The following Fedora 36 Security updates need testing:
Age URL
35
https://bodhi.fedoraproject.org/updates/FEDORA-2022-3793987b02
nodejs-16.17.1-1.fc36
7
https://bodhi.fedoraproject.org/updates/FEDORA-2022-6ec78b2586
device-mapper-multipath-0.8.7-9.fc36
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-e8698f2e5e
java-latest-openjdk-19.0.1.0.10-2.rolling.fc36
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-6bcee2cc93
ghc-cmark-gfm-0.2.5-1.fc36
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-affcf9eea6
mingw-gdb-12.1-2.fc36
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-19538a3732
mingw-binutils-2.37-5.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-d1682fef04
mingw-python3-3.10.8-1.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-185482f0a7
mediawiki-1.37.6-1.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-c9a1fd5370
mingw-gcc-11.2.1-6.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-ebd5bb0478 exim-4.96-5.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-07438e12df xen-4.16.2-3.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-5f28fceec0
dotnet6.0-6.0.110-2.fc36
The following Fedora 36 Critical Path updates have yet to be approved:
Age URL
12
https://bodhi.fedoraproject.org/updates/FEDORA-2022-57ee5658ba
annobin-10.91-1.fc36
11
https://bodhi.fedoraproject.org/updates/FEDORA-2022-a1ce0e1a10
netcat-1.219-1.fc36
10
https://bodhi.fedoraproject.org/updates/FEDORA-2022-2cfae0608f
mtools-4.0.42-1.fc36
7
https://bodhi.fedoraproject.org/updates/FEDORA-2022-362bd01539
python3-docs-3.10.8-1.fc36 python3.10-3.10.8-1.fc36
7
https://bodhi.fedoraproject.org/updates/FEDORA-2022-1f0c41e96a koji-1.30.1-2.fc36
7
https://bodhi.fedoraproject.org/updates/FEDORA-2022-6ec78b2586
device-mapper-multipath-0.8.7-9.fc36
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-b3789b98eb
python-rpm-macros-3.10-20.fc36
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-48bd42b2dc
rust-packaging-23-1.fc36 rust-srpm-macros-23-1.fc36
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-a57ed521ba
tzdata-2022f-1.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-0c6f7be0c2
xorg-x11-server-Xwayland-22.1.5-1.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-07438e12df xen-4.16.2-3.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-3dcead123d
hwdata-0.364-1.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-1291faac0d
mpg123-1.31.1-1.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-e7a369b2b8
libxcrypt-4.4.30-1.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-95075fcd45
gnome-control-center-42.4-1.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-59dce64ba4 gtk4-4.6.8-1.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-7ef19edbdc expat-2.5.0-1.fc36
The following builds have been pushed to Fedora 36 updates-testing
crosswords-0.3.5-3.fc36
fail2ban-1.0.1-2.fc36
gns3-gui-2.2.34-1.fc36
gns3-server-2.2.34-1.fc36
golang-github-onsi-ginkgo-2-2.4.0-1.fc36
knot-3.2.2-1.fc36
libipuz-0.2.0-1.fc36
mlpack-4.0.0-2.fc36
mpi4py-3.1.4-1.fc36
perl-CPAN-02Packages-Search-0.002-1.fc36
php-cs-fixer-3.13.0-1.fc36
php-pear-CAS-1.6.0-1.fc36
php-symfony4-4.4.48-1.fc36
rpm-ostree-2022.15-3.fc36
rust-duct_sh-0.13.5-1.fc36
rust-just-1.8.0-1.fc36
starcal-3.1.13-1.fc36
supertuxkart-1.4-1.fc36
tgbot-cpp-1.4-1.fc36
tio-2.3-1.fc36
vim-9.0.828-1.fc36
wordpress-6.1-1.fc36
Details about builds:
================================================================================
crosswords-0.3.5-3.fc36 (FEDORA-2022-0dbfd4df93)
Solve crossword puzzles
--------------------------------------------------------------------------------
Update Information:
Initial crosswords build for f36
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 2 2022 Davide Cavalca <dcavalca(a)fedoraproject.org> 0.3.5-3
- Use hard requires for the default puzzle sets
* Tue Nov 1 2022 Davide Cavalca <dcavalca(a)fedoraproject.org> 0.3.5-2
- Temporarily gate out tests on s390x
* Tue Nov 1 2022 Davide Cavalca <dcavalca(a)fedoraproject.org> 0.3.5-1
- Initial import; Fixes: RHBZ#2137749
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2137748 - Review Request: libipuz - Library for parsing .ipuz puzzle files
https://bugzilla.redhat.com/show_bug.cgi?id=2137748
[ 2 ] Bug #2137749 - Review Request: crosswords - Solve crossword puzzles
https://bugzilla.redhat.com/show_bug.cgi?id=2137749
--------------------------------------------------------------------------------
================================================================================
fail2ban-1.0.1-2.fc36 (FEDORA-2022-9a192ab246)
Daemon to ban hosts that cause multiple authentication errors
--------------------------------------------------------------------------------
Update Information:
Add patch to deal with 100% CPU use in dovecot jail.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 2 2022 Richard Shaw <hobbes1069(a)gmail.com> - 1.0.1-2
- Add patch for dovecot eating 100% CPU.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2135621 - fail2ban processing dovecot error logs uses 100% of the CPU.
https://bugzilla.redhat.com/show_bug.cgi?id=2135621
[ 2 ] Bug #2138919 - fail2ban suddently taking 100% CPU
https://bugzilla.redhat.com/show_bug.cgi?id=2138919
--------------------------------------------------------------------------------
================================================================================
gns3-gui-2.2.34-1.fc36 (FEDORA-2022-350a6503a1)
GNS3 graphical user interface
--------------------------------------------------------------------------------
Update Information:
Update to 2.2.34 Fix python 3.11
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 3 2022 Nicolas Chauvet <kwizart(a)gmail.com> - 2.2.34-1
- Update to 2.2.34
* Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
2.2.33.1-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
gns3-server-2.2.34-1.fc36 (FEDORA-2022-350a6503a1)
Graphical Network Simulator 3
--------------------------------------------------------------------------------
Update Information:
Update to 2.2.34 Fix python 3.11
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 3 2022 Nicolas Chauvet <kwizart(a)gmail.com> - 2.2.34-1
- Update to 2.2.34
- backport python3.11 fix - rhbz#2134944
* Thu Jul 21 2022 Nicolas Chauvet <kwizart(a)gmail.com> - 2.2.33.1-3
- Drop busybox at build time
* Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
2.2.33.1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
golang-github-onsi-ginkgo-2-2.4.0-1.fc36 (FEDORA-2022-e7af90c8dc)
A Modern Testing Framework for Go
--------------------------------------------------------------------------------
Update Information:
Update to 2.3.1. Fixes rhbz#2127729.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Oct 25 2022 Maxwell G <gotmax(a)e.email> - 2.4.0-1
- Update to 2.4.0. Fixes rhbz#2137638.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2127729 - golang-github-onsi-ginkgo-2-2.3.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2127729
--------------------------------------------------------------------------------
================================================================================
knot-3.2.2-1.fc36 (FEDORA-2022-a40e8e52e6)
High-performance authoritative DNS server
--------------------------------------------------------------------------------
Update Information:
Update to upstream 3.2.2
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 1 2022 Jakub Ru��i��ka <jakub.ruzicka(a)nic.cz> - 3.2.2-1
- Update to 3.2.2
--------------------------------------------------------------------------------
================================================================================
libipuz-0.2.0-1.fc36 (FEDORA-2022-0dbfd4df93)
Library for parsing .ipuz puzzle files
--------------------------------------------------------------------------------
Update Information:
Initial crosswords build for f36
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 27 2022 Davide Cavalca <dcavalca(a)fedoraproject.org> 0.2.0-1
- Initial import; Fixes: RHBZ#2137748
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2137748 - Review Request: libipuz - Library for parsing .ipuz puzzle files
https://bugzilla.redhat.com/show_bug.cgi?id=2137748
[ 2 ] Bug #2137749 - Review Request: crosswords - Solve crossword puzzles
https://bugzilla.redhat.com/show_bug.cgi?id=2137749
--------------------------------------------------------------------------------
================================================================================
mlpack-4.0.0-2.fc36 (FEDORA-2022-691295e928)
Fast, header-only C++ machine learning library
--------------------------------------------------------------------------------
Update Information:
Fix incorrect Requires. ---- Update to latest stable version.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 31 2022 Ryan Curtin <ryan(a)ratml.org> - 4.0.0-2
- Fix incorrect Requires.
* Wed Oct 26 2022 Ryan Curtin <ryan(a)ratml.org> - 4.0.0-1
- Update to latest stable version.
- doc subpackage is no longer produced (mlpack 4.0.0 has no Doxygen support anymore).
- Remove boost dependency, replace with cereal.
* Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.4.2-18
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue Jun 21 2022 Lum��r Balhar <lbalhar(a)redhat.com> - 3.4.2-17
- Fix build by BR python3-devel
- Fix compatibility with latest setuptools
* Wed Jun 15 2022 Python Maint <python-maint(a)redhat.com> - 3.4.2-16
- Rebuilt for Python 3.11
* Wed May 4 2022 Thomas Rodgers <trodgers(a)redhat.com> - 3.4.2-15
- Rebuilt for Boost 1.78
--------------------------------------------------------------------------------
================================================================================
mpi4py-3.1.4-1.fc36 (FEDORA-2022-83fb0553cc)
Python bindings of the Message Passing Interface (MPI)
--------------------------------------------------------------------------------
Update Information:
3.1.4
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 2 2022 Gwyn Ciesla <gwync(a)protonmail.com> - 3.1.4-1
- 3.1.4
* Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.1.3-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Mon Jun 13 2022 Python Maint <python-maint(a)redhat.com> - 3.1.3-3
- Rebuilt for Python 3.11
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2139447 - mpi4py-3.1.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2139447
--------------------------------------------------------------------------------
================================================================================
perl-CPAN-02Packages-Search-0.002-1.fc36 (FEDORA-2022-824e77dbbf)
Search Perl modules in 02packages.details.txt
--------------------------------------------------------------------------------
Update Information:
This release updates a build script and removes trailing white spaces from a
license text. We deliver it mainly to provide an up-to-date version string.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 3 2022 Petr Pisar <ppisar(a)redhat.com> - 0.002-1
- 0.002 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2139561 - perl-CPAN-02Packages-Search-0.002 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2139561
--------------------------------------------------------------------------------
================================================================================
php-cs-fixer-3.13.0-1.fc36 (FEDORA-2022-0f68b0108e)
PHP Coding Standards Fixer
--------------------------------------------------------------------------------
Update Information:
Changelog for version 3.13.0 * bug: BracesFixer - Fix unexpected extra blank
line (#6667) * bug: fix CI on master branch (#6663) * bug: IsNullFixer - handle
casting (#6661) * docs: feature or bug (#6652) * docs: Use case insensitive
sorting for options (#6666) * docs: [DateTimeCreateFromFormatCallFixer] Fix
typos in the code sample (#6671) * DX: update cli-executor (#6664) * DX: update
dev-tools (#6665) * feature: Add global_namespace_import to @Symfony ruleset
(#6662) * feature: Add separate option for closure_fn_spacing (#6658) * feature:
general_phpdoc_annotation_remove - allow add case_sensitive option (#6660) *
minor: AllowedValueSubset - possible values are sorted (#6651) * minor: Use md5
for file hashing to reduce possible collisions (#6597)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 2 2022 Remi Collet <remi(a)remirepo.net> - 3.13.0-1
- update to 3.13.0
--------------------------------------------------------------------------------
================================================================================
php-pear-CAS-1.6.0-1.fc36 (FEDORA-2022-37c2d26f59)
Central Authentication Service client library in php
--------------------------------------------------------------------------------
Update Information:
**Changes in version 1.6.0** Bug Fixes: * Introduce required service_name
constructor argument to fix service hostname discovery exploitation
vulnerability **CVE-2022-39369** (Henry Pan) * Set user agent [#421] (Fydon)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 3 2022 Remi Collet <remi(a)remirepo.net> - 1.6.0-1
- update to 1.6.0
--------------------------------------------------------------------------------
================================================================================
php-symfony4-4.4.48-1.fc36 (FEDORA-2022-90df33141c)
Symfony PHP framework (version 4)
--------------------------------------------------------------------------------
Update Information:
**Version 4.4.48** (2022-10-28) * bug #47907 [Console] Update Application.php
(aleksandr-shevchenko) * bug #47932 Throw LogicException instead of Error when
trying to generate logout-��� (addiks) * bug #47857 [HttpKernel] Fix empty
request stack when terminating with exception (krzyc) * bug #47878 [HttpKernel]
Remove EOL when using error_log() in HttpKernel Logger (cyve) * bug #47883
[Console] Fix error output on windows cli (Maximilian.Beckers) * bug #47884
[Cache] Reserve numeric keys when doing memory leak prevention (simoheinonen) *
bug #47822 [Mailer] fix: use message object from event (rogamoore) * bug #47858
[DoctrineBridge] Implement `EventManager::getAllListeners()` (derrabus)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 3 2022 Remi Collet <remi(a)remirepo.net> - 4.4.48-1
- update to 4.4.48
--------------------------------------------------------------------------------
================================================================================
rpm-ostree-2022.15-3.fc36 (FEDORA-2022-6fd2fbff80)
Hybrid image/package system
--------------------------------------------------------------------------------
Update Information:
Backport
https://github.com/coreos/rpm-ostree/pull/4122 for
https://github.com/openshift/os/issues/1036.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 2 2022 Jonathan Lebon <jonathan(a)jlebon.com> - 2022.15-3
- Backport semanage bug workaround
https://github.com/coreos/rpm-ostree/pull/4122
* Tue Nov 1 2022 Colin Walters <walters(a)verbum.org> - 2022.15-2
-
https://github.com/coreos/rpm-ostree/releases/tag/v2022.15
--------------------------------------------------------------------------------
================================================================================
rust-duct_sh-0.13.5-1.fc36 (FEDORA-2022-c2caa55234)
Sub-crate for the sh function, formerly in duct
--------------------------------------------------------------------------------
Update Information:
Initial import
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 3 2022 Jan Macku <jamacku(a)redhat.com> 0.13.5-1
- Initial import
--------------------------------------------------------------------------------
================================================================================
rust-just-1.8.0-1.fc36 (FEDORA-2022-efe023a082)
Just a command runner
--------------------------------------------------------------------------------
Update Information:
Update to 1.8.0 (#2139564) ---- Update to 1.7.0 (#2138073)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 3 2022 Aleksei Bavshin <alebastr(a)fedoraproject.org> 1.8.0-1
- Update to 1.8.0 (#2139564)
* Mon Oct 31 2022 Aleksei Bavshin <alebastr(a)fedoraproject.org> 1.7.0-1
- Update to 1.7.0 (#2138073)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2138073 - rust-just-1.7.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2138073
[ 2 ] Bug #2139564 - rust-just-1.8.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2139564
--------------------------------------------------------------------------------
================================================================================
starcal-3.1.13-1.fc36 (FEDORA-2022-6b8398097c)
A full-featured international calendar written in Python
--------------------------------------------------------------------------------
Update Information:
Various fixes and enhancements
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 3 2022 Hedayat Vatankhah <hedayat.fwd+rpmchlog(a)gmail.com> - 3.1.13-1
- New upstream version, fix f37 compatibility and other fixes
* Sat Aug 6 2022 Hedayat Vatankhah <hedayat.fwd+rpmchlog(a)gmail.com> - 3.1.11-6
- Mark as compatible with python 3.11
* Sat Jul 23 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.1.11-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
supertuxkart-1.4-1.fc36 (FEDORA-2022-285a820929)
Kids 3D go-kart racing game featuring Tux
--------------------------------------------------------------------------------
Update Information:
1.4
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 1 2022 Gwyn Ciesla <gwync(a)protonmail.com> - 1.4-1
- 1.4
* Sat Jul 23 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3-3.2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2127956 - supertuxkart-1.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2127956
--------------------------------------------------------------------------------
================================================================================
tgbot-cpp-1.4-1.fc36 (FEDORA-2022-ff25f043df)
C++ library for Telegram bot API
--------------------------------------------------------------------------------
Update Information:
Updated to version 1.4.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 2 2022 Vitaly Zaitsev <vitaly(a)easycoding.org> - 1.4-1
- Updated to version 1.4.
* Sat Jul 23 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.3-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2139322 - tgbot-cpp-1.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2139322
--------------------------------------------------------------------------------
================================================================================
tio-2.3-1.fc36 (FEDORA-2022-3d94af77f5)
Simple TTY terminal I/O application
--------------------------------------------------------------------------------
Update Information:
# tio v2.3 * Add mute feature This will make tio go fully silent and not
print anything. * Rename config variable `tty` to `device` * Deprecate tty
config keyword but keep it around for now * Update show config * Update
example tiorc
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 3 2022 Robert Scheck <robert(a)fedoraproject.org> 2.3-1
- Upgrade to 2.3 (#2139343)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2139343 - tio-2.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2139343
--------------------------------------------------------------------------------
================================================================================
vim-9.0.828-1.fc36 (FEDORA-2022-06e4f1dd58)
The VIM editor
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2022-3705
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 3 2022 Zdenek Dohnal <zdohnal(a)redhat.com> - 2:9.0.828-1
- patchlevel 828
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2139086 - CVE-2022-3705 vim: a use after free in the function
qf_update_buffer
https://bugzilla.redhat.com/show_bug.cgi?id=2139086
--------------------------------------------------------------------------------
================================================================================
wordpress-6.1-1.fc36 (FEDORA-2022-81e5c6827a)
Blog tool and publishing platform
--------------------------------------------------------------------------------
Update Information:
Upstream announcement: [WordPress 6.1
���Misha���](https://wordpress.org/news/2022/11/misha/)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 2 2022 Remi Collet <remi(a)remirepo.net> - 6.1-1
- WordPress 6.1 ���Misha���
--------------------------------------------------------------------------------