4.4-200.fc38 (FEDORA-2023-e4e985b5dd) Assortment of tools for the Linux kernel -------------------------------------------------------------------------------- Update Information:
The 6.4.4 stable kernel rebase contains additional hardware support, new features, and a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 19 2023 Justin M. Forbes jforbes@fedoraproject.org - 6.4.4-200 - Linux v6.4.4 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2220892 - CVE-2023-35001 kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval() https://bugzilla.redhat.com/show_bug.cgi?id=2220892 [ 2 ] Bug #2220893 - CVE-2023-31248 kernel: nf_tables: use-after-free in nft_chain_lookup_byid() https://bugzilla.redhat.com/show_bug.cgi?id=2220893 --------------------------------------------------------------------------------
================================================================================ libkrun-1.5.0-4.fc38 (FEDORA-2023-5167ce8181) Dynamic library providing Virtualization-based process isolation capabilities -------------------------------------------------------------------------------- Update Information:
Update rust-vmm packages and their consumers (virtiofsd and libkrun) -------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 19 2023 Sergio Lopez slp@redhat.com - 1.5.0-4 - Update license specification to conform SPDX format * Wed Jul 19 2023 Sergio Lopez slp@redhat.com - 1.5.0-3 - Update vm-memory requirement to version 0.12.0 - Update kvm-ioctls requirement to version 0.14.0 - Add a temporary patch to accomodate an API change in kvm-ioctls --------------------------------------------------------------------------------
================================================================================ libopenmpt-0.6.11-1.fc38 (FEDORA-2023-5f840297cb) C/C++ library to decode tracker music module (MOD) files -------------------------------------------------------------------------------- Update Information:
Update from 0.6.10 to 0.6.11: https://lib.openmpt.org/libopenmpt/2023/06/18/security- updates-0.7.2-0.6.11-0.5.25-release-0.4.37/ -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 20 2023 Michael Schwendt mschwendt@fedoraproject.org - 0.6.11-1 - update to 0.6.11 * Thu Jul 20 2023 Fedora Release Engineering releng@fedoraproject.org - 0.6.10-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ linux-system-roles-1.47.0-1.fc38 (FEDORA-2023-9817b3faaf) Set of interfaces for unified system management -------------------------------------------------------------------------------- Update Information:
Automatic update for linux-system-roles-1.47.0-1.fc38. ##### **Changelog for linux-system-roles** ``` * Thu Jul 20 2023 Packit hello@packit.dev - 1.47.0-1 - Update to upstream version 1.47.0 ``` -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 20 2023 Packit hello@packit.dev - 1.47.0-1 - Update to upstream version 1.47.0 --------------------------------------------------------------------------------
================================================================================ mingw-adwaita-icon-theme-44.0-1.fc38 (FEDORA-2023-8f7eb06a7a) Adwaita icon theme for MingGW -------------------------------------------------------------------------------- Update Information:
New release v0.102 -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 21 2023 Sandro Mani manisandro@gmail.com - 44.0-1 - Update to 44.0 --------------------------------------------------------------------------------
================================================================================ msitools-0.102-1.fc38 (FEDORA-2023-8f7eb06a7a) Windows Installer tools -------------------------------------------------------------------------------- Update Information:
New release v0.102 -------------------------------------------------------------------------------- ChangeLog:
* Tue Jun 20 2023 Marc-Andr�� Lureau marcandre.lureau@redhat.com - 0.102-1 - New release v0.102 * Thu Jan 19 2023 Fedora Release Engineering releng@fedoraproject.org - 0.101.32-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Thu Jul 21 2022 Fedora Release Engineering releng@fedoraproject.org - 0.101.32-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Mon May 9 2022 Richard Hughes rhughes@redhat.com - 0.101.32-5 - Fix tests with latest adwaita-icon-theme. * Fri May 6 2022 Richard Hughes rhughes@redhat.com - 0.101.32-4 - Backport a patch so wixl-heat can work with glib as-shiped in F36. --------------------------------------------------------------------------------
================================================================================ osbuild-90-1.fc38 (FEDORA-2023-d53609a4b9) A build system for OS images -------------------------------------------------------------------------------- Update Information:
Automatic update for osbuild-90-1.fc38. ##### **Changelog for osbuild** ``` * Wed Jul 19 2023 Packit hello@packit.dev - 90-1 Changes with 90 ---------------- * .gitlab-ci.yml: Run rpmbuild for Fedora 39 (#1344) * Expand `sysconfig` stage with `livesys` and `desktop` (#1345) * Schutzfile: Fix f38 snapshot references (#1347) * org.osbuild.rpm: Add some context to rpmkeys failure (#1244) * runners: Asahi Fedora Remix to Fedora Asahi Remix (#1338) * stage: anaconda, allow access to more config (#1320) * stages/rpm: chmod `machine-id` to 0444 (#1342) * stages/squashfs: add support for zstd compression (#1232) * stages: add openscap autotailor stage (#1336) * test/data: introduce UKI also for CentOS Stream (#1233) Contributions from: Brian C. Lane, Eric Curtin, Gianluca Zuccarelli, Ond��ej Budai, Simon de Vlieger ��� Somewhere on the Internet, 2023-07-19 ``` -------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 19 2023 Packit hello@packit.dev - 90-1 Changes with 90 ---------------- * .gitlab-ci.yml: Run rpmbuild for Fedora 39 (#1344) * Expand `sysconfig` stage with `livesys` and `desktop` (#1345) * Schutzfile: Fix f38 snapshot references (#1347) * org.osbuild.rpm: Add some context to rpmkeys failure (#1244) * runners: Asahi Fedora Remix to Fedora Asahi Remix (#1338) * stage: anaconda, allow access to more config (#1320) * stages/rpm: chmod `machine-id` to 0444 (#1342) * stages/squashfs: add support for zstd compression (#1232) * stages: add openscap autotailor stage (#1336) * test/data: introduce UKI also for CentOS Stream (#1233)
Contributions from: Brian C. Lane, Eric Curtin, Gianluca Zuccarelli, Ond��ej Budai, Simon de Vlieger
��� Somewhere on the Internet, 2023-07-19 --------------------------------------------------------------------------------
================================================================================ php-mockery-1.6.4-1.fc38 (FEDORA-2023-8a4c83c463) Mockery is a simple but flexible PHP mock object framework -------------------------------------------------------------------------------- Update Information:
**Version 1.6.4** (2023-07-19) * [#1308: Changelog v1.6.4](https://github.com/mockery/mockery/pull/1308) * [#1307: Revert `src` to `library` for `1.6.x`](https://github.com/mockery/mockery/pull/1307) ---- **Version 1.6.3** (2023-07-18) * [#1304: Remove `extra.branch-alias` and update composer information](https://github.com/mockery/mockery/pull/1304) * [#1303: Update `.gitattributes`](https://github.com/mockery/mockery/pull/1303) * [#1302: Changelog v1.6.3](https://github.com/mockery/mockery/pull/1302) * [#1301: Fix mocking classes with `new` initializers in method and attribute params on PHP 8.1](https://github.com/mockery/mockery/pull/1301) * [#1298: Update default repository branch to latest release branch](https://github.com/mockery/mockery/issues/1298) * [#1297: Update `Makefile` for contributors](https://github.com/mockery/mockery/pull/1297) * [#1294: Correct return types of Mock for phpstan](https://github.com/mockery/mockery/pull/1294) * [#1290: Rename directory `library` to `src`](https://github.com/mockery/mockery/pull/1290) * [#1288: Update codecov workflow](https://github.com/mockery/mockery/pull/1288) * [#1287: Update psalm configuration and workflow](https://github.com/mockery/mockery/pull/1287) * [#1286: Update phpunit workflow](https://github.com/mockery/mockery/pull/1286) * [#1285: Enforce the minimum required PHP version](https://github.com/mockery/mockery/pull/1285) * [#1283: Update license and copyright information](https://github.com/mockery/mockery/pull/1283) * [#1282: Create `COPYRIGHT.md` file](https://github.com/mockery/mockery/pull/1282) * [#1279: Bump `vimeo/psalm` from `5.9.0` to `5.12.0`](https://github.com/mockery/mockery/pull/1279) -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 20 2023 Remi Collet remi@remirepo.net - 1.6.4-1 - update to 1.6.4 * Wed Jul 19 2023 Remi Collet remi@remirepo.net - 1.6.3-1 - update to 1.6.3 --------------------------------------------------------------------------------
================================================================================ python-xarray-2023.7.0-1.fc38 (FEDORA-2023-6815247775) N-D labeled arrays and datasets in Python -------------------------------------------------------------------------------- Update Information:
Update to latest version (#2208416) -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 20 2023 Elliott Sales de Andrade quantum.analyst@gmail.com - 2023.7.0-1 - Update to latest version (#2208416) * Wed Jul 19 2023 Elliott Sales de Andrade quantum.analyst@gmail.com - 2023.4.2-3 - Rebuild for Python 3.12b4 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2208416 - python-xarray-2023.7.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2208416 --------------------------------------------------------------------------------
================================================================================ rust-gix-command-0.2.7-1.fc38 (FEDORA-2023-c844a9afd5) Handle gitoxide internal git command execution -------------------------------------------------------------------------------- Update Information:
Update to version 0.2.7 -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 20 2023 blinxen h-k-81@hotmail.com - 0.2.7-1 - Update to version 0.2.7 (rhbz#2223899) * Wed Jul 5 2023 blinxen h-k-81@hotmail.com - 0.2.6-1 - Initial package --------------------------------------------------------------------------------
================================================================================ rust-kvm-ioctls-0.14.0-1.fc38 (FEDORA-2023-5167ce8181) Safe wrappers over KVM ioctls -------------------------------------------------------------------------------- Update Information:
Update rust-vmm packages and their consumers (virtiofsd and libkrun) -------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 12 2023 Sergio Lopez slp@redhat.com - 0.14.0-1 - Update to version 0.14.0 - Regenerate with rust2rpm 24 --------------------------------------------------------------------------------
================================================================================ rust-sha-1-0.10.1-3.fc38 (FEDORA-2023-67d54661b1) SHA-1 hash function -------------------------------------------------------------------------------- Update Information:
- Enable features for using hand-tuned assembly implementations of SHA-1 in the packages for the sha1 and sha-1 crates (only available on x86 and aarch64). - Initial packaging of the sha1-asm crate. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 20 2023 Fabio Valentini decathorpe@gmail.com - 0.10.1-3 - Enable feature for using optimized assembly implementations --------------------------------------------------------------------------------
================================================================================ rust-sha-1_0.9-0.9.8-5.fc38 (FEDORA-2023-67d54661b1) SHA-1 hash function -------------------------------------------------------------------------------- Update Information:
- Enable features for using hand-tuned assembly implementations of SHA-1 in the packages for the sha1 and sha-1 crates (only available on x86 and aarch64). - Initial packaging of the sha1-asm crate. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 20 2023 Fabio Valentini decathorpe@gmail.com - 0.9.8-5 - Enable feature for using optimized assembly implementations * Wed Jun 14 2023 Fabio Valentini decathorpe@gmail.com - 0.9.8-4 - Regenerate with rust2rpm v24 --------------------------------------------------------------------------------
================================================================================ rust-sha1-0.10.5-3.fc38 (FEDORA-2023-67d54661b1) SHA-1 hash function -------------------------------------------------------------------------------- Update Information:
- Enable features for using hand-tuned assembly implementations of SHA-1 in the packages for the sha1 and sha-1 crates (only available on x86 and aarch64). - Initial packaging of the sha1-asm crate. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 20 2023 Fabio Valentini decathorpe@gmail.com - 0.10.5-3 - Enable feature for using optimized assembly implementations --------------------------------------------------------------------------------
================================================================================ rust-sha1-asm-0.5.1-1.fc38 (FEDORA-2023-67d54661b1) Assembly implementation of SHA-1 compression function -------------------------------------------------------------------------------- Update Information:
- Enable features for using hand-tuned assembly implementations of SHA-1 in the packages for the sha1 and sha-1 crates (only available on x86 and aarch64). - Initial packaging of the sha1-asm crate. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 20 2023 Fabio Valentini decathorpe@gmail.com - 0.5.1-1 - Initial import (#2223624) --------------------------------------------------------------------------------
================================================================================ rust-vhost-0.8.1-1.fc38 (FEDORA-2023-5167ce8181) Pure rust library for vdpa, vhost and vhost-user -------------------------------------------------------------------------------- Update Information:
Update rust-vmm packages and their consumers (virtiofsd and libkrun) -------------------------------------------------------------------------------- ChangeLog:
* Tue Jul 18 2023 Sergio Lopez slp@redhat.com - 0.8.1-1 - Update to version 0.8.1 - Drop no longer needed temporary patch * Wed Jul 12 2023 Sergio Lopez slp@redhat.com - 0.8.0-1 - Update to version 0.8.0 - Regenerate with rust2rpm 24 - Add a temporary patch for fix a dependency problem --------------------------------------------------------------------------------
================================================================================ rust-vhost-user-backend-0.10.0-1.fc38 (FEDORA-2023-5167ce8181) Framework to build vhost-user backend service daemon -------------------------------------------------------------------------------- Update Information:
Update rust-vmm packages and their consumers (virtiofsd and libkrun) -------------------------------------------------------------------------------- ChangeLog:
* Fri Jul 14 2023 Sergio Lopez slp@redhat.com - 0.10.0-1 - Update to version 0.10.0 - Regenerate with rust2rpm 24 - Drop no longer need patch downgrading nix dependency --------------------------------------------------------------------------------
================================================================================ rust-virtio-bindings-0.2.1-1.fc38 (FEDORA-2023-5167ce8181) Rust FFI bindings to virtio generated using bindgen -------------------------------------------------------------------------------- Update Information:
Update rust-vmm packages and their consumers (virtiofsd and libkrun) -------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 12 2023 Sergio Lopez slp@redhat.com - 0.2.1-1 - Update to version 0.2.1 - Regenerate with rust2rpm 24 - Add out-of-crate license files --------------------------------------------------------------------------------
================================================================================ rust-virtio-queue-0.9.0-1.fc38 (FEDORA-2023-5167ce8181) Virtio queue implementation -------------------------------------------------------------------------------- Update Information:
Update rust-vmm packages and their consumers (virtiofsd and libkrun) -------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 12 2023 Sergio Lopez slp@redhat.com - 0.9.0-1 - Update to version 0.9.0 - Regenerate with rust2rpm 24 --------------------------------------------------------------------------------
================================================================================ rust-vm-memory-0.12.0-1.fc38 (FEDORA-2023-5167ce8181) Safe abstractions for accessing the VM physical memory -------------------------------------------------------------------------------- Update Information:
Update rust-vmm packages and their consumers (virtiofsd and libkrun) -------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 12 2023 Sergio Lopez slp@redhat.com - 0.12.0-1 - Update to version 0.12.0 --------------------------------------------------------------------------------
================================================================================ samba-4.18.5-0.fc38 (FEDORA-2023-76c06c8576) Server and Client software to interoperate with Windows machines -------------------------------------------------------------------------------- Update Information:
Update to version 4.18.5, Security fixes for CVE-2022-2127, CVE-2023-3347, CVE-2023-34966, CVE-2023-34967 and CVE-2023-34968 -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 20 2023 Guenther Deschner gdeschner@redhat.com - 4.18.5-0 - resolves: #2224040 - Update to version 4.18.5 - resolves: #2222791, #2224254 - Security fix for CVE-2022-2127 - resolves: #2222792, #2224255 - Security fix for CVE-2023-3347 - resolves: #2222793, #2224253 - Security fix for CVE-2023-34966 - resolves: #2222794, #2224252 - Security fix for CVE-2023-34967 - resolves: #2222795, #2224250 - Security fix for CVE-2023-34968 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2222791 - CVE-2022-2127 samba: out-of-bounds read in winbind AUTH_CRAP https://bugzilla.redhat.com/show_bug.cgi?id=2222791 [ 2 ] Bug #2222792 - CVE-2023-3347 samba: SMB2 packet signing is not enforced when "server signing = required" is set https://bugzilla.redhat.com/show_bug.cgi?id=2222792 [ 3 ] Bug #2222793 - CVE-2023-34966 samba: infinite loop in mdssvc RPC service for spotlight https://bugzilla.redhat.com/show_bug.cgi?id=2222793 [ 4 ] Bug #2222794 - CVE-2023-34967 samba: type confusion in mdssvc RPC service for spotlight https://bugzilla.redhat.com/show_bug.cgi?id=2222794 [ 5 ] Bug #2222795 - CVE-2023-34968 samba: spotlight server-side share path disclosure https://bugzilla.redhat.com/show_bug.cgi?id=2222795 --------------------------------------------------------------------------------
================================================================================ skopeo-1.13.1-1.fc38 (FEDORA-2023-9d1fd08330) Inspect container images and repositories on registries -------------------------------------------------------------------------------- Update Information:
bump to v1.13.1 -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 20 2023 Lokesh Mandvekar lsm5@fedoraproject.org - 1:1.13.1-1 - bump to v1.13.1 --------------------------------------------------------------------------------
================================================================================ tint2-17.0.2-1.fc38 (FEDORA-2023-aad0474239) A lightweight X11 desktop panel and task manager -------------------------------------------------------------------------------- Update Information:
- See https://bugzilla.redhat.com/show_bug.cgi?id=2222070 -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 20 2023 Leigh Scott leigh123linux@gmail.com - 1:17.0.2-1 - Revert back to 17.0.2 * Tue Jul 18 2023 Leigh Scott leigh123linux@gmail.com - 17.1.3-3 - Fix rhbz#2222070 * Tue Jun 13 2023 Leigh Scott leigh123linux@gmail.com - 17.1.3-2 - Rebuild fo new imlib2 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2222070 - tint2 on F38 has been broken for a while, but there's a patch to fix it https://bugzilla.redhat.com/show_bug.cgi?id=2222070 --------------------------------------------------------------------------------
================================================================================ virtiofsd-1.7.0-2.fc38 (FEDORA-2023-5167ce8181) Virtio-fs vhost-user device daemon (Rust version) -------------------------------------------------------------------------------- Update Information:
Update rust-vmm packages and their consumers (virtiofsd and libkrun) -------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 19 2023 Sergio Lopez slp@redhat.com - 1.7.0-2 - Update license specification to conform SPDX format * Tue Jul 18 2023 Sergio Lopez slp@redhat.com - 1.7.0-1 - Update to version 1.7.0 - Drop no longer needed temporary patch * Tue May 9 2023 Sergio Lopez slp@redhat.com - 1.5.1-3 - Only use Obsoletes/Provides on Fedora 39 and later * Wed Apr 26 2023 Daniel P. Berrang�� berrange@redhat.com - 1.5.1-2 - Add Obsoletes/Provides for qemu-virtiofsd to get an upgrade path (rhbz #2189368) --------------------------------------------------------------------------------
================================================================================ xdg-dbus-proxy-0.1.4-2.fc38 (FEDORA-2023-d8b74a0b46) Filtering proxy for D-Bus connections -------------------------------------------------------------------------------- Update Information:
This update fixes a bug which caused Flatpak applications to lose access to D-Bus, in certain circumstances. ---- This update fixes a number of bugs that occur in uncommon circumstances. -------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 19 2023 Bastien Nocera bnocera@redhat.com - 0.1.4-2 - Fix D-Bus disconnection when an object path was overly long * Wed Jul 19 2023 Bastien Nocera bnocera@redhat.com - 0.1.4-1 - Update to 0.1.4 --------------------------------------------------------------------------------
test-reports@lists.fedoraproject.org