The following Fedora 33 Security updates need testing: Age URL 155 https://bodhi.fedoraproject.org/updates/FEDORA-2021-c3d587d52c shim-15.4-1 15 https://bodhi.fedoraproject.org/updates/FEDORA-2021-372114906d squashfs-tools-4.5-2.fc33 13 https://bodhi.fedoraproject.org/updates/FEDORA-2021-974adcb4a6 openssl-1.1.1l-1.fc33 12 https://bodhi.fedoraproject.org/updates/FEDORA-2021-232161e4d5 lynx-2.8.9-13.fc33 5 https://bodhi.fedoraproject.org/updates/FEDORA-2021-4a43cbe0b4 vim-8.2.3404-1.fc33 5 https://bodhi.fedoraproject.org/updates/FEDORA-2021-38b51d9fd3 golang-1.15.15-1.fc33 3 https://bodhi.fedoraproject.org/updates/FEDORA-2021-f53d1bbf50 wordpress-5.8.1-1.fc33 3 https://bodhi.fedoraproject.org/updates/FEDORA-2021-fed53cbc7d xen-4.14.2-4.fc33 3 https://bodhi.fedoraproject.org/updates/FEDORA-2021-60f1d2eba1 kernel-5.13.15-100.fc33 3 https://bodhi.fedoraproject.org/updates/FEDORA-2021-cd5ee418f6 haproxy-2.2.17-1.fc33 2 https://bodhi.fedoraproject.org/updates/FEDORA-2021-db6fb33b05 libtpms-0.8.6-0.20210910git7a4d46a119.fc33 2 https://bodhi.fedoraproject.org/updates/FEDORA-2021-450c33d2a6 firefox-92.0-2.fc33
The following Fedora 33 Critical Path updates have yet to be approved: Age URL 174 https://bodhi.fedoraproject.org/updates/FEDORA-2021-2961f34ccb PackageKit-1.2.3-1.fc33 109 https://bodhi.fedoraproject.org/updates/FEDORA-2021-4797e362b3 abrt-2.14.6-1.fc33 libreport-2.15.1-1.fc33 satyr-0.37-2.fc33 25 https://bodhi.fedoraproject.org/updates/FEDORA-2021-4ccf3840ed gnome-shell-3.38.6-1.fc33 mutter-3.38.6-1.fc33 15 https://bodhi.fedoraproject.org/updates/FEDORA-2021-372114906d squashfs-tools-4.5-2.fc33 13 https://bodhi.fedoraproject.org/updates/FEDORA-2021-974adcb4a6 openssl-1.1.1l-1.fc33 12 https://bodhi.fedoraproject.org/updates/FEDORA-2021-dac2bec579 cracklib-2.9.6-27.fc33 11 https://bodhi.fedoraproject.org/updates/FEDORA-2021-f135b880d1 gnome-software-3.38.2-3.fc33 11 https://bodhi.fedoraproject.org/updates/FEDORA-2021-5326e30d64 hwdata-0.351-1.fc33 10 https://bodhi.fedoraproject.org/updates/FEDORA-2021-9958e15ab2 perl-Digest-1.20-1.fc33 3 https://bodhi.fedoraproject.org/updates/FEDORA-2021-7a74c98205 thunderbird-91.1.0-1.fc33 3 https://bodhi.fedoraproject.org/updates/FEDORA-2021-60f1d2eba1 kernel-5.13.15-100.fc33 3 https://bodhi.fedoraproject.org/updates/FEDORA-2021-e7c8ba6301 ntfs-3g-2021.8.22-2.fc33 2 https://bodhi.fedoraproject.org/updates/FEDORA-2021-450c33d2a6 firefox-92.0-2.fc33 0 https://bodhi.fedoraproject.org/updates/FEDORA-2021-b23a9bea6a ethtool-5.14-1.fc33 0 https://bodhi.fedoraproject.org/updates/FEDORA-2021-e63926a1bb btrfs-progs-5.14-2.fc33
The following builds have been pushed to Fedora 33 updates-testing
certbot-1.19.0-1.fc33 golang-github-yuin-goldmark-1.4.1-2.fc33 gsequencer-3.11.7-0.fc33 libquotient-0.6.9-1.fc33 mingw-python-pillow-7.2.0-8.fc33 php-doctrine-dbal-2.13.3-1.fc33 python-acme-1.19.0-1.fc33 python-certbot-apache-1.19.0-1.fc33 python-certbot-dns-cloudflare-1.19.0-1.fc33 python-certbot-dns-cloudxns-1.19.0-1.fc33 python-certbot-dns-digitalocean-1.19.0-1.fc33 python-certbot-dns-dnsimple-1.19.0-1.fc33 python-certbot-dns-dnsmadeeasy-1.19.0-1.fc33 python-certbot-dns-gehirn-1.19.0-1.fc33 python-certbot-dns-google-1.19.0-1.fc33 python-certbot-dns-linode-1.19.0-1.fc33 python-certbot-dns-luadns-1.19.0-1.fc33 python-certbot-dns-nsone-1.19.0-1.fc33 python-certbot-dns-ovh-1.19.0-1.fc33 python-certbot-dns-rfc2136-1.19.0-1.fc33 python-certbot-dns-route53-1.19.0-1.fc33 python-certbot-dns-sakuracloud-1.19.0-1.fc33 python-certbot-nginx-1.19.0-1.fc33 python-pillow-7.2.0-8.fc33 python2-pillow-6.2.2-7.fc33
Details about builds:
================================================================================ certbot-1.19.0-1.fc33 (FEDORA-2021-977d1aed48) A free, automated certificate authority client -------------------------------------------------------------------------------- Update Information:
update to 1.19.0 -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 10 2021 Felix Schwarz fschwarz@fedoraproject.org - 1.19.0-1 - Update to 1.19.0 (#2002040) * Fri Sep 3 2021 Felix Schwarz fschwarz@fedoraproject.org - 1.18.0-2 - enable "--preconfigured-renewal" also for EPEL8 (#1986205) --------------------------------------------------------------------------------
================================================================================ golang-github-yuin-goldmark-1.4.1-2.fc33 (FEDORA-2021-73f7426a06) Markdown parser written in Go -------------------------------------------------------------------------------- Update Information:
Update to latest version -------------------------------------------------------------------------------- ChangeLog:
* Mon Sep 13 2021 Elliott Sales de Andrade quantum.analyst@gmail.com - 1.4.1-1 - Update to latest version (#2003469) * Thu Jul 22 2021 Fedora Release Engineering releng@fedoraproject.org - 1.4.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2003469 - golang-github-yuin-goldmark-1.4.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2003469 --------------------------------------------------------------------------------
================================================================================ gsequencer-3.11.7-0.fc33 (FEDORA-2021-d818b6d0d3) Audio processing engine -------------------------------------------------------------------------------- Update Information:
updated Source to point to new minor version directory -------------------------------------------------------------------------------- ChangeLog:
* Mon Sep 13 2021 Jo��l Kr��hemann jkraehemann@gmail.com 3.11.7-0 - updated Source to point to new minor version directory --------------------------------------------------------------------------------
================================================================================ libquotient-0.6.9-1.fc33 (FEDORA-2021-0c99a14fee) Qt5 library to write cross-platform clients for Matrix -------------------------------------------------------------------------------- Update Information:
Updated to version 0.6.9. -------------------------------------------------------------------------------- ChangeLog:
* Mon Sep 13 2021 Vitaly Zaitsev vitaly@easycoding.org - 0.6.9-1 - Updated to version 0.6.9. --------------------------------------------------------------------------------
================================================================================ mingw-python-pillow-7.2.0-8.fc33 (FEDORA-2021-9f020cf155) MinGW Windows Python pillow library -------------------------------------------------------------------------------- Update Information:
Backport patch for CVE-2021-23437. -------------------------------------------------------------------------------- ChangeLog:
* Mon Sep 13 2021 Sandro Mani manisandro@gmail.com - 7.2.0-8 - Backport fix for CVE-2021-23437 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2001908 - CVE-2021-23437 mingw-python-pillow: python-pillow: possible ReDoS via the getrgb function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2001908 [ 2 ] Bug #2001909 - CVE-2021-23437 python-pillow: possible ReDoS via the getrgb function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2001909 [ 3 ] Bug #2001910 - CVE-2021-23437 python2-pillow: python-pillow: possible ReDoS via the getrgb function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2001910 --------------------------------------------------------------------------------
================================================================================ php-doctrine-dbal-2.13.3-1.fc33 (FEDORA-2021-e5ad7c2ae3) Doctrine Database Abstraction Layer (DBAL) -------------------------------------------------------------------------------- Update Information:
**Version 2.13.3** Bug Fixes * 4621: Move fix for user provided pdo connection thanks to @bizurkur * 4662: Add ReturnTypeWillChange to PDO implementations thanks to @derrabus Deprecations * 4767: Deprecate SQLAnywhere driver thanks to @derrabus PHP 8.1 * 4736: Don't use null as exception message thanks to @derrabus * 4735: PHP 8.1 compatibility for 2.13 thanks to @derrabus * 4734: Add ReturnTypeWillChange to core interface implementations thanks to @derrabus -------------------------------------------------------------------------------- ChangeLog:
* Mon Sep 13 2021 Remi Collet remi@remirepo.net - 2.13.3-1 - update to 2.13.3 * Fri Jul 23 2021 Fedora Release Engineering releng@fedoraproject.org - 2.13.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ python-acme-1.19.0-1.fc33 (FEDORA-2021-977d1aed48) Python library for the ACME protocol -------------------------------------------------------------------------------- Update Information:
update to 1.19.0 -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 10 2021 Felix Schwarz fschwarz@fedoraproject.org - 1.19.0-1 - Update to 1.19.0 (#2002035) --------------------------------------------------------------------------------
================================================================================ python-certbot-apache-1.19.0-1.fc33 (FEDORA-2021-977d1aed48) The apache plugin for certbot -------------------------------------------------------------------------------- Update Information:
update to 1.19.0 -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 10 2021 Felix Schwarz fschwarz@fedoraproject.org - 1.19.0-1 - Update to 1.19.0 (#2002041) --------------------------------------------------------------------------------
================================================================================ python-certbot-dns-cloudflare-1.19.0-1.fc33 (FEDORA-2021-977d1aed48) Cloudflare DNS Authenticator plugin for Certbot -------------------------------------------------------------------------------- Update Information:
update to 1.19.0 -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 10 2021 Felix Schwarz fschwarz@fedoraproject.org - 1.19.0-1 - Update to 1.19.0 (#2002042) --------------------------------------------------------------------------------
================================================================================ python-certbot-dns-cloudxns-1.19.0-1.fc33 (FEDORA-2021-977d1aed48) CloudXNS DNS Authenticator plugin for Certbot -------------------------------------------------------------------------------- Update Information:
update to 1.19.0 -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 10 2021 Felix Schwarz fschwarz@fedoraproject.org - 1.19.0-1 - Update to 1.19.0 (#2002043) --------------------------------------------------------------------------------
================================================================================ python-certbot-dns-digitalocean-1.19.0-1.fc33 (FEDORA-2021-977d1aed48) DigitalOcean DNS Authenticator plugin for Certbot -------------------------------------------------------------------------------- Update Information:
update to 1.19.0 -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 10 2021 Felix Schwarz fschwarz@fedoraproject.org - 1.19.0-1 - Update to 1.19.0 (#2002047) --------------------------------------------------------------------------------
================================================================================ python-certbot-dns-dnsimple-1.19.0-1.fc33 (FEDORA-2021-977d1aed48) DNSimple DNS Authenticator plugin for Certbot -------------------------------------------------------------------------------- Update Information:
update to 1.19.0 -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 10 2021 Felix Schwarz fschwarz@fedoraproject.org - 1.19.0-1 - Update to 1.19.0 (#2002044) --------------------------------------------------------------------------------
================================================================================ python-certbot-dns-dnsmadeeasy-1.19.0-1.fc33 (FEDORA-2021-977d1aed48) DNS Made Easy DNS Authenticator plugin for Certbot -------------------------------------------------------------------------------- Update Information:
update to 1.19.0 -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 10 2021 Felix Schwarz fschwarz@fedoraproject.org - 1.19.0-1 - Update to 1.19.0 (#2002045) --------------------------------------------------------------------------------
================================================================================ python-certbot-dns-gehirn-1.19.0-1.fc33 (FEDORA-2021-977d1aed48) Gehirn Infrastructure Service DNS Authenticator plugin for Certbot -------------------------------------------------------------------------------- Update Information:
update to 1.19.0 -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 10 2021 Felix Schwarz fschwarz@fedoraproject.org - 1.19.0-1 - Update to 1.19.0 (#2002046) --------------------------------------------------------------------------------
================================================================================ python-certbot-dns-google-1.19.0-1.fc33 (FEDORA-2021-977d1aed48) Google Cloud DNS Authenticator plugin for Certbot -------------------------------------------------------------------------------- Update Information:
update to 1.19.0 -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 10 2021 Felix Schwarz fschwarz@fedoraproject.org - 1.19.0-1 - Update to 1.19.0 (#2002048) --------------------------------------------------------------------------------
================================================================================ python-certbot-dns-linode-1.19.0-1.fc33 (FEDORA-2021-977d1aed48) Linode DNS Authenticator plugin for Certbot -------------------------------------------------------------------------------- Update Information:
update to 1.19.0 -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 10 2021 Felix Schwarz fschwarz@fedoraproject.org - 1.19.0-1 - Update to 1.19.0 (#2002049) --------------------------------------------------------------------------------
================================================================================ python-certbot-dns-luadns-1.19.0-1.fc33 (FEDORA-2021-977d1aed48) LuaDNS Authenticator plugin for Certbot -------------------------------------------------------------------------------- Update Information:
update to 1.19.0 -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 10 2021 Felix Schwarz fschwarz@fedoraproject.org - 1.19.0-1 - Update to 1.19.0 (#2002050) --------------------------------------------------------------------------------
================================================================================ python-certbot-dns-nsone-1.19.0-1.fc33 (FEDORA-2021-977d1aed48) NS1 DNS Authenticator plugin for Certbot -------------------------------------------------------------------------------- Update Information:
update to 1.19.0 -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 10 2021 Felix Schwarz fschwarz@fedoraproject.org - 1.19.0-1 - Update to 1.19.0 (#2002053) --------------------------------------------------------------------------------
================================================================================ python-certbot-dns-ovh-1.19.0-1.fc33 (FEDORA-2021-977d1aed48) OVH DNS Authenticator plugin for Certbot -------------------------------------------------------------------------------- Update Information:
update to 1.19.0 -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 10 2021 Felix Schwarz fschwarz@fedoraproject.org - 1.19.0-1 - Update to 1.19.0 (#2002051) --------------------------------------------------------------------------------
================================================================================ python-certbot-dns-rfc2136-1.19.0-1.fc33 (FEDORA-2021-977d1aed48) RFC 2136 DNS Authenticator plugin for Certbot -------------------------------------------------------------------------------- Update Information:
update to 1.19.0 -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 10 2021 Felix Schwarz fschwarz@fedoraproject.org - 1.19.0-1 - Update to 1.19.0 (#2002054) --------------------------------------------------------------------------------
================================================================================ python-certbot-dns-route53-1.19.0-1.fc33 (FEDORA-2021-977d1aed48) Route53 DNS Authenticator plugin for Certbot -------------------------------------------------------------------------------- Update Information:
update to 1.19.0 -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 10 2021 Felix Schwarz fschwarz@fedoraproject.org - 1.19.0-1 - Update to 1.19.0 (#2002052) --------------------------------------------------------------------------------
================================================================================ python-certbot-dns-sakuracloud-1.19.0-1.fc33 (FEDORA-2021-977d1aed48) Sakura Cloud DNS Authenticator plugin for Certbot -------------------------------------------------------------------------------- Update Information:
update to 1.19.0 -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 10 2021 Felix Schwarz fschwarz@fedoraproject.org - 1.19.0-1 - Update to 1.19.0 (#2002055) --------------------------------------------------------------------------------
================================================================================ python-certbot-nginx-1.19.0-1.fc33 (FEDORA-2021-977d1aed48) The nginx plugin for certbot -------------------------------------------------------------------------------- Update Information:
update to 1.19.0 -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 10 2021 Felix Schwarz fschwarz@fedoraproject.org - 1.19.0-1 - Update to 1.19.0 (#2002056) --------------------------------------------------------------------------------
================================================================================ python-pillow-7.2.0-8.fc33 (FEDORA-2021-9f020cf155) Python image processing library -------------------------------------------------------------------------------- Update Information:
Backport patch for CVE-2021-23437. -------------------------------------------------------------------------------- ChangeLog:
* Mon Sep 13 2021 Sandro Mani manisandro@gmail.com - 7.2.0-8 - Backport fix for CVE-2021-23437 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2001908 - CVE-2021-23437 mingw-python-pillow: python-pillow: possible ReDoS via the getrgb function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2001908 [ 2 ] Bug #2001909 - CVE-2021-23437 python-pillow: possible ReDoS via the getrgb function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2001909 [ 3 ] Bug #2001910 - CVE-2021-23437 python2-pillow: python-pillow: possible ReDoS via the getrgb function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2001910 --------------------------------------------------------------------------------
================================================================================ python2-pillow-6.2.2-7.fc33 (FEDORA-2021-9f020cf155) Python image processing library -------------------------------------------------------------------------------- Update Information:
Backport patch for CVE-2021-23437. -------------------------------------------------------------------------------- ChangeLog:
* Mon Sep 13 2021 Sandro Mani manisandro@gmail.com - 6.2.2-7 - Backport fix for CVE-2021-23437 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2001908 - CVE-2021-23437 mingw-python-pillow: python-pillow: possible ReDoS via the getrgb function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2001908 [ 2 ] Bug #2001909 - CVE-2021-23437 python-pillow: possible ReDoS via the getrgb function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2001909 [ 3 ] Bug #2001910 - CVE-2021-23437 python2-pillow: python-pillow: possible ReDoS via the getrgb function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2001910 --------------------------------------------------------------------------------