Fedora 33 updates-testing report
by updates@fedoraproject.org
The following Fedora 33 Security updates need testing:
Age URL
39 https://bodhi.fedoraproject.org/updates/FEDORA-2021-c3d587d52c shim-15.4-1
5 https://bodhi.fedoraproject.org/updates/FEDORA-2021-b5d8c6d086 prosody-0.11.9-1.fc33
5 https://bodhi.fedoraproject.org/updates/FEDORA-2021-1bf13db941 ceph-15.2.12-1.fc33
5 https://bodhi.fedoraproject.org/updates/FEDORA-2021-b950000d2b libxml2-2.9.12-1.fc33
3 https://bodhi.fedoraproject.org/updates/FEDORA-2021-9fde3d7ab1 python-eventlet-0.31.0-1.fc33
3 https://bodhi.fedoraproject.org/updates/FEDORA-2021-f75a803ff3 slurm-20.11.7-1.fc33
2 https://bodhi.fedoraproject.org/updates/FEDORA-2021-8a098ecbcf composer-2.0.13-1.fc33
2 https://bodhi.fedoraproject.org/updates/FEDORA-2021-935da812d7 wordpress-5.7.2-1.fc33
0 https://bodhi.fedoraproject.org/updates/FEDORA-2021-ceb9db8de0 upx-3.96-9.fc33
0 https://bodhi.fedoraproject.org/updates/FEDORA-2021-a4ee3426c4 slapi-nis-0.56.7-1.fc33
The following Fedora 33 Critical Path updates have yet to be approved:
Age URL
58 https://bodhi.fedoraproject.org/updates/FEDORA-2021-2961f34ccb PackageKit-1.2.3-1.fc33
12 https://bodhi.fedoraproject.org/updates/FEDORA-2021-ac643a7ce9 xorg-x11-drv-nouveau-1.0.17-1.fc33
12 https://bodhi.fedoraproject.org/updates/FEDORA-2021-0e0f47f6ca xfce4-settings-4.14.4-1.fc33
11 https://bodhi.fedoraproject.org/updates/FEDORA-2021-b2b5636c1a livecd-tools-28.0-2.fc33
9 https://bodhi.fedoraproject.org/updates/FEDORA-2021-4749e8f916 webkit2gtk3-2.32.1-1.fc33
9 https://bodhi.fedoraproject.org/updates/FEDORA-2021-22d74b54e8 rdma-core-35.0-1.fc33
7 https://bodhi.fedoraproject.org/updates/FEDORA-2021-822606e337 linux-firmware-20210511-120.fc33
5 https://bodhi.fedoraproject.org/updates/FEDORA-2021-3b331c0278 wpebackend-fdo-1.8.4-1.fc33
5 https://bodhi.fedoraproject.org/updates/FEDORA-2021-b950000d2b libxml2-2.9.12-1.fc33
5 https://bodhi.fedoraproject.org/updates/FEDORA-2021-efdc2e7167 chrony-4.1-1.fc33
5 https://bodhi.fedoraproject.org/updates/FEDORA-2021-e7f17262ce libidn2-2.3.1-1.fc33
5 https://bodhi.fedoraproject.org/updates/FEDORA-2021-b00cd88aba btrfs-progs-5.12.1-1.fc33
3 https://bodhi.fedoraproject.org/updates/FEDORA-2021-25202922d4 systemd-246.14-1.fc33
0 https://bodhi.fedoraproject.org/updates/FEDORA-2021-ae71327f68 libtirpc-1.2.6-4.rc4.fc33
0 https://bodhi.fedoraproject.org/updates/FEDORA-2021-5cc6457b38 rpcbind-1.2.6-0.fc33
0 https://bodhi.fedoraproject.org/updates/FEDORA-2021-1794da1cb8 dracut-054-6.git20210518.fc33
The following builds have been pushed to Fedora 33 updates-testing
cockpit-machines-244.1-1.fc33
fastbit-2.0.3-21.fc33
ghostscript-9.54.0-1.fc33
golang-github-yuin-goldmark-1.3.7-1.fc33
jc-1.15.4-1.fc33
kernel-5.12.5-200.fc33
kernel-headers-5.12.5-200.fc33
kernel-tools-5.12.5-200.fc33
libotr-4.1.1-12.fc33
mkvtoolnix-56.1.0-1.fc33
notmuch-0.32.1-2.fc33
php-symfony3-3.4.49-1.fc33
php-symfony4-4.4.24-1.fc33
python-pip-20.2.2-2.fc33
python3.9-3.9.5-2.fc33
realtime-setup-2.2-1.fc33
runc-1.0.0-378.rc95.fc33
sayonara-1.7.0-1.fc33
sssd-2.5.0-2.fc33
tpm2-tss-3.0.4-1.fc33
Details about builds:
================================================================================
cockpit-machines-244.1-1.fc33 (FEDORA-2021-15d8576d18)
Cockpit user interface for virtual machines
--------------------------------------------------------------------------------
Update Information:
- Fix crash on VM deletion with cockpit 244 ---- - Edit the MAC address of a
VM���s network interface
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 19 2021 Martin Pitt <martin(a)piware.de> - 244.1-1
- Fix crash on VM deletion with cockpit 244
* Wed May 12 2021 Katerina Koukiou <kkoukiou(a)redhat.com> - 244-1
- Edit the MAC address of a VM���s network interface
--------------------------------------------------------------------------------
================================================================================
fastbit-2.0.3-21.fc33 (FEDORA-2021-5c117c88e1)
An Efficient Compressed Bitmap Index Technology
--------------------------------------------------------------------------------
Update Information:
Remove java bindings due to orphaned dependencies
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 18 2021 Philip Kovacs <pkfed(a)fedoraproject.org> - 2.0.3-21
- Remove java bindings due to orphaned dependencies
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.0.3-20
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Dec 9 2020 Jeff Law <law(a)redhat.com> - 2.0.3-19
- Fix ordered pointer comparisons against zero for gcc-11
--------------------------------------------------------------------------------
================================================================================
ghostscript-9.54.0-1.fc33 (FEDORA-2021-60640e5c3b)
Interpreter for PostScript language & PDF
--------------------------------------------------------------------------------
Update Information:
Update to version 9.54.0 (#1944755)
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 14 2021 Richard Lescak rlescak(a)redhat.com - 9.54.0-1
- Update to version 9.54.0 (#1944755)
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 9.53.3-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
golang-github-yuin-goldmark-1.3.7-1.fc33 (FEDORA-2021-2d2a0875f5)
Markdown parser written in Go
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 19 2021 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 1.3.7-1
- Update to latest version (#1961450)
* Sun May 16 2021 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 1.3.6-1
- Update to latest version (#1960862)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1960862 - golang-github-yuin-goldmark-1.3.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1960862
[ 2 ] Bug #1961450 - golang-github-yuin-goldmark-1.3.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1961450
--------------------------------------------------------------------------------
================================================================================
jc-1.15.4-1.fc33 (FEDORA-2021-df67f30414)
Serialize the output of CLI tools and file-types to structured JSON
--------------------------------------------------------------------------------
Update Information:
Update to v1.15.4
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 19 2021 Artur Frenszek-Iwicki <fedora(a)svgames.pl> - 1.15.4-1
- Update to v1.15.4
--------------------------------------------------------------------------------
================================================================================
kernel-5.12.5-200.fc33 (FEDORA-2021-d6613866bc)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
The 5.12.5 stable kernel rebase contains feature enhancements, new hardware
support, and a number of important fixes across the tree.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 19 2021 Justin M. Forbes <jforbes(a)fedoraproject.org> [5.12.5-0]
- drm/rockchip: remove existing generic drivers to take over the device (Javier Martinez Canillas)
- fedora: enable zonefs (Damien Le Moal)
--------------------------------------------------------------------------------
================================================================================
kernel-headers-5.12.5-200.fc33 (FEDORA-2021-d6613866bc)
Header files for the Linux kernel for use by glibc
--------------------------------------------------------------------------------
Update Information:
The 5.12.5 stable kernel rebase contains feature enhancements, new hardware
support, and a number of important fixes across the tree.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 19 2021 Justin M. Forbes <jforbes(a)fedoraproject.org> - 5.12.5-200
- Linux v5.12.5
--------------------------------------------------------------------------------
================================================================================
kernel-tools-5.12.5-200.fc33 (FEDORA-2021-d6613866bc)
Assortment of tools for the Linux kernel
--------------------------------------------------------------------------------
Update Information:
The 5.12.5 stable kernel rebase contains feature enhancements, new hardware
support, and a number of important fixes across the tree.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 19 2021 Justin M. Forbes <jforbes(a)fedoraproject.org> - 5.12.5-200
- Linux v5.12.5
--------------------------------------------------------------------------------
================================================================================
libotr-4.1.1-12.fc33 (FEDORA-2021-c49e0345c2)
Off-The-Record Messaging library and toolkit
--------------------------------------------------------------------------------
Update Information:
Resolves: rhbz#1634321 RFE Drop check for mismatch of versions
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 19 2021 Paul Wouters <paul.wouters(a)aiven.io> - 4.1.1-12
- Resolves: rhbz#1634321 RFE Drop check for mismatch of versions
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.1.1-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1634321 - RFE Drop check for mismatch of versions / Be nice to clients with older version of libotr
https://bugzilla.redhat.com/show_bug.cgi?id=1634321
--------------------------------------------------------------------------------
================================================================================
mkvtoolnix-56.1.0-1.fc33 (FEDORA-2021-871e06992f)
Matroska container manipulation utilities
--------------------------------------------------------------------------------
Update Information:
# Version 56.1.0 "My Friend" 2021-04-09 ## New features and enhancements *
mkvmerge: AAC: added support for LOAS/LATM files with channel configuration
indexes 9���21 (e.g. channel count 22.2 for index 13) according to Rec. ITU-R
BS.1196-7 & ISO/IEC 23008-3:2019. Fixes #3081. ## Bug fixes * mkvmerge:
HEVC/H.265 parser: fixed invalid memory access that could happen when reading
certain types of HEVC data (e.g. with changing parameter sets mid-stream) from
certain containers (e.g. Matroska). This bug was introduced in release 56.0.0.
Fixes #3083. * mkvextract: AAC: mkvextract will now abort with an useful error
message when the user tries to extract a track whose 'audio-specific config'
element in `CodecPrivate` signals a number of channels of 7 or greater than 8 as
that isn't supported by the ADTS format. ## Build system changes * configure:
the `--enable-ubsan` option hasn't actually enabled anything since release
39.0.0. # Version 56.0.0 "Strasbourg / St. Denis" 2021-04-05 ## New features
and enhancements * mkvmerge, mkvpropedit: tags: the programs will no longer
write tag elements that are mandatory and set to their default value (e.g. "tag
language" set to `und` = undetermined). * mkvmerge, mkvpropedit, MKVToolNix GUI
chapter editor: chapters: the programs will no longer write chapter elements
that are mandatory and set to their default value (e.g. "chapter language" set
to `eng` = English or "Chapter flag enabled" = 1). * mkvextract: chapters:
mkvextract will no longer add a `ChapterLanguage` element set to `eng` to the
generated XML content if the source file doesn't contain such an element. *
MKVToolNix GUI: multiplexer: when using the "tab widget below the files &
tracks" layout option for the track properties the elements in the "general
options" tab will use six rows �� four columns instead of twelve rows �� two
columns, greatly reducing the required height. Implements #3062. ## Bug fixes
* mkvmerge: AAC reader: fixed mkvmerge aborting to read AAC files bigger than 2
GB with a message about not being able to allocate memory. Fixes #3059. *
mkvmerge: chapters: `ChapLanguageIETF` elements were still created when the
option `--disable-language-ietf` was given after an option leading to the
creation of chapters. Now the position doesn't matter anymore. Part of the fix
of #3069. * mkvmerge: chapters: when the option `--disable-language-ietf` is
used, `ChapLanguageIETF` elements won't be written even when sources are read
(Matroska files or XML chapters files) that do contain those elements. Part of
the fix of #3069. * mkvmerge: tags: when the option `--disable-language-ietf` is
used, `TagLanguageIETF` elements won't be written. Fixes #3070. * mkvmerge:
tags: mkvmerge will no longer write language elements for the track statistics
tags it creates, making the effective language "undetermined" due to `und` being
the default value for the legacy tag language element. Fixes #3073. * mkvmerge:
tags: the XML tag parser will now validate all `<Simple>` children of `<Tag>`
elements, not just the first for each `<Tag>`. Part of the fix of #3071. *
mkvmerge: tags: the XML tag parser now uses the spec-compliant `und`
("undetermined") as the default language for `<Simple>` tags instead of `eng`.
Part of the fix of #3071. * mkvmerge, mkvpropedit: tags: mkvmerge will no longer
set the "target type" for track statistics tags (earlier it used `MOVIE`). The
"target type value" will still be set to `50`. Fixes #3074. * mkvmerge,
mkvextract: HEVC/H.265: both programs will now normalize the placement of VPS,
SPS and PPS NALUs. Each key frame is prefixed with exactly one copy of the
currently active parameter sets. This fixes certain classes of bugs related to
splitting/appending. Fixes #3034. * mkvinfo: when compiled with newer versions
of the `fmt` library, certain numbers were not output correctly (e.g. a track's
audio sampling frequency of 48000 might be output as 48). * MKVToolNix GUI:
multiplexer: deriving the track language from the file name will match languages
case insensitively again (like versions prior to v55). Fixes #3068. * MKVToolNix
GUI: multiplexer: under certain circumstances keyboard shortcuts such as
`Ctrl+W` for closing the active tab or `Ctrl+R` for starting to multiplex ceased
to work until the user did certain other things (such as switching to a
different tool & back to the multiplexer or opening the multiplexer menu). This
started with v54. Fixes #3051. * MKVToolNix GUI: chapter editor: the editor will
no longer create empty `ChapterCountry` elements when adding a chapter name with
no default country selected in the preferences. Fixes #3072. # Version 55.0.0
"Waiting For Space" 2021-03-06 ## Bug fixes * MKVToolNix GUI: multiplexer: the
user can now configure what to do when using the "Add source files" button
independently of the setting for what happens when files are dragged & dropped
onto the GUI. The same options are available, but they're distinct settings,
allowing for different use cases. Fixes #3035. * MKVToolNix GUI: multiplexer:
deriving the track language from file names doesn't use one big regular
expression of all enabled languages anymore. Instead, the file name is split
into parts on a list of characters (such as `.` or `(` and `)`; configurable in
the preferences). This prevents the regular expression becoming too big for the
regular expression library to handle when many languages are enabled. Fixes
#3048. * MKVToolNix GUI: preferences: the language lists for "deriving track
languages" and "enabling items by language" always included all the ISO 639-3
languages, even if those weren't enabled in the "often-used languages" pane.
Fixes #3047. ## Other changes * mkvmerge, MKVToolNix GUI multiplexer: the
functionality for changing the length of the NALU "size" field for AVC/H.264 and
HEVC/H.265 tracks has been removed. The corresponding command-line option will
continue to be recognized by mkvmerge as not to break existing third-party
applications, but it won't actually do anything. # Version 54.0.0 "F Maj Pixie"
2021-02-26 ## New features and enhancements * mkvmerge: added support for
using ISO 639-3 language codes in IETF BF47 language tags. Part of the
implementation of #3007. * mkvmerge: AC-3 parser: added support for byte-swapped
AC-3 data. Implements #3022. * mkvmerge: Matroska reader: for audio tracks that
have the bit depth track header set mkvmerge will now keep that header even for
codecs that don't require it for decoding. Implements #3009. * mkvmerge: MPEG
transport stream reader, PCM audio tracks: mkvmerge will now re-order the
channels for 5.1, 7.0 and 7.1 channel tracks from the Blu-ray layout to the
WAVEFORMATEXTENSIBLE layout expected in Matroska. Patch by Tom Yan. Implements
#2988. * mkvmerge, mkvinfo, mkvpropedit, MKVToolNix GUI: added support for the
following new track header elements: "hearing impaired" flag, "visual impaired"
flag, "text descriptions" flag, "original" flag, "commentary" flag. Implements
#3011. * MKVToolNix GUI: added support for using ISO 639-3 language codes in
IETF BF47 language tags. As there are several thousand of them, they're
deactivated by default and must be activated in the preferences ("GUI" ��� "Often
used selections" ��� "Languages"). Part of the implementation of #3007. *
MKVToolNix GUI: multiplexer: when adding Blu-rays the user can select multiple
playlists to add simultaneously in the "select playlist to add" dialog.
Implements #2961. * MKVToolNix GUI: multiplexer: the file name extensions "eb3"
and "ec3" were added for Dolby Digital Plus & "mpl" for Dolby TrueHD in the file
dialogs. Part of the implementation of #3027. * MKVToolNix GUI: multiplexer:
when adding multiple files the dialog asking the user what to do with them has
gained a new checkbox. If enabled, all files containing at least one video track
will always be placed in newly created multiplex setting. Implements #2966. *
MKVToolNix GUI: multiplexer: added a menu entry in the "Multiplexer" for adding
all files that are currently in the clipboard. Implements #3006. ## Bug fixes
* mkvextract: AAC: fixed wrong channel mask field in the ADTS headers for 7.1
channel layouts. Fix by Tom Yan. Fixes #2636. * mkvextract: HEVC/H.265
extraction: if the first frame starts with the parameter sets (SPS, PPS & VPS),
the ones from CodecPrivate aren't written and the ones from the first frame are
kept. Fixes #3031. * mkvmerge: fixed the calculation of chapter timestamps read
from NTSC DVDs. Fix by Tom Yan. * MKVToolNix GUI: IETF BCP 47 language widget:
the language combo box will now always contain the language code the user enters
in the free-form field, even if it isn't in the list of often-used languages the
user configured in the preferences. * MKVToolNix GUI: multiplexer: when browsing
for the destination file name the default directory is now chosen according to
the preferences regarding how the destination file name should be formed. For
example, if the policy is set to "fixed output directory" then that output
directory will be the one initially set when the directory selection dialog is
opened. Fixes #3021. * MKVToolNix GUI: multiplexer: fixed the removal of
appended source files if the "delete source files" end-of-job action is enabled.
Fixes #3029. * MKVToolNix GUI: chapter editor: when importing chapters from DVDs
the IETF BCP 47 language elements will be set, too, not just the legacy language
elements. ## Build system changes * libEBML v1.4.2 and libMatroska v1.6.3 are
now required. The optional, bundled copies of both libraries have been updated
to those versions. This bump in requirements fixes several heap overflow bugs in
libEBML. * MKVToolNix is now using the C++17 library feature "file system
library" instead of Boost's "file system" and "system" libraries. For the GNU
Compiler Collection (gcc) libstdc++ this means v8 or newer is required; for
clang's libc++ it means v7 or newer. For macOS this means that provided disk
image will only run on 10.15 "Catalina" or newer.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 19 2021 Dominik Mierzejewski <rpm(a)greysector.net> - 56.1.0-1
- update to 56.1.0 (#1933359)
- requires libebml 1.4.2 and libmatroska 1.6.3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1933359 - mkvtoolnix-56.1.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1933359
--------------------------------------------------------------------------------
================================================================================
notmuch-0.32.1-2.fc33 (FEDORA-2021-0a0982bcd2)
System for indexing, searching, and tagging email
--------------------------------------------------------------------------------
Update Information:
correct dependency for the vim plugin
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 17 2021 Michael J Gruber <mjg(a)fedoraproject.org> - 0.32.1-2
- correct dependency for the vim plugin
* Sat May 15 2021 Michael J Gruber <mjg(a)fedoraproject.org> - 0.32.1-1
- rebase with upstream release 0.32.1
* Wed May 12 2021 Michael J Gruber <mjg(a)fedoraproject.org> - 0.32-2
- fix db changes from pre-new-hook
* Sun May 2 2021 Michael J Gruber <mjg(a)fedoraproject.org> - 0.32-1
- rebase with upstream release 0.32
* Wed Apr 28 2021 Michael J Gruber <mjg(a)fedoraproject.org> - 0.32~rc2-1
- rebase with upstream RC
* Sat Apr 24 2021 Michael J Gruber <mjg(a)fedoraproject.org> - 0.32~rc1-1
- rebase with upstream RC
* Thu Feb 18 2021 Michael J Gruber <mjg(a)fedoraproject.org> - 0.31.4-1
- rebase with bugfix release
* Thu Feb 11 2021 Michael J Gruber <mjg(a)fedoraproject.org> - 0.31.3-5
- fix FTBS #927636
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.31.3-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Jan 6 2021 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 0.31.3-3
- F-34: rebuild against ruby 3.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1960899 - notmuch-0.32.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1960899
--------------------------------------------------------------------------------
================================================================================
php-symfony3-3.4.49-1.fc33 (FEDORA-2021-f3ad34aa9f)
Symfony PHP framework (version 3)
--------------------------------------------------------------------------------
Update Information:
**Version 3.4.49** (2021-05-19) * security **CVE-2021-21424** [Security\Core]
Fix user enumeration via response body on invalid credentials (chalasr) ----
**Version 3.4.48** (2021-05-12) * security **CVE-2021-21424**
[Security][Guard] Prevent user enumeration (chalasr)
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 19 2021 Remi Collet <remi(a)remirepo.net> - 3.4.49-1
- update to 3.4.49
* Mon May 17 2021 Remi Collet <remi(a)remirepo.net> - 3.4.48-1
- update to 3.4.48
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.4.47-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1960631 - CVE-2021-21424 php-symfony: user enumeration in authentication mechanisms [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1960631
--------------------------------------------------------------------------------
================================================================================
php-symfony4-4.4.24-1.fc33 (FEDORA-2021-121edb82dd)
Symfony PHP framework (version 4)
--------------------------------------------------------------------------------
Update Information:
**Version 4.4.24** (2021-05-19) * security **CVE-2021-21424** [Security\Core]
Fix user enumeration via response body on invalid credentials (chalasr) * bug
#41230 [FrameworkBundle][Validator] Fix deprecations from Doctrine
Annotations+Cache (derrabus) * bug #41240 Fixed deprecation warnings about
passing null as parameter (derrabus) * bug #41241 [Finder] Fix gitignore regex
build with "**" (mvorisek) * bug #41224 [HttpClient] fix adding query string to
relative URLs with scoped clients (nicolas-grekas) * bug #41233
[DependencyInjection][ProxyManagerBridge] Don't call class_exists() on null
(derrabus) * bug #41210 [Console] Fix Windows code page support (orkan) ----
**Version 4.4.23** (2021-05-12) * security **CVE-2021-21424**
[Security][Guard] Prevent user enumeration (chalasr) * bug #41176
[DependencyInjection] fix dumping service-closure-arguments (nicolas-grekas) *
bug #41168 WDT: Only load "Sfjs" if it is not present already (weaverryan) *
bug #41147 [Inflector][String] wrong plural form of words ending by "pectus"
(makraz) * bug #41160 [HttpClient] Don't prepare the request in
ScopingHttpClient (nicolas-grekas) * bug #40763 Fix/Rewrite .gitignore regex
builder (mvorisek) * bug #40917 [Config][DependencyInjection] Uniformize
trailing slash handling (dunglas) * bug #40699 [PropertyInfo] Make
ReflectionExtractor correctly extract nullability (shiftby) * bug #40874
[PropertyInfo] fix attribute namespace with recursive traits (soullivaneuh) *
bug #41099 [Cache] Check if phpredis version is compatible with stream parameter
(nicolassing) * bug #41072 [VarExporter] Add support of PHP enumerations
(alexandre-daubois) * bug #41105 [Inflector][String] Fixed singularize `edges`
> `edge` (ruudk) * bug #41075 [ErrorHandler] Skip "same vendor" ``@method``
deprecations for `Symfony\*` classes unless symfony/symfony is being tested
(nicolas-grekas)
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 19 2021 Remi Collet <remi(a)remirepo.net> - 4.4.24-1
- update to 4.4.24
* Mon May 17 2021 Remi Collet <remi(a)remirepo.net> - 4.4.23-1
- update to 4.4.23
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1960631 - CVE-2021-21424 php-symfony: user enumeration in authentication mechanisms [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1960631
--------------------------------------------------------------------------------
================================================================================
python-pip-20.2.2-2.fc33 (FEDORA-2021-1b6848f31c)
A tool for installing and managing Python packages
--------------------------------------------------------------------------------
Update Information:
Backport security fix from pip 21.1.1
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 17 2021 Karolina Surma <ksurma(a)redhat.com> - 20.2.2-2
- Backport security fix from pip 21.1.1
--------------------------------------------------------------------------------
================================================================================
python3.9-3.9.5-2.fc33 (FEDORA-2021-239bff2863)
Version 3.9 of the Python interpreter
--------------------------------------------------------------------------------
Update Information:
Add virtual provides for the bundled libmpdec
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 14 2021 Charalampos Stratakis <cstratak(a)redhat.com> - 3.9.5-2
- Add virtual provides for the bundled libmpdec (rhbz#1943359)
--------------------------------------------------------------------------------
================================================================================
realtime-setup-2.2-1.fc33 (FEDORA-2021-0b9a9de392)
Setup RT/low-latency environment details
--------------------------------------------------------------------------------
Update Information:
Fix service file using wrong filename for realtime-entsk task
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 19 2021 Clark Williams <williams(a)redhat.com> - 2.2-1
- Fix realtime-entsk.service using wrong image. Resolves rhbz#1891048
* Fri May 14 2021 Clark Williams <williams(a)redhat.com> - 2.1-4
- Sync RHEL 9 and Fedora versions
* Fri Apr 16 2021 Mohan Boddu <mboddu(a)redhat.com> - 2.1-3
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
runc-1.0.0-378.rc95.fc33 (FEDORA-2021-2eb67ba3c2)
CLI for running Open Containers
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2021-30465
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 19 2021 Peter Hunt <pehunt(a)redhat.com> - 2:1.0.0-378.rc95
- Bump to v1.0.0-rc95
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1954736 - CVE-2021-30465 runc: vulnerable to symlink exchange attack
https://bugzilla.redhat.com/show_bug.cgi?id=1954736
--------------------------------------------------------------------------------
================================================================================
sayonara-1.7.0-1.fc33 (FEDORA-2021-d659fecdb0)
A lightweight Qt Audio player
--------------------------------------------------------------------------------
Update Information:
Update to 1.7.0-1
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 18 2021 Martin Gansser <martinkg(a)fedoraproject.org> - 1.7.0-1
- Update to 1.7.0
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.6.0-0.8.beta7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
sssd-2.5.0-2.fc33 (FEDORA-2021-c582bc56a6)
System Security Services Daemon
--------------------------------------------------------------------------------
Update Information:
Fix a regression in KCM when updating from an older (pre sssd-2.4.0-4.f33)
version directly to 2.5.0.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 19 2021 Pavel B��ezina <pbrezina(a)redhat.com> - 2.5.0-2
- Fix regression in sssd-kcm when upgrading from 2.4.0 directly to 2.5.0
- Return correct error code for unknown/unsupported operations in sssd-kcm
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1962006 - sssd 2.5.0 breaks kinit
https://bugzilla.redhat.com/show_bug.cgi?id=1962006
--------------------------------------------------------------------------------
================================================================================
tpm2-tss-3.0.4-1.fc33 (FEDORA-2021-55fc591f26)
TPM2.0 Software Stack
--------------------------------------------------------------------------------
Update Information:
Update to 3.0.4
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 17 2021 Peter Robinson <pbrobinson(a)fedoraproject.org> - 3.0.4-1
- Update to 3.0.4
--------------------------------------------------------------------------------
2 years, 11 months
Fedora 32 updates-testing report
by updates@fedoraproject.org
The following Fedora 32 Security updates need testing:
Age URL
102 https://bodhi.fedoraproject.org/updates/FEDORA-2021-4c8458e373 containernetworking-plugins-0.9.1-1.fc32
98 https://bodhi.fedoraproject.org/updates/FEDORA-2021-16d1596c42 buildah-1.19.4-1.fc32
14 https://bodhi.fedoraproject.org/updates/FEDORA-2021-158a237d4a bind-9.11.31-1.fc32 bind-dyndb-ldap-11.3-6.fc32 dnsperf-2.3.4-6.fc32
6 https://bodhi.fedoraproject.org/updates/FEDORA-2021-179f2fbb88 mariadb-10.4.19-1.fc32
6 https://bodhi.fedoraproject.org/updates/FEDORA-2021-4f06d202d4 firefox-88.0.1-1.fc32
6 https://bodhi.fedoraproject.org/updates/FEDORA-2021-0fa36519bb kernel-5.11.20-100.fc32 kernel-headers-5.11.20-100.fc32 kernel-tools-5.11.20-100.fc32
4 https://bodhi.fedoraproject.org/updates/FEDORA-2021-498be8f560 prosody-0.11.9-1.fc32
4 https://bodhi.fedoraproject.org/updates/FEDORA-2021-6e540b85b9 ceph-14.2.21-1.fc32
2 https://bodhi.fedoraproject.org/updates/FEDORA-2021-8832eab899 kernel-5.11.21-100.fc32
1 https://bodhi.fedoraproject.org/updates/FEDORA-2021-7aa58932f5 composer-1.10.22-1.fc32
1 https://bodhi.fedoraproject.org/updates/FEDORA-2021-5b1dd085c7 wordpress-5.7.2-1.fc32
1 https://bodhi.fedoraproject.org/updates/FEDORA-2021-3c013b5555 php-symfony3-3.4.48-1.fc32
The following Fedora 32 Critical Path updates have yet to be approved:
Age URL
14 https://bodhi.fedoraproject.org/updates/FEDORA-2021-19cdc5683f libmodulemd-2.12.1-1.fc32
13 https://bodhi.fedoraproject.org/updates/FEDORA-2021-7fd2a21f94 python3-3.8.10-1.fc32 python3-docs-3.8.10-1.fc32
11 https://bodhi.fedoraproject.org/updates/FEDORA-2021-276b0013e8 gnome-terminal-3.36.3-1.fc32
11 https://bodhi.fedoraproject.org/updates/FEDORA-2021-151dc7fd1b vte291-0.60.4-1.fc32
11 https://bodhi.fedoraproject.org/updates/FEDORA-2021-a2ee549bcb xorg-x11-drv-nouveau-1.0.17-1.fc32
8 https://bodhi.fedoraproject.org/updates/FEDORA-2021-f438908573 btrfs-progs-5.11.1-1.fc32
6 https://bodhi.fedoraproject.org/updates/FEDORA-2021-14d0195ff8 linux-firmware-20210511-120.fc32
6 https://bodhi.fedoraproject.org/updates/FEDORA-2021-0fa36519bb kernel-5.11.20-100.fc32 kernel-headers-5.11.20-100.fc32 kernel-tools-5.11.20-100.fc32
6 https://bodhi.fedoraproject.org/updates/FEDORA-2021-4f06d202d4 firefox-88.0.1-1.fc32
4 https://bodhi.fedoraproject.org/updates/FEDORA-2021-4d58314a3e libidn2-2.3.1-1.fc32
2 https://bodhi.fedoraproject.org/updates/FEDORA-2021-816eecc358 zstd-1.5.0-1.fc32
2 https://bodhi.fedoraproject.org/updates/FEDORA-2021-8832eab899 kernel-5.11.21-100.fc32
The following builds have been pushed to Fedora 32 updates-testing
libtirpc-1.2.6-4.rc4.fc32
lmms-1.1.3-17.fc32
ne-3.3.1-1.fc32
retroarch-1.9.3-1.fc32
rpcbind-1.2.6-0.fc32
rpki-client-7.1-1.fc32
slapi-nis-0.56.7-1.fc32
upx-3.96-9.fc32
Details about builds:
================================================================================
libtirpc-1.2.6-4.rc4.fc32 (FEDORA-2021-53ea50793d)
Transport Independent RPC Library
--------------------------------------------------------------------------------
Update Information:
Updated non-free licenses
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 18 2021 Steve Dickson <steved(a)redhat.com> 1.2.6-4.rc4
- Updated non-free licenses (bz 1955239)
* Wed Apr 7 2021 Steve Dickson <steved(a)redhat.com> 1.2.6-3.rc4
- libtirpc: disallow calling auth_refresh from clnt_call with RPCSEC_GSS (bz 1947058)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1955239 - non-free licensed files in libtirpc
https://bugzilla.redhat.com/show_bug.cgi?id=1955239
--------------------------------------------------------------------------------
================================================================================
lmms-1.1.3-17.fc32 (FEDORA-2021-b07c44d2b2)
Linux MultiMedia Studio
--------------------------------------------------------------------------------
Update Information:
Rebuild due to an unannounced soname bump in fluidsynth.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 18 2021 Thomas Moschny <thomas.moschny(a)gmx.de> - 1.1.3-17
- Add patches to fix building on F32.
* Fri May 7 2021 Carl George <carl(a)george.computer> - 1.1.3-16
- Rebuilt for fluidsynth soname bump rhbz#1953438
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1953438 - fluidsynth-libs: incompatible upgrade from libfluidsynth.so.1 to libfluidsynth.so.2 (F32)
https://bugzilla.redhat.com/show_bug.cgi?id=1953438
--------------------------------------------------------------------------------
================================================================================
ne-3.3.1-1.fc32 (FEDORA-2021-d5a0ecfed9)
ne, the nice editor
--------------------------------------------------------------------------------
Update Information:
First release
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1952927 - Review Request: ne - ne, the nice editor
https://bugzilla.redhat.com/show_bug.cgi?id=1952927
--------------------------------------------------------------------------------
================================================================================
retroarch-1.9.3-1.fc32 (FEDORA-2021-1acc306095)
Cross-platform, sophisticated frontend for the libretro API.
--------------------------------------------------------------------------------
Update Information:
Update to 1.9.3
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 15 2021 Artem Polishchuk <ego.cordatus(a)gmail.com> - 1.9.3-1
- build(update): 1.9.3
--------------------------------------------------------------------------------
================================================================================
rpcbind-1.2.6-0.fc32 (FEDORA-2021-4fa5160678)
Universal Addresses to RPC Program Number Mapper
--------------------------------------------------------------------------------
Update Information:
Updated to latest upstream release: rpcbind-1_2_6
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 17 2021 Steve Dickson <steved(a)redhat.com> 1.2.6-0
- Updated to latest upstream release: rpcbind-1_2_6 (bz 1959127)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1959127 - rpcbind-1.2.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1959127
--------------------------------------------------------------------------------
================================================================================
rpki-client-7.1-1.fc32 (FEDORA-2021-0965639ccd)
RPKI validator to support BGP Origin Validation
--------------------------------------------------------------------------------
Update Information:
rpki-client 7.1 =============== * Add keep-alive support to the HTTP client
code for RRDP * Reference-count and delete unused files synced via RRDP, as far
as possible * In the JSON output, change the AS Number from a string ("AS123")
to an integer ("123") to make processing of the output easier * Add an
`expires` column to CSV & JSON output, based on certificate and CRL validity
times. The `expires` value can be used to avoid route selection based on stale
data when generating VRP sets, when faced with loss of communication between
consumer and valdiator, or validator and CA repository * Make the runtime
timeout (`-s` option) also triggers in child processes * Improved RRDP support,
upstream encourages testing of RRDP with the `-r` option so that RRDP can be
enabled by default in a future release; please report any RRDP issues found, if
possible, directly to upstream In the portable version, * Improve support for
older libressl versions (although the latest stable release is recommended) *
Add missing compat headers in release packages so they build on Alpine Linux and
macOS
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 18 2021 Robert Scheck <robert(a)fedoraproject.org> 7.1-1
- Upgrade to 7.1 (#1961870)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1961870 - rpki-client-7.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1961870
--------------------------------------------------------------------------------
================================================================================
slapi-nis-0.56.7-1.fc32 (FEDORA-2021-f6cbdada86)
NIS Server and Schema Compatibility plugins for Directory Server
--------------------------------------------------------------------------------
Update Information:
CVE-2021-3480: invalid BIND DN crash
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 18 2021 Alexander Bokovoy <abokovoy(a)redhat.com> - 0.56.7-1
- CVE-2021-3480: invalid bind DN crash
- New upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1961157 - CVE-2021-3480 slapi-nis: NULL dereference (DoS) with specially crafted Binding DN [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1961157
--------------------------------------------------------------------------------
================================================================================
upx-3.96-9.fc32 (FEDORA-2021-09b10922eb)
Ultimate Packer for eXecutables
--------------------------------------------------------------------------------
Update Information:
Patch for CVE-2020-24119.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 18 2021 Gwyn Ciesla <gwync(a)protonmail.com> - 3.96-9
- Patch for CVE-2020-24119
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1961592 - CVE-2020-24119 upx: heap buffer overflow in p_lx_elf.cpp [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1961592
--------------------------------------------------------------------------------
2 years, 11 months