The following Fedora 36 Security updates need testing:
Age URL
9
https://bodhi.fedoraproject.org/updates/FEDORA-2022-164cf7837e
unbound-1.16.3-1.fc36
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-d7d49b2fac
postgresql-jdbc-42.3.1-4.fc36
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-b49c9bc07a
chromium-105.0.5195.125-2.fc36
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-c8cad41c95 squid-5.7-1.fc36
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-34acf878fb
scala-2.13.9-1.fc36
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-0b77fbd9e7 php-8.1.11-1.fc36
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-3793987b02
nodejs-16.17.1-1.fc36
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-6744980220
booth-1.0-262.3.d0ac26c.git.fc36
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-1695454935
php-twig-1.44.7-1.fc36
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-1fd94a54a1
nheko-0.10.2-1.fc36
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-9d8ee4a6de
php-twig2-2.15.3-1.fc36
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-b7dcd1cde4
php-twig3-3.4.3-1.fc36
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-15ec504440 expat-2.4.9-1.fc36
2
https://bodhi.fedoraproject.org/updates/FEDORA-2022-784d729f30
gitqlient-1.5.0-2.fc36
2
https://bodhi.fedoraproject.org/updates/FEDORA-2022-980d492c98
dotnet3.1-3.1.423-1.fc36
2
https://bodhi.fedoraproject.org/updates/FEDORA-2022-c0bfe37ae5
python-joblib-1.2.0-1.fc36
The following Fedora 36 Critical Path updates have yet to be approved:
Age URL
40
https://bodhi.fedoraproject.org/updates/FEDORA-2022-610322a65f ipset-7.15-5.fc36
12
https://bodhi.fedoraproject.org/updates/FEDORA-2022-1d26b49e2b
mtools-4.0.41-1.fc36
10
https://bodhi.fedoraproject.org/updates/FEDORA-2022-9ea05d4c5e
edk2-20220826gitba0e0e4c6a17-1.fc36
9
https://bodhi.fedoraproject.org/updates/FEDORA-2022-164cf7837e
unbound-1.16.3-1.fc36
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-ad74183245
libbluray-1.3.3-1.fc36
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-fbb55c3cf8
shadow-utils-4.11.1-5.fc36
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-3feab163aa
tzdata-2022d-1.fc36
5
https://bodhi.fedoraproject.org/updates/FEDORA-2022-2d8d4e23a9 rsync-3.2.6-2.fc36
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-15ec504440 expat-2.4.9-1.fc36
2
https://bodhi.fedoraproject.org/updates/FEDORA-2022-f09bd60ec1
ansible-packaging-1-8.1.fc36
2
https://bodhi.fedoraproject.org/updates/FEDORA-2022-0c59a07653
selinux-policy-36.16-1.fc36
2
https://bodhi.fedoraproject.org/updates/FEDORA-2022-8f69bf2f39
openldap-2.6.3-1.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-9e56439c8d
libmaxminddb-1.7.1-1.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-02a65e19f3
fontconfig-2.14.0-3.fc36
0
https://bodhi.fedoraproject.org/updates/FEDORA-2022-48308bc2c4
gdk-pixbuf2-2.42.9-2.fc36
The following builds have been pushed to Fedora 36 updates-testing
FlightGear-2020.3.14-1.fc36
FlightGear-Atlas-0.5.0-0.78.cvs20141002.fc36
FlightGear-data-2020.3.14-1.fc36
SimGear-2020.3.14-1.fc36
apt-2.5.3-1.fc36
copy-jdk-configs-4.1-1.fc36
cups-2.4.2-5.fc36
emacs-popup-0.5.9-1.fc36
exim-4.96-3.fc36
fail2ban-1.0.1-1.fc36
fedora-license-data-1.5-1.fc36
fgrun-2016.3.1-51.fc36
firefox-105.0.1-2.fc36
golang-github-muesli-combinator-0.3.0-1.fc36
golang-howett-plist-1.0.0-2.fc36
hwdata-0.363-1.fc36
icewm-3.0.0-1.fc36
libretro-beetle-pce-fast-0-0.10.20220828gitcc248db.14.fc36
lua-expat-1.4.1-1.fc36
lua-readline-3.2-1.fc36
mmtf-cpp-1.1.0-1.fc36
muParser-2.3.3-2.fc36
pdfbox-2.0.27-1.fc36
perl-JSON-RPC-LWP-0.007-10.fc36
pyproject-rpm-macros-1.4.0-1.fc36
python-google-auth-2.12.0-1.fc36
python-identify-2.5.6-1.fc36
qjackctl-0.9.8-1.fc36
qsynth-0.9.8-1.fc36
rubygem-pdfkit-0.8.7-1.fc36
seamonkey-2.53.14-3.fc36
wimlib-1.13.6-1.fc36
Details about builds:
================================================================================
FlightGear-2020.3.14-1.fc36 (FEDORA-2022-b9f9d4c052)
The FlightGear Flight Simulator
--------------------------------------------------------------------------------
Update Information:
This update provides a new version of FlightGear, the flight simulator.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 3 2022 Fabrice Bellet <fabrice(a)bellet.info> - 2020.3.14-1
- new upstream release
* Wed Jul 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
2020.3.13-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
FlightGear-Atlas-0.5.0-0.78.cvs20141002.fc36 (FEDORA-2022-b9f9d4c052)
Flightgear map tools
--------------------------------------------------------------------------------
Update Information:
This update provides a new version of FlightGear, the flight simulator.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 3 2022 Fabrice Bellet <fabrice(a)bellet.info> - 0.5.0-0.78.cvs20141002
- rebuild with newer SimGear
* Wed Jul 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
0.5.0-0.77.cvs20141002
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
FlightGear-data-2020.3.14-1.fc36 (FEDORA-2022-b9f9d4c052)
FlightGear base scenery and data files
--------------------------------------------------------------------------------
Update Information:
This update provides a new version of FlightGear, the flight simulator.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 3 2022 Fabrice Bellet <fabrice(a)bellet.info> - 2020.3.14-1
- new upstream release
* Wed Jul 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
2020.3.13-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
SimGear-2020.3.14-1.fc36 (FEDORA-2022-b9f9d4c052)
Simulation library components
--------------------------------------------------------------------------------
Update Information:
This update provides a new version of FlightGear, the flight simulator.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 3 2022 Fabrice Bellet <fabrice(a)bellet.info> - 2020.3.14-1
- new upstream release
* Wed Jul 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
2020.3.13-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
apt-2.5.3-1.fc36 (FEDORA-2022-e49944afad)
Command-line package manager for Debian packages
--------------------------------------------------------------------------------
Update Information:
Update apt to 2.5.3 (#2130611)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 3 2022 S��rgio Basto <sergio(a)serjux.com> - 2.5.3-1
- Update apt to 2.5.3 (#2130611)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2130611 - apt-2.5.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2130611
--------------------------------------------------------------------------------
================================================================================
copy-jdk-configs-4.1-1.fc36 (FEDORA-2022-e2f64fce8c)
JDKs configuration files copier
--------------------------------------------------------------------------------
Update Information:
Fixing
https://bugzilla.redhat.com/show_bug.cgi?id=2100617
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 29 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.1-1
- update to attempt to solve bug which could delete empty dirs in /etc
* Wed Sep 28 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.1-0
- update to attempt to solve bug which could delete empty dirs in /etc
* Wed Jul 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.0-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
cups-2.4.2-5.fc36 (FEDORA-2022-23a7d39e5b)
CUPS printing system
--------------------------------------------------------------------------------
Update Information:
2066528 - use 'localhost' if the mDNS record shows your local hostname
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 3 2022 Zdenek Dohnal <zdohnal(a)redhat.com> - 1:2.4.2-5
- 2066528 - use 'localhost' if the mDNS record shows your local hostname
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2066528 - Printer hangs after some time when using temp queue from ipp-usb
https://bugzilla.redhat.com/show_bug.cgi?id=2066528
--------------------------------------------------------------------------------
================================================================================
emacs-popup-0.5.9-1.fc36 (FEDORA-2022-6ed929e9b2)
Visual Popup Interface Library for Emacs
--------------------------------------------------------------------------------
Update Information:
Make popup-replace-displayable much faster ([#135](https://github.com/auto-
complete/popup-el/pull/135)).
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 3 2022 Mohamed El Morabity <melmorabity(a)fedoraproject.org> - 0.5.9-1
- Update to 0.5.9
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2131250 - emacs-popup-0.5.9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2131250
--------------------------------------------------------------------------------
================================================================================
exim-4.96-3.fc36 (FEDORA-2022-40ee7d9a64)
The exim mail transfer agent
--------------------------------------------------------------------------------
Update Information:
This is an update fixing "tainted search query is not properly quoted" for
greylisting.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 12 2022 Marcel H��rry <mh+fedora(a)scrit.ch> - 4.96-3
- Fix "tainted search query is not properly quoted" for greylisting
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2127633 - exim-greylist 4.96 "tainted search query is not properly
quoted"
https://bugzilla.redhat.com/show_bug.cgi?id=2127633
--------------------------------------------------------------------------------
================================================================================
fail2ban-1.0.1-1.fc36 (FEDORA-2022-955a27c4a0)
Daemon to ban hosts that cause multiple authentication errors
--------------------------------------------------------------------------------
Update Information:
Fail2Ban: Changelog =================== ver. 1.0.1 (2022/09/27) - energy-
equals-mass-times-the-speed-of-light-squared ----------- ### Compatibility *
the minimum supported python version is now 2.7, if you have previous python
version you can use the 0.11 version of fail2ban or upgrade python (or even
build it from source). * potential incompatibility by parsing of options of
`backend`, `filter` and `action` parameters (if they are partially incorrect),
because fail2ban could throw an error now (doesn't silently bypass it anymore).
* due to fix for CVE-2021-32749 (GHSA-m985-3f3v-cwmm) the mailing action using
mailutils may require extra configuration, if it is not compatible or doesn't
support `-E 'set escape'` (e. g. with `mailcmd` parameter), see gh-3059 *
automatic invocation of 2to3 is removed in setup now (gh-3098), there is also no
option `--disable-2to3` anymore, `./fail2ban-2to3` should be called outside
before setup * to v.0.11: - due to change of `actioncheck` behavior (gh-488),
some actions can be incompatible as regards the invariant check, if
`actionban` or `actionunban` would not throw an error (exit code different
from 0) in case of unsane environment. - actions that have used tag `<ip>`
(instead of `<fid>` or `<F-ID>`) to get failure-ID may become
incompatible,
if filter uses IP-related tags (like `<ADDR>` or `<HOST>`) additionally to
`<F-ID>` and the values are different (gh-3217) ### Fixes * theoretical RCE
vulnerability in mailing action using mailutils (mail-whois), CVE-2021-32749,
GHSA-m985-3f3v-cwmm * readline fixed to consider interim new-line character as
part of code point in multi-byte logs (e. g. unicode encoding like utf-16be,
utf-16le); * [stability] solves race condition with uncontrolled growth of
failure list (jail with too many matches, that did not cause ban), behavior
changed to ban ASAP, gh-2945 * fixes search for the best datepattern - e. g. if
line is too short, boundaries check for previously known unprecise pattern may
fail on incomplete lines (logging break-off, no flush, etc), gh-3020 *
[stability, performance] backend `systemd`: - fixes error "local variable
'line' referenced before assignment", introduced in 55d7d9e2, gh-3097 -
don't
update database too often (every 10 ticks or ~ 10 seconds in production) -
fixes wrong time point of "in operation" mode, gh-2882 - better avoidance of
landing in dead space by seeks over journals (improved seek to time) - fixes
missing space in message (tag `<matches>`) between timestamp and host if the
message read from systemd journal, gh-3293 * [stability] backend `pyinotify`:
fixes sporadic runtime error "dictionary changed size during iteration" *
several backends optimizations (in file and journal filters): - don't need to
wait if we still had log-entries from last iteration (which got interrupted for
servicing) - rewritten update log/journal position, it is more stable and
faster now (fewer DB access and surely up-to-date at end) * `paths-debian.conf`:
- add debian path to roundcube error logs * `action.d/firewallcmd-*.conf`
(multiport only): fixed port range selector, replacing `:` with `-`;" reverted
the incompatibility gh-3047 introduced in a038fd5, gh-2821, because this depends
now on firewalld backend (e. g. `-` vs. `:` related to `iptables` vs.
`nftables`) * `action.d/nginx-block-map.conf`: reload nginx only if it is
running (also avoid error in nginx-errorlog, gh-2949) * `action.d/ufw.conf`: -
fixed handling on IPv6 (using prepend, gh-2331, gh-3018) - application names
containing spaces can be used now (gh-656, gh-1532, gh-3018) * `filter.d/apache-
fakegooglebot.conf`: - better, more precise regex and datepattern (closes
possible weakness like gh-3013) - `filter.d/ignorecommands/apache-
fakegooglebot` - added timeout parameter (default 55 seconds), avoid fail with
timeout (default 1 minute) by reverse lookup on some slow DNS services
(googlebots must be resolved fast), gh-2951 * `filter.d/apache-overflows.conf` -
extended to match AH00126 error (Invalid URI ...), gh-2908 *
`filter.d/asterisk.conf` - add transport to asterisk RE: call rejection messages
can have the transport prefixed to the IP address, gh-2913 * `filter.d/courier-
auth.conf`: - consider optional port after IP, gh-3211 - regex is rewritten
without catch-all's and right anchor, so it is more stable against further
modifications now * `filter.d/dovecot.conf`: - adjusted for updated dovecot
log format with `read(size=...)` in message (gh-3210) - parse everything in
parenthesis by auth-worker info, e. g. can match (pid=...,uid=...) too (amend to
gh-2553) - extended to match prefix like `conn unix:auth-worker (uid=143):
auth-worker<13247>:` (authenticate from external service like exim), gh-2553
- fixed "Authentication failure" regex, matches "Password mismatch" in
title
case (gh-2880) * `filter.d/drupal-auth.conf` - more strict regex, extended to
match "Login attempt failed from" (gh-2742) * `filter.d/exim-common.conf` -
pid-
prefix extended to match `mx1 exim[...]:` (gh-2553) * `filter.d/lighttpd-
auth.conf` - adjusted to the current source code + avoiding catch-all's, etc
(gh-3116) * `filter.d/named-refused.conf`: - added support for alternate names
(suffix), FreeIPA renames the BIND9 named daemon to named-pkcs11, gh-2636 -
fixes prefix for messages from systemd journal (no mandatory space ahead,
because don't have timestamp), gh-2899 * `filter.d/nginx-*.conf` - added
journalmatch to nginx filters, gh-2935 * `filter.d/nsd.conf` - support for
current log format, gh-2965 * `filter.d/postfix.conf`: fixes and new vectors,
review and combining several regex to single RE: - mode `ddos` (and
`aggressive`) extended: * to consider abusive handling of clients hitting
command limit, gh-3040 * to handle postscreen's PREGREET and HANGUP
messages, gh-2898 - matches rejects with "undeliverable address"
(sender/recipient verification) additionally to "Unknown user", gh-3039
both are configurable now via extended parameter and can be disabled using
`exre-user=` supplied in filter parameters - reject: BDAT/DATA from, gh-2927
- (since regex is more precise now) token selector changed to `[A-Z]{4}`, e. g.
no matter what a command is supplied now (RCPT, EHLO, VRFY, DATA, BDAT or
something else) - matches "Command rejected" and "Data command
rejected" now
- matches RCPT from unknown, 504 5.5.2, need fully-qualified hostname, gh-2995
- matches 550 5.7.25 Client host rejected, gh-2996 * `filter.d/sendmail-
auth.conf`: - detect several "authentication failure" messages, sendmail
8.16.1, gh-2757 - detect user not found, gh-3030 - detect failures without
user part, gh-3324 * `filter.d/sendmail-reject.conf`: - fix reverse DNS for
... (gh-3012) - fixed regex to consider "Connection rate limit exceeded" with
different combination of arguments * `filter.d/sshd.conf`: - mode `ddos`
extended - recognizes messages "kex_exchange_identification: Connection closed /
reset by pear", gh-3086 (fixed possible regression of f77398c) - mode
`ddos` extended - recognizes new message "banner exchange: invalid format"
generated by port scanner (https payload on ssh port), gh-3169 *
`filter.d/zoneminder.conf` - support new log format (ERR instead of WAR), add
detection of non-existent user login attempts, gh-2984 * amend to gh-980 fixing
several actions (correctly supporting new enhancements now) * fixed typo by
`--dump-pretty` option which did never work (only `--dp` was working) * fixes
start of fail2ban-client in docker: speedup daemonization process by huge open
files limit, gh-3334 * provides details of failed regex compilation in the error
message we throw in Regex-constructor (it's good to know what exactly is
wrong) * fixed failed update of database didn't signal with an error, gh-3352:
- client and server exit with error code by failure during start process (in
foreground mode) - added fallback to repair if database cannot be upgraded
### New Features and Enhancements * python 3.10 and 3.11 compatibility (and GHA-
CI support) * `actioncheck` behavior is changed now (gh-488), so invariant check
as well as restore or repair of sane environment (in case of recognized
unsane state) would only occur on action errors (e. g. if ban or unban
operations are exiting with other code as 0) * better recognition of log
rotation, better performance by reopen: avoid unnecessary seek to begin of file
(and hash calculation) * file filter reads only complete lines (ended with new-
line) now, so waits for end of line (for its completion) * datedetector: -
token `%Z` must recognize zone abbreviation `Z` (GMT/UTC) also (similar to `%z`)
- token `%Z` recognizes all known zone abbreviation besides Z, GMT, UTC
correctly, if it is matching (`%z` remains unchanged for backwards-
compatibility, see comment in code) - date patterns `%ExY` and `%Exy` accept
every year from 19xx up to current century (+3 years) in `fail2ban-regex` -
better grouping algorithm for resulting century RE for `%ExY` and `%Exy` *
actions differentiate tags `<ip>` and `<fid>` (`<F-ID>`), if IP-address
deviates
from ID then the value of `<ip>` is not equal `<fid>` anymore (gh-3217) *
action info extended with new members for jail info (usable as tags in command
actions), gh-10: - `<jail.found>`, `<jail.found_total>` - current and total
found failures - `<jail.banned>`, `<jail.banned_total>` - current and total
bans * `filter.d/monitorix.conf` - added new filter and jail for Monitorix,
gh-2679 * `filter.d/mssql-auth.conf` - new filter and jail for Microsoft SQL
Server, gh-2642 * `filter.d/nginx-bad-request.conf` - added filter to find bad
requests (400), gh-2750 * `filter.d/nginx-http-auth.conf` - extended with
parameter mode, so additionally to `auth` (or `normal`) mode `fallback` (or
combined as `aggressive`) can find SSL errors while SSL handshaking, gh-2881 *
`filter.d/scanlogd.conf` - new filter and jail, add support for filtering out
detected port scans via scanlogd, gh-2950 * `action.d/apprise.conf` - added
Apprise support (50+ Notifications), gh-2565 * `action.d/badips.*` - removed
actions,
badips.com is no longer active, gh-2889 * `action.d/cloudflare.conf` -
better IPv6 capability, gh-2891 * `action.d/cloudflare-token.conf` - added
support for Cloudflare Token APIs. This method is more restrictive and
therefore safter than using API Keys. * `action.d/ipthreat.conf` - new action
for IPThreat integration, gh-3349 * `action.d/ufw.conf` (gh-3018): - new
option `add` (default `prepend`), can be supplied as `insert 1` for ufw versions
before v.0.36 (gh-2331, gh-3018) - new options `kill-mode` and `kill` to drop
established connections of intruder (see action for details, gh-3018) *
`iptables` and `iptables-ipset` actions extended to support multiple protocols
with single action for multiport or oneport type (back-ported from nftables
action); * `iptables` actions are more breakdown-safe: start wouldn't fail if
chain or rule already exists (e. g. created by previous instance and doesn't
get purged properly); ultimately closes gh-980 * `ipset` actions are more
breakdown-safe: start wouldn't fail if set with this name already exists (e.
g. created by previous instance and don't deleted properly) * replace internals
of several `iptables` and `iptables-ipset` actions using internals of iptables
include: - better check mechanism (using `-C`, option `--check` is available
long time); - additionally iptables-ipset is a common action for `iptables-
ipset-proto6-*` now (which become obsolete now); - many features of different
iptables actions are combinable as single chain/rule (can be supplied to action
as parameters); - iptables is a replacement for iptables-common now, several
actions using this as include now become obsolete; * new logtarget SYSTEMD-
JOURNAL, gh-1403 * fail2ban.conf: new fail2ban configuration option `allowipv6`
(default `auto`), can be used to allow or disallow IPv6 interface in fail2ban
immediately by start (e. g. if fail2ban starts before network interfaces),
gh-2804 * invalidate IP/DNS caches by reload, so inter alia would allow to
recognize IPv6IsAllowed immediately, previously retarded up to cache max-time
(5m), gh-2804 * OpenRC (Gentoo, mainly) service script improvements, gh-2182 *
suppress unneeded info "Jail is not a JournalFilter instance" (moved to debug
level), gh-3186 * implements new interpolation variable `%(fail2ban_confpath)s`
(automatically substituted from config-reader path, default `/etc/fail2ban`
or `/usr/local/etc/fail2ban` depending on distribution); `ignorecommands_dir` is
unneeded anymore, thus removed from `paths-common.conf`, fixes gh-3005 *
`fail2ban-regex`: accepts filter parameters containing new-line
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 2 2022 Richard Shaw <hobbes1069(a)gmail.com> - 1.0.1-1
- Update to 1.0.1.
* Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.11.2-14
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Wed Jun 15 2022 Python Maint <python-maint(a)redhat.com> - 0.11.2-13
- Rebuilt for Python 3.11
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2130834 - fail2ban-1.0.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2130834
--------------------------------------------------------------------------------
================================================================================
fedora-license-data-1.5-1.fc36 (FEDORA-2022-a050ef7f8d)
Fedora Linux license data
--------------------------------------------------------------------------------
Update Information:
1.5 release
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 3 2022 msuchy <msuchy(a)redhat.com> - 1.5-1
- 1.5 release
--------------------------------------------------------------------------------
================================================================================
fgrun-2016.3.1-51.fc36 (FEDORA-2022-b9f9d4c052)
Graphical front-end for launching FlightGear flight simulator
--------------------------------------------------------------------------------
Update Information:
This update provides a new version of FlightGear, the flight simulator.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 3 2022 Fabrice Bellet <fabrice(a)bellet.info> - 2016.3.1-51
- rebuild with newer SimGear
* Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
2016.3.1-50
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
firefox-105.0.1-2.fc36 (FEDORA-2022-363c122092)
Mozilla Firefox Web browser
--------------------------------------------------------------------------------
Update Information:
- Fixes menu flickering on Wayland
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2130087 - Firefox cause flickering context menus on websites since 105.1 on
wayland
https://bugzilla.redhat.com/show_bug.cgi?id=2130087
--------------------------------------------------------------------------------
================================================================================
golang-github-muesli-combinator-0.3.0-1.fc36 (FEDORA-2022-37fb271784)
Generates a slice of all possible value combinations for any given struct and a set of
its potential member values
--------------------------------------------------------------------------------
Update Information:
Initial import
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 3 2022 Anthony Rabbito <hello(a)anthonyrabbito.com> 0.3.0-1
- Initial import (fedora#2120461).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2120461 - Review Request: golang-github-muesli-combinator - Generates a slice
of all possible value combinations for any given struct and a set of its potential member
values
https://bugzilla.redhat.com/show_bug.cgi?id=2120461
--------------------------------------------------------------------------------
================================================================================
golang-howett-plist-1.0.0-2.fc36 (FEDORA-2022-899b1a9ffb)
A pure Go Apple Property List transcoder
--------------------------------------------------------------------------------
Update Information:
Initial import of package
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 3 2022 Anthony Rabbito <hello(a)anthonyrabbito.com> 1.0.0-2
- remove files macro generated by previous go2rpm releases
* Mon Oct 3 2022 Anthony Rabbito <hello(a)anthonyrabbito.com> 1.0.0-1
- Initial import (fedora#2120464).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2120464 - Review Request: golang-howett-plist - A pure Go property list
transcoder
https://bugzilla.redhat.com/show_bug.cgi?id=2120464
--------------------------------------------------------------------------------
================================================================================
hwdata-0.363-1.fc36 (FEDORA-2022-360b1e4ede)
Hardware identification and configuration data
--------------------------------------------------------------------------------
Update Information:
Update pci and vendor ids
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 3 2022 Vitezslav Crhonek <vcrhonek(a)redhat.com> - 0.363-1
- Update pci and vendor ids
--------------------------------------------------------------------------------
================================================================================
icewm-3.0.0-1.fc36 (FEDORA-2022-f8f66f2651)
Window manager designed for speed, usability, and consistency
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 3 2022 Artem Polishchuk <ego.cordatus(a)gmail.com> 3.0.0-1
- chore(update): 3.0.0
--------------------------------------------------------------------------------
================================================================================
libretro-beetle-pce-fast-0-0.10.20220828gitcc248db.14.fc36 (FEDORA-2022-c37bc2ab72)
Standalone port of Mednafen PCE Fast to libretro
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 3 2022 Artem Polishchuk <ego.cordatus(a)gmail.com> 0-14
- chore(update): Latest git snapshot
* Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
0-0.10.20220205gite880168
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
lua-expat-1.4.1-1.fc36 (FEDORA-2022-01d907d54b)
SAX XML parser based on the Expat library
--------------------------------------------------------------------------------
Update Information:
# LuaExpat 1.4.1 * Fix bad buffer size calculation in threat parser #
LuaExpat 1.4.0 * Improved Lua version support (5.1 - 5.4) * Fix memory leak
when callbacks reference a parser object * Expose Expat library version
(lxp._EXPAT_VERSION) * Added `lxp.totable` module * Fix integers being
returned as floats on Lua 5.3+ * Fix `XmlDecl` callback can also return `nil`
for 'standalone' * Many documentation updates * Added triplet namespace
setting (returnnstriplet) * Added `EntityDecl` handler * Added `AttlistDecl`
handler * Added `ElementDecl` handler * Added `SkippedEntity` handler *
Added `EndDoctypeDecl` handler * More tests and new test setup; Busted,
LuaCheck, Github actions * Improved finishing, multiple nil-calls no longer
throw errors * Fix `lxp.lom` to properly handle input as function, table, or
file * Added option for namespace aware parsing to the `lxp.lom` module *
Repository moved to lunarmodules * Added threat protection parser (protects
against excessivly large inputs), with options for the `lxp.lom` and
`lxp.totable` to use it
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 3 2022 Robert Scheck <robert(a)fedoraproject.org> 1.4.1-1
- Upgrade to 1.4.1
* Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3.0-24
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
lua-readline-3.2-1.fc36 (FEDORA-2022-f05bdb9403)
Lua interface to the readline and history libraries
--------------------------------------------------------------------------------
Update Information:
* Update to 3.2 (#2131450) * Upstream change: fix a memory leak in
`readline()`
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 3 2022 Robert Scheck <robert(a)fedoraproject.org> 3.2-1
- Update to 3.2 (#2131450)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2131450 - lua-readline-3.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2131450
--------------------------------------------------------------------------------
================================================================================
mmtf-cpp-1.1.0-1.fc36 (FEDORA-2022-85eb6a5ce7)
The Macromolecular Transmission Format (MMTF) header only files
--------------------------------------------------------------------------------
Update Information:
- Release 1.1.0
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 3 2022 Antonio Trande <sagitter(a)fedoraproject.org> - 1.1.0-1
- Release 1.1.0
* Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.0.0-11
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
muParser-2.3.3-2.fc36 (FEDORA-2022-551a270c95)
A fast math parser library
--------------------------------------------------------------------------------
Update Information:
- rebuilt without WIDE_CHAR support ---- - Update to 2.3.3 fixes rhbz#2043980
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 1 2022 Filipe Rosset <rosset.filipe(a)gmail.com> - 2.3.3-2
- rebuilt without WIDE_CHAR support
* Sat Sep 24 2022 Filipe Rosset <rosset.filipe(a)gmail.com> - 2.3.3-1
- Update to 2.3.3 fixes rhbz#2043980
* Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.3.2-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
pdfbox-2.0.27-1.fc36 (FEDORA-2022-9876f0ff50)
Apache PDFBox library for working with PDF documents
--------------------------------------------------------------------------------
Update Information:
Update pdfbox to 2.0.27 (#2131069)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 3 2022 S��rgio Basto <sergio(a)serjux.com> - 2.0.27-1
- Update pdfbox to 2.0.27 (#2131069)
* Fri Jul 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.0.26-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Fri Jul 8 2022 Jiri Vanek <jvanek(a)redhat.com> - 2.0.26-2
- Rebuilt for Drop i686 JDKs
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2131069 - pdfbox-2.0.27 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2131069
--------------------------------------------------------------------------------
================================================================================
perl-JSON-RPC-LWP-0.007-10.fc36 (FEDORA-2022-5239b0e09b)
JSON RPC over any libwww supported protocol
--------------------------------------------------------------------------------
Update Information:
Explicitly require MooseX::Deprecated (#2131742)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 3 2022 Yanko Kaneti <yaneti(a)declera.com> - 0.007-10
- Explicitly require MooseX::Deprecated (#2131742)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2131742 - perl-JSON-RPC-LWP is not usable at all
https://bugzilla.redhat.com/show_bug.cgi?id=2131742
--------------------------------------------------------------------------------
================================================================================
pyproject-rpm-macros-1.4.0-1.fc36 (FEDORA-2022-c4d503f53c)
RPM macros for PEP 517 Python packages
--------------------------------------------------------------------------------
Update Information:
%pyproject_save_files: Support License-Files installed into the *Root License
Directory* from PEP 369 %pyproject_check_import: Import only the modules whose
top-level names match any of the globs provided to %pyproject_save_files
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 19 2022 Python Maint <python-maint(a)redhat.com> - 1.4.0-1
- %pyproject_save_files: Support License-Files installed into the *Root License Directory*
from PEP 369
- Fixes: rhbz#2127946
- %pyproject_check_import: Import only the modules whose top-level names
match any of the globs provided to %pyproject_save_files
- Fixes: rhbz#2127958
* Tue Aug 30 2022 Otto Liljalaakso <otto.liljalaakso(a)iki.fi> - 1.3.4-1
- Fix typo in internal function name
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2127946 - PEP 639: %pyproject_save_files do not take *Root License Directory*
into consideration for %license
https://bugzilla.redhat.com/show_bug.cgi?id=2127946
[ 2 ] Bug #2127958 - %pyproject_check_import imports modules not specified in
%pyproject_save_files
https://bugzilla.redhat.com/show_bug.cgi?id=2127958
--------------------------------------------------------------------------------
================================================================================
python-google-auth-2.12.0-1.fc36 (FEDORA-2022-3b6c24639e)
Google Auth Python Library
--------------------------------------------------------------------------------
Update Information:
Update to 2.12.0
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 30 2022 Fedora Release Monitoring <release-monitoring(a)fedoraproject.org> -
1:2.12.0-1
- Update to 2.12.0 (#2128641)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2128641 - python-google-auth-2.12.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2128641
--------------------------------------------------------------------------------
================================================================================
python-identify-2.5.6-1.fc36 (FEDORA-2022-b583e4d7f5)
File identification library for Python
--------------------------------------------------------------------------------
Update Information:
2.5.6
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 3 2022 Gwyn Ciesla <gwync(a)protonmail.com> - 2.5.6-1
- 2.5.6
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2131816 - python-identify-2.5.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2131816
--------------------------------------------------------------------------------
================================================================================
qjackctl-0.9.8-1.fc36 (FEDORA-2022-bab99f58e7)
Qt based JACK control application
--------------------------------------------------------------------------------
Update Information:
Update to version 0.9.8
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 3 2022 Christoph Karl <pampelmuse [AT] gmx [DOT] at> - 0.9.8-1
- Update to version 0.9.8
* Fri Jul 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.9.7-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2131623 - qjackctl-0.9.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2131623
--------------------------------------------------------------------------------
================================================================================
qsynth-0.9.8-1.fc36 (FEDORA-2022-b001045df8)
Qt based Fluidsynth GUI front end
--------------------------------------------------------------------------------
Update Information:
Update to version 0.9.8
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 3 2022 Christoph Karl <pampelmuse [AT] gmx [DOT] at> - 0.9.8-1
- Update to version 0.9.8
* Sat Jul 23 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.9.7-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2131624 - qsynth-0.9.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2131624
--------------------------------------------------------------------------------
================================================================================
rubygem-pdfkit-0.8.7-1.fc36 (FEDORA-2022-3ec8272e72)
HTML+CSS to PDF using wkhtmltopdf
--------------------------------------------------------------------------------
Update Information:
Update to 0.8.7. This new release fixes CVE-2022-25765.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 3 2022 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 0.8.7-1
- 0.8.7 (CVE-2022-25765, bug 2125608)
* Sat Jul 23 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.8.6-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2125609 - CVE-2022-25765 rubygem-pdfkit: pdfkit are vulnerable to Command
Injection where the URL is not properly sanitized. [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2125609
--------------------------------------------------------------------------------
================================================================================
seamonkey-2.53.14-3.fc36 (FEDORA-2022-a758e9293f)
Web browser, e-mail, news, IRC client, HTML editor
--------------------------------------------------------------------------------
Update Information:
Some stability fixes. ---- Update to 2.53.14 Note that besides the ordinary
builds for the current Fedora and EPEL branches, there is an additional distro-
independed build available at
https://buc.fedorapeople.org/seamonkey . So if you
have friends who use other Linux distro, but that distro does not provide
SeaMonkey yet, you can recommend it for them.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 3 2022 Dmitry Butskoy <Dmitry(a)Butskoy.name> 2.53.14-3
- add fix for mozbz 1443429 and mozbz 1443746,
return no more broken patches
* Sun Oct 2 2022 Dmitry Butskoy <Dmitry(a)Butskoy.name> 2.53.14-2
- rebuild without potentially broken patches
* Tue Sep 27 2022 Dmitry Butskoy <Dmitry(a)Butskoy.name> 2.53.14-1
- update to 2.53.14
* Mon Aug 1 2022 Frantisek Zatloukal <fzatlouk(a)redhat.com> - 2.53.13-3
- Rebuilt for ICU 71.1
* Sat Jul 23 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.53.13-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
wimlib-1.13.6-1.fc36 (FEDORA-2022-7bb106a2be)
Open source Windows Imaging (WIM) library
--------------------------------------------------------------------------------
Update Information:
wimsplit no longer prints a success message on failure.
`wimlib_iterate_dir_tree()`no longer hashes files that haven't yet been written
to the WIM file. Reduced the maximum number of file descriptors that wimlib can
use when extracting files from a WIM image on macOS. The files that used the
CC0 public domain dedication now use the MIT license instead.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 3 2022 Mohamed El Morabity <melmorabity(a)fedoraproject.org> - 1.13.6-1
- Update to 1.13.6
- Update license tag (CC0 replaced by MIT)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2125916 - wimlib-1.13.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2125916
--------------------------------------------------------------------------------