The following Fedora 31 Security updates need testing: Age URL 7 https://bodhi.fedoraproject.org/updates/FEDORA-2020-3813e1317b seamonkey-2.53.4-1.fc31 7 https://bodhi.fedoraproject.org/updates/FEDORA-2020-20ab468a33 libxml2-2.9.10-4.fc31 6 https://bodhi.fedoraproject.org/updates/FEDORA-2020-e19b87f4f5 grub2-2.02-110.fc31 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-c1c4cb96d3 singularity-3.6.3-1.fc31 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-f30298614a perl-DBI-1.643-3.fc31
The following Fedora 31 Critical Path updates have yet to be approved: Age URL 111 https://bodhi.fedoraproject.org/updates/FEDORA-2020-03e14f6120 dracut-050-61.git20200529.fc31 37 https://bodhi.fedoraproject.org/updates/FEDORA-2020-72bc7df001 libunwind-1.3.1-7.fc31 27 https://bodhi.fedoraproject.org/updates/FEDORA-2020-8f69c7534c iproute-5.4.0-2.fc31 14 https://bodhi.fedoraproject.org/updates/FEDORA-2020-3e29e08254 firefox-80.0.1-2.fc31 12 https://bodhi.fedoraproject.org/updates/FEDORA-2020-a4a2ad2213 nspr-4.28.0-1.fc31 nss-3.56.0-1.fc31 10 https://bodhi.fedoraproject.org/updates/FEDORA-2020-bc09a9568d bluez-5.55-1.fc31 10 https://bodhi.fedoraproject.org/updates/FEDORA-2020-9c524230d8 binutils-2.32-33.fc31 9 https://bodhi.fedoraproject.org/updates/FEDORA-2020-8441d0e5ef gnome-software-3.34.2-5.fc31 9 https://bodhi.fedoraproject.org/updates/FEDORA-2020-055f21fd38 koji-1.22.1-1.fc31 7 https://bodhi.fedoraproject.org/updates/FEDORA-2020-20ab468a33 libxml2-2.9.10-4.fc31 7 https://bodhi.fedoraproject.org/updates/FEDORA-2020-53998c646c breeze-icon-theme-5.73.0-1.fc31 extra-cmake-modules-5.73.0-1.fc31 kf5-5.73.0-1.fc31 kf5-attica-5.73.0-1.fc31 kf5-baloo-5.73.0-1.fc31 kf5-bluez-qt-5.73.0-1.fc31 kf5-frameworkintegration-5.73.0-1.fc31 kf5-kactivities-5.73.0-1.fc31 kf5-kactivities-stats-5.73.0-1.fc31 kf5-kapidox-5.73.0-1.fc31 kf5-karchive-5.73.0-2.fc31 kf5-kauth-5.73.0-1.fc31 kf5-kbookmarks-5.73.0-1.fc31 kf5-kcmutils-5.73.0-1.fc31 kf5-kcodecs-5.73.0-1.fc31 kf5-kcompletion-5.73.0-1.fc31 kf5-kconfig-5.73.0-1.fc31 kf5-kconfigwidgets-5.73.0-1.fc31 kf5-kcoreaddons-5.73.0-1.fc31 kf5-kcrash-5.73.0-1.fc31 kf5-kdbusaddons-5.73.0-1.fc31 kf5-kdeclarative-5.73.0-1.fc31 kf5-kded-5.73.0-1.fc31 kf5-kdelibs4support-5.73.0-1.fc31 kf5-kdesignerplugin-5.73.0-1.fc31 kf5-kdesu-5.73.0-1.fc31 kf5-kdewebkit-5.73.0-1.fc31 kf5-kdnssd-5.73.0-1.fc31 kf5-kdoctools-5.73.0-1.fc31 kf5-kemoticons-5.73.0-1.fc31 kf5-kfilemetadata-5.73.0-1.fc31 kf5-kglobalaccel-5.73.0-1.fc31 kf5-kguiad dons-5.73.0-1.fc31 kf5-kholidays-5.73.0-1.fc31 kf5-khtml-5.73.0-1.fc31 kf5-ki18n-5.73.0-1.fc31 kf5-kiconthemes-5.73.0-1.fc31 kf5-kidletime-5.73.0-1.fc31 kf5-kimageformats-5.73.0-1.fc31 kf5-kinit-5.73.0-1.fc31 kf5-kio-5.73.0-1.fc31 kf5-kirigami2-5.73.0-2.fc31 kf5-kitemmodels-5.73.0-1.fc31 kf5-kitemviews-5.73.0-1.fc31 kf5-kjobwidgets-5.73.0-1.fc31 kf5-kjs-5.73.0-1.fc31 kf5-kjsembed-5.73.0-1.fc31 kf5-kmediaplayer-5.73.0-1.fc31 kf5-knewstuff-5.73.0-1.fc31 kf5-knotifications-5.73.0-1.fc31 kf5-knotifyconfig-5.73.0-1.fc31 kf5-kpackage-5.73.0-1.fc31 kf5-kparts-5.73.0-1.fc31 kf5-kpeople-5.73.0-1.fc31 kf5-kplotting-5.73.0-1.fc31 kf5-kpty-5.73.0-1.fc31 kf5-kquickcharts-5.73.0-1.fc31 kf5-kross-5.73.0-1.fc31 kf5-krunner-5.73.0-1.fc31 kf5-kservice-5.73.0-1.fc31 kf5-ktexteditor-5.73.0-1.fc31 kf5-ktextwidgets-5.73.0-1.fc31 kf5-kunitconversion-5.73.0-1.fc31 kf5-kwallet-5.73.0-1.fc31 kf5-kwayland-5.73.0-1.fc31 kf5-kwidgetsaddons-5.73.0-1.fc31 kf5-kwindowsystem-5.73.0-1.fc31 kf5-kxmlgui-5.73.0-1.fc31 kf5-kxmlrpcclient-5.73.0-1.fc31 kf5-modemmanager-qt-5.73.0-1.fc31 kf5-networkmanager-qt-5.73.0-1.fc31 kf5-plasma-5.73.0-1.fc31 kf5-prison-5.73.0-1.fc31 kf5-purpose-5.73.0-1.fc31 kf5-solid-5.73.0-1.fc31 kf5-sonnet-5.73.0-1.fc31 kf5-syndication-5.73.0-1.fc31 kf5-syntax-highlighting-5.73.0-1.fc31 kf5-threadweaver-5.73.0-1.fc31 oxygen-icon-theme-5.73.0-1.fc31 plasma-wayland-protocols-1.1.1-1.fc31 qqc2-desktop-style-5.73.0-1.fc31 7 https://bodhi.fedoraproject.org/updates/FEDORA-2020-1ce9fdf311 nfs-utils-2.5.1-4.rc4.fc31 7 https://bodhi.fedoraproject.org/updates/FEDORA-2020-8aacee8a58 usermode-1.112-9.fc31 6 https://bodhi.fedoraproject.org/updates/FEDORA-2020-e19b87f4f5 grub2-2.02-110.fc31 2 https://bodhi.fedoraproject.org/updates/FEDORA-2020-12d53b8cf7 sudo-1.9.2-1.fc31 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-cff3124992 pcre2-10.35-6.fc31
The following builds have been pushed to Fedora 31 updates-testing
R-ascii-2.4-1.fc31 cups-filters-1.28.2-2.fc31 dnstwist-20200916-1.fc31 fuzza-0.6.0-3.fc31 haskell-platform-2019.2-2.fc31 kernel-5.8.10-100.fc31 libblockdev-2.24-2.fc31 libuv-1.39.0-1.fc31 matio-1.5.18-1.fc31 metamath-0.193-1.fc31 nodejs-12.18.4-1.fc31 perl-OLE-Storage_Lite-0.20-1.fc31 python39-3.9.0~rc2-1.fc31 xtb-6.3.3-1.fc31
Details about builds:
================================================================================ R-ascii-2.4-1.fc31 (FEDORA-2020-9c9408b99f) Export R Objects to Several Markup Languages -------------------------------------------------------------------------------- Update Information:
Update to latest version (#1880019) -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 18 2020 Elliott Sales de Andrade quantum.analyst@gmail.com - 2.4-1 - Update to latest version (#1880019) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1880019 - R-ascii-2.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1880019 --------------------------------------------------------------------------------
================================================================================ cups-filters-1.28.2-2.fc31 (FEDORA-2020-f053cee377) OpenPrinting CUPS filters and backends -------------------------------------------------------------------------------- Update Information:
1879147 - driverless cannot generate ppd for dns-sd based uris -------------------------------------------------------------------------------- ChangeLog:
* Thu Sep 17 2020 Zdenek Dohnal zdohnal@redhat.com - 1.28.2-2 - 1879147 - driverless cannot generate ppd for dns-sd based uris * Tue Sep 15 2020 Zdenek Dohnal zdohnal@redhat.com - 1.28.2-1 - 1.28.2 * Thu Sep 3 2020 Zdenek Dohnal zdohnal@redhat.com - 1.28.1-2 - revert previous commit - systemd-resolved doesn't work with avahi right now because missing link in NetworkManager * Mon Aug 31 2020 Zdenek Dohnal zdohnal@redhat.com - 1.28.1-2 - MDNS resolving should be done by systemd-resolved now -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1879147 - driverless cannot generate ppd for dns-sd based uris https://bugzilla.redhat.com/show_bug.cgi?id=1879147 --------------------------------------------------------------------------------
================================================================================ dnstwist-20200916-1.fc31 (FEDORA-2020-8b61beb9a8) Domain name permutation engine -------------------------------------------------------------------------------- Update Information:
Update to latest upstream release (v20200916) -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 18 2020 Artur Frenszek-Iwicki fedora@svgames.pl - 20200916-1 - Update to latest upstream release --------------------------------------------------------------------------------
================================================================================ fuzza-0.6.0-3.fc31 (FEDORA-2020-9ee656ad5c) TCP fuzzing tool to test for remote buffer overflows -------------------------------------------------------------------------------- Update Information:
Disable dependency generator -------------------------------------------------------------------------------- ChangeLog:
--------------------------------------------------------------------------------
================================================================================ haskell-platform-2019.2-2.fc31 (FEDORA-2020-f1102bae0c) Standard Haskell distribution -------------------------------------------------------------------------------- Update Information:
- stack requires gcc and gmp-devel - stack also recommends zlib-devel -------------------------------------------------------------------------------- ChangeLog:
* Wed Sep 16 2020 Jens Petersen petersen@redhat.com - 2019.2-2 - stack requires gcc and gmp-devel - stack also recommends zlib-devel --------------------------------------------------------------------------------
================================================================================ kernel-5.8.10-100.fc31 (FEDORA-2020-a3b3084904) The Linux kernel -------------------------------------------------------------------------------- Update Information:
The 5.8.10 stable kernel update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog:
* Thu Sep 17 2020 Justin M. Forbes jforbes@fedoraproject.org - 5.8.10-100 - Linux v5.8.10 - Fix (rhbz 1873720 1876997) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1873720 - kernel-5.7.17 and kernel-5.8.4: NFS client can't see files from NFS mount https://bugzilla.redhat.com/show_bug.cgi?id=1873720 [ 2 ] Bug #1876997 - Touchpad detected but pointer doesn't move on screen https://bugzilla.redhat.com/show_bug.cgi?id=1876997 --------------------------------------------------------------------------------
================================================================================ libblockdev-2.24-2.fc31 (FEDORA-2020-0462f60a30) A library for low-level manipulation with block devices -------------------------------------------------------------------------------- Update Information:
exec: Fix setting locale for util calls -------------------------------------------------------------------------------- ChangeLog:
* Thu Sep 17 2020 Vojtech Trefny vtrefny@redhat.com - 2.24-2 - exec: Fix setting locale for util calls --------------------------------------------------------------------------------
================================================================================ libuv-1.39.0-1.fc31 (FEDORA-2020-c5ec22e14f) Platform layer for node.js -------------------------------------------------------------------------------- Update Information:
Update to Node.js 12.18.4 September 2020 security release - https://nodejs.org/en/blog/vulnerability/september-2020-security-releases/ -------------------------------------------------------------------------------- ChangeLog:
* Tue Sep 8 2020 Stephen Gallagher sgallagh@redhat.com - 1.39.0-1 - Update to 1.39.0 * Fri Jul 31 2020 Stephen Gallagher sgallagh@redhat.com - 1.38.1-1 - Update to 1.38.1 - https://github.com/libuv/libuv/blob/v1.38.1/ChangeLog * Tue Jul 28 2020 Fedora Release Engineering releng@fedoraproject.org - 1:1.38.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ matio-1.5.18-1.fc31 (FEDORA-2020-6cc434b937) Library for reading/writing Matlab MAT files -------------------------------------------------------------------------------- Update Information:
1.5.18 https://github.com/tbeu/matio/releases/tag/v1.5.18 -------------------------------------------------------------------------------- ChangeLog:
* Thu Sep 17 2020 Gwyn Ciesla gwync@protonmail.com - 1.5.18-1 - 1.5.18 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1769546 - CVE-2019-17533 matio: improper null termination in Mat_VarReadNextInfo4 in mat4.c leads to heap-based overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1769546 [ 2 ] Bug #1769548 - CVE-2019-17533 matio: improper null termination in Mat_VarReadNextInfo4 in mat4.c leads to heap-based overflow [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1769548 [ 3 ] Bug #1769550 - CVE-2019-17533 matio: improper null termination in Mat_VarReadNextInfo4 in mat4.c leads to heap-based overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1769550 [ 4 ] Bug #1792008 - CVE-2019-20019 matio: excessive memory allocation in Mat_VarRead5 in mat5.c [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1792008 [ 5 ] Bug #1792009 - CVE-2019-20019 matio: excessive memory allocation in Mat_VarRead5 in mat5.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1792009 [ 6 ] Bug #1792295 - CVE-2019-20020 matio: stack-based buffer overflow in ReadNextStructField in mat5.c [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1792295 [ 7 ] Bug #1792296 - CVE-2019-20020 matio: stack-based buffer overflow in ReadNextStructField in mat5.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1792296 [ 8 ] Bug #1792301 - CVE-2019-20018 matio: stack-based buffer overflow in ReadNextCell in mat5.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1792301 [ 9 ] Bug #1792303 - CVE-2019-20018 matio: stack-based buffer overflow in ReadNextCell in mat5.c [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1792303 [ 10 ] Bug #1792333 - CVE-2019-20017 matio: stack-based buffer overflow in Mat_VarReadNextInfo5 in mat5.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1792333 [ 11 ] Bug #1792336 - CVE-2019-20017 matio: stack-based buffer overflow in Mat_VarReadNextInfo5 in mat5.c [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1792336 [ 12 ] Bug #1794726 - CVE-2019-20052 matio: memory leak in Mat_VarCalloc in mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1794726 [ 13 ] Bug #1794727 - CVE-2019-20052 matio: memory leak in Mat_VarCalloc in mat.c [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1794727 [ 14 ] Bug #1880167 - matio-1.5.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=1880167 --------------------------------------------------------------------------------
================================================================================ metamath-0.193-1.fc31 (FEDORA-2020-455922b656) Construct mathematics from basic axioms -------------------------------------------------------------------------------- Update Information:
Changes in version 0.193: - Make the output of /EXTRACT stable in the sense that, with the same <label-list> parameter, extract(extract(file)) = extract(file) except that the date stamp at the top will be updated. (The first extraction even if "*" will usually be different because it discards non- relevant content. Note that the include file directives "$( $[ Begin..." etc. and comments with "$j" are currently discarded.) - Update set.mm to 12 Sep 2020 version -------------------------------------------------------------------------------- ChangeLog:
* Thu Sep 17 2020 Jerry James loganjerry@gmail.com - 0.193-1 - Version 0.193 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1878534 - metamath-0.193 is available https://bugzilla.redhat.com/show_bug.cgi?id=1878534 --------------------------------------------------------------------------------
================================================================================ nodejs-12.18.4-1.fc31 (FEDORA-2020-c5ec22e14f) JavaScript runtime -------------------------------------------------------------------------------- Update Information:
Update to Node.js 12.18.4 September 2020 security release - https://nodejs.org/en/blog/vulnerability/september-2020-security-releases/ -------------------------------------------------------------------------------- ChangeLog:
* Wed Sep 16 2020 Stephen Gallagher sgallagh@redhat.com - 1:12.18.4-1 - Update to 12.18.4 --------------------------------------------------------------------------------
================================================================================ perl-OLE-Storage_Lite-0.20-1.fc31 (FEDORA-2020-d3803c370c) Simple Class for OLE document interface -------------------------------------------------------------------------------- Update Information:
This release fixes handling the dates after year 2020. -------------------------------------------------------------------------------- ChangeLog:
* Mon Jan 6 2020 Petr Pisar ppisar@redhat.com - 0.20-1 - 0.20 bump (CPAN RT#124513) * Mon Oct 7 2019 Paul Howarth paul@city-fan.org - 0.19-27 - Spec tidy-up - Specify all build dependencies - Drop redundant buildroot cleaning in %install section - Don't need to remove empty directories from the buildroot - Simplify find command using -delete - Fix permissions verbosely - Make %files list more explicit - Use tabs consistently --------------------------------------------------------------------------------
================================================================================ python39-3.9.0~rc2-1.fc31 (FEDORA-2020-0249c4a287) Version 3.9 of the Python interpreter -------------------------------------------------------------------------------- Update Information:
This is the second release candidate of Python 3.9 This release, [3.9.0rc2](https://www.python.org/downloads/release/python-390rc2/), is the last preview before the final release of Python 3.9.0 on 2020-10-05. In the mean time, we strongly encourage maintainers of third-party Python projects to prepare their projects for 3.9 compatibility during this phase. As always, report any issues. -------------------------------------------------------------------------------- ChangeLog:
* Thu Sep 17 2020 Miro Hron��ok mhroncok@redhat.com - 3.9.0~rc2-1 - Update to 3.9.0rc2 --------------------------------------------------------------------------------
================================================================================ xtb-6.3.3-1.fc31 (FEDORA-2020-24bca545d9) Semiempirical Extended Tight-Binding Program Package -------------------------------------------------------------------------------- Update Information:
Maintenance and bugfix update to version 6.3.3, see full changelog at https://github.com/grimme-lab/xtb/releases/tag/v6.3.3 -------------------------------------------------------------------------------- ChangeLog:
* Thu Sep 17 2020 Susi Lehtola jussilehtola@fedoraproject.org - 6.3.3-1 - Update to 6.3.3. * Sun Aug 16 2020 I��aki ��car iucar@fedoraproject.org - 6.3.2-2 - https://fedoraproject.org/wiki/Changes/FlexiBLAS_as_BLAS/LAPACK_manager * Wed Aug 5 2020 Susi Lehtola jussilehtola@fedoraproject.org - 6.3.2-1 - Update to 6.3.2. * Sat Aug 1 2020 Fedora Release Engineering releng@fedoraproject.org - 6.3.1-7 - Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Wed Jul 29 2020 Fedora Release Engineering releng@fedoraproject.org - 6.3.1-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1880108 - xtb-6.3.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1880108 --------------------------------------------------------------------------------