The following Fedora 33 Security updates need testing: Age URL 61 https://bodhi.fedoraproject.org/updates/FEDORA-2021-c3d587d52c shim-15.4-1 11 https://bodhi.fedoraproject.org/updates/FEDORA-2021-b950000d2b libxml2-2.9.12-4.fc33 6 https://bodhi.fedoraproject.org/updates/FEDORA-2021-3f8d6016c9 polkit-0.117-2.fc33.1 2 https://bodhi.fedoraproject.org/updates/FEDORA-2021-3cf08ffe38 dino-0.1.2-1.fc33 1 https://bodhi.fedoraproject.org/updates/FEDORA-2021-598dbab9a9 microcode_ctl-2.1-43.2.fc33 1 https://bodhi.fedoraproject.org/updates/FEDORA-2021-754af4d52b isync-1.4.2-1.fc33 1 https://bodhi.fedoraproject.org/updates/FEDORA-2021-993693c914 xen-4.14.2-2.fc33 0 https://bodhi.fedoraproject.org/updates/FEDORA-2021-99ca984f32 dogtag-pki-10.10.6-1.fc33 pki-core-10.10.6-1.fc33
The following Fedora 33 Critical Path updates have yet to be approved: Age URL 79 https://bodhi.fedoraproject.org/updates/FEDORA-2021-2961f34ccb PackageKit-1.2.3-1.fc33 15 https://bodhi.fedoraproject.org/updates/FEDORA-2021-4797e362b3 abrt-2.14.6-1.fc33 libreport-2.15.1-1.fc33 satyr-0.37-2.fc33 13 https://bodhi.fedoraproject.org/updates/FEDORA-2021-a963f18434 libedit-3.1-37.20210522cvs.fc33 13 https://bodhi.fedoraproject.org/updates/FEDORA-2021-60d664e252 cryptsetup-2.3.6-1.fc33 11 https://bodhi.fedoraproject.org/updates/FEDORA-2021-38972822f4 elfutils-0.185-2.fc33 11 https://bodhi.fedoraproject.org/updates/FEDORA-2021-b950000d2b libxml2-2.9.12-4.fc33 10 https://bodhi.fedoraproject.org/updates/FEDORA-2021-e2de9e9e55 selinux-policy-3.14.6-38.fc33 10 https://bodhi.fedoraproject.org/updates/FEDORA-2021-bd6d71d113 osinfo-db-20210531-1.fc33 9 https://bodhi.fedoraproject.org/updates/FEDORA-2021-0efb251919 mtools-4.0.29-1.fc33 9 https://bodhi.fedoraproject.org/updates/FEDORA-2021-4bf6df75a0 net-snmp-5.9.1-2.fc33 8 https://bodhi.fedoraproject.org/updates/FEDORA-2021-65c3388877 gjs-1.66.2-6.fc33 mozjs78-78.11.0-1.fc33 8 https://bodhi.fedoraproject.org/updates/FEDORA-2021-d9ea48fdbb lorax-33.11-1.fc33 8 https://bodhi.fedoraproject.org/updates/FEDORA-2021-6ed512f48f adwaita-qt-1.3.1-1.fc33 qgnomeplatform-0.8.0-1.fc33 qt5-qtwayland-5.15.2-7.fc33 8 https://bodhi.fedoraproject.org/updates/FEDORA-2021-5095433f1e hwdata-0.348-1.fc33 8 https://bodhi.fedoraproject.org/updates/FEDORA-2021-fa2ef886a2 mariadb-connector-c-3.1.13-1.fc33 6 https://bodhi.fedoraproject.org/updates/FEDORA-2021-3f8d6016c9 polkit-0.117-2.fc33.1 2 https://bodhi.fedoraproject.org/updates/FEDORA-2021-3ddd31eb34 abrt-2.14.6-3.fc33 abrt-java-connector-1.2.0-7.fc33 gnome-abrt-1.3.6-7.fc33 libreport-2.15.2-2.fc33 reportd-0.7.4-10.fc33 1 https://bodhi.fedoraproject.org/updates/FEDORA-2021-8155341fed thunderbird-78.11.0-1.fc33 1 https://bodhi.fedoraproject.org/updates/FEDORA-2021-01c16188fe coreutils-8.32-19.fc33
The following builds have been pushed to Fedora 33 updates-testing
audit-3.0.2-1.fc33 beakerlib-libraries-0.7-1.fc33 bemenu-0.6.2-1.fc33 butane-0.12.1-1.fc33 composer-2.1.3-1.fc33 container-selinux-2.162.2-2.fc33 containernetworking-plugins-1.0.0-0.2.rc1.fc33 containers-common-1-17.fc33 crun-0.20.1-1.fc33 dotnet5.0-5.0.204-1.fc33 dracut-055-2.fc33 freeipa-healthcheck-0.9-1.fc33 galera-26.4.8-1.fc33 golang-github-containerd-fuse-overlayfs-snapshotter-1.0.2-3.fc33 hplip-3.21.2-5.fc33 iaito-5.2.2-2.fc33 java-1.8.0-openjdk-1.8.0.292.b10-4.fc33 kernel-5.12.10-200.fc33 kernel-tools-5.12.10-200.fc33 leptonica-1.81.0-1.fc33 libxcrypt-4.4.22-2.fc33 maui-mauikit-1.2.2-1.fc33 mdevctl-0.81-1.fc33 mingw-leptonica-1.81.0-1.fc33 mosquitto-1.6.15-1.fc33 nordugrid-arc-6.12.0-1.fc33 pam-1.4.0-11.fc33 php-pecl-igbinary-3.2.3-1.fc33 podman-3.2.0-5.fc33 python-fabric-2.6.0-1.fc33 radare2-5.3.0-1.fc33 udftools-2.3-1.fc33 urw-base35-fonts-20200910-5.fc33 wireshark-3.4.6-1.fc33 youtube-dl-2021.06.06-1.fc33
Details about builds:
================================================================================ audit-3.0.2-1.fc33 (FEDORA-2021-498d277506) User space tools for kernel auditing -------------------------------------------------------------------------------- Update Information:
This release updates the syscall tables to the 5.12 kernel, has a big documentation cleanup, and has a big update to the auparse normalizer results. There are various issues found by static analysis cleaned up. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 10 2021 Steve Grubb sgrubb@redhat.com 3.0.2-1 - New upstream feature and bugfix release * Fri Jun 4 2021 Python Maint python-maint@redhat.com - 3.0.1-3 - Rebuilt for Python 3.10 --------------------------------------------------------------------------------
================================================================================ beakerlib-libraries-0.7-1.fc33 (FEDORA-2021-b7aa29d792) Beakerlib libraries -------------------------------------------------------------------------------- Update Information:
Update to 0.7 -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 10 2021 Andrei Stepanov astepano@redhat.com - 0.7-1 - Build with the latest merged PRs. --------------------------------------------------------------------------------
================================================================================ bemenu-0.6.2-1.fc33 (FEDORA-2021-e73f04cfe1) Dynamic menu library and client program inspired by dmenu -------------------------------------------------------------------------------- Update Information:
Upgrade to version 0.6.2. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 10 2021 Jan Stan��k jstanek@redhat.com - 0.6.2-1 - Upgrade to version 0.6.2 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1970087 - bemenu-0.6.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1970087 --------------------------------------------------------------------------------
================================================================================ butane-0.12.1-1.fc33 (FEDORA-2021-d0cf2e2a4a) Butane config transpiler -------------------------------------------------------------------------------- Update Information:
New upstream release. See [upstream release notes](https://github.com/coreos/butane/blob/v0.12.1/NEWS). -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 10 2021 Benjamin Gilbert bgilbert@redhat.com - 0.12.1-1 - New release * Tue Jun 8 2021 Sohan Kunkerkar skunkerk@redhat.com - 0.12.0-1 - New release --------------------------------------------------------------------------------
================================================================================ composer-2.1.3-1.fc33 (FEDORA-2021-8c1a8baf43) Dependency Manager for PHP -------------------------------------------------------------------------------- Update Information:
**Version 2.1.3** - 2021-06-09 * Add "symlink" option for "bin-compat" config to force symlinking even on WSL/Windows (#9959) * Fixed source binaries not being made executable when symlinks cannot be used (#9961) * Fixed more deletion edge cases (#9955, #9956) * Fixed `dump-autoload` command not dispatching scripts anymore, regressed in 2.1.2 (#9954) ---- **Version 2.1.2** - 2021-06-07 * Added `--dev` to `dump-autoload` command to allow force-dumping dev autoload rules even if dev requirements are not present (#9946) * Fixed `--no-scripts` disabling events for plugins too instead of only disabling script handlers, using `--no-plugins` is the way to disable plugins (#9942) * Fixed handling of deletions during package installs on some filesystems (#9945, #9947) * Fixed undefined array access when using "@php <absolute path>" in a script handler (#9943) * Fixed usage of InstalledVersions when loaded from composer/composer installed as a dependency and runtime Composer is v1 (#9937) ---- **Version 2.1.1** - 2021-06-04 * Fixed regression in autoload generation when --no-scripts is used (#9935) * Fixed `outdated` color legend to have the right color in the right place (#9939) * Fixed PCRE bug causing a previously valid pattern to fail to match (#9941) * Fixed JsonFile::validateSchema regression when used as a library to validate custom schema files (#9938) ---- **Version 2.1.0** - 2021-06-03 * Fixed PHP 8.1 deprecation warning (#9932) * Fixed env var handling when variables_order includes E and symfony/console 3.3.15+ is in use (#9930) ---- **Version 2.1.0-RC1** - 2021-06-02 * Bumped `composer-runtime-api` and `composer-plugin-api` to `2.1.0` * UX Change: The default install method for packages is now always dist/zip, even for dev packages, added `--prefer- install=auto` if you want the old behavior (#9603) * UX Change: Packages from `path` repositories which are symlinked in the vendor dir will always be updated in partial updates to avoid mistakes when the original composer.json changes but the symlinked package is not explicitly updated (#9765) * Added `reinstall` command that takes one or more package names, including wildcard (`*`) support, and removes then reinstalls them in the exact same version they had (#9915) * Added support for parallel package installs on Windows via [7-Zip](https://www.7-zip.org/) if it is installed (#9875) * Added detection of invalid composer.lock files that do not fullfil the composer.json requirements to `validate` command (#9899) * Added `InstalledVersions::getInstalledPackagesByType(string $type)` to retrieve installed plugins for example, [read more](https://getcomposer.org/doc/07-runtime.md#knowing-which-packages-of-a- given-type-are-installed) (#9699) * Added `InstalledVersions::getInstalledPath(string $packageName)` to retrieve the install path of a given package, [read more](https://getcomposer.org/doc/07-runtime.md#knowing-the-path-in-which-a- package-is-installed) (#9699) * Added flag to `InstalledVersions::isInstalled()` to allow excluding dev requirements from that check (#9682) * Added support for PHP 8.1 enums in autoloader / classmap generation (#9670) * Added support for using `@php binary-name foo` in scripts to refer to a binary without using its full path, but forcing to use the same PHP version as Composer used (#9726) * Added `--format=json` support to the `fund` command (#9678) * Added `--format=json` support to the `search` command (#9747) * Added `COMPOSER_DEV_MODE` env var definition within the run-script command for compatibility (#9793) * Added async uninstall of packages (#9618) * Added color legend to `outdated` and `show --latest` commands (#9716) * Added `secure-svn-domains` config option to mark secure svn:// hostnames and suppress warnings without disabling secure-http (#9872) * Added `gitlab- protocol` config option to allow forcing `git` or `http` URLs for all gitlab repos loaded inline, instead of the default of git for private and http for public (#9401) * Added generation of autoload rules in `init` command (#9829) * Added source/dist validation in `validate` command * Added automatic detection of WSL when generating binaries and use `bin-compat:full` implicitly (#9855) * Added automatic detection of the --no-dev state for `dump-autoload` based on the last install run (#9714) * Added warning/prompt to `require` command if requiring a package that already exists in require-dev or vice versa (#9542) * Added information about package conflicts in the `why`/`why-not` commands (#9693) * Removed version argument from `why` command as it was not needed (#9729) * Fixed `why-not` command to always require a specific version as it is useless without (#9729) * Fixed cache dir on macOS to follow OS guidelines, it is now in ~/Library/Caches/composer (#9898) * Fixed composer.json JSON schema to avoid having name/description required by default (#9912) * Fixed support for running inside WSL paths from a Windows PHP/Composer (#9861) * Fixed InstalledVersions to include the original doc blocks when installed from a Composer phar file * Fixed `require` command to use `*` as constraint for extensions bundled with PHP instead of duplicating the PHP constraint (#9483) * Fixed `search` output to be aligned and avoid wrapped long lines to be more readable (#9455) * Error output improvements for many cases (#9876, #9837, #9928, and some smaller improvements) ---- **Version 2.0.14** - 2021-05-21 * Updated composer/xdebug-handler to 2.0 which adds supports for Xdebug 3 * Fixed handling of inline-update-constraints with references or stability flags (#9847) * Fixed async processes erroring in an unclear way when they failed to start (#9808) * Fixed support for the upcoming Symfony 6.0 release when Composer is installed as a library (#9896) * Fixed progress output missing newlines on PowerShell, and disable progress output by default when CI env var is present (#9621) * Fixed support for Vagrant/VirtualBox filesystem slowness when installing binaries from packages (#9627) * Fixed type annotations for the InstalledVersions class * Deprecated InstalledVersions::getRawData in favor of InstalledVersions::getAllRawData (#9816) ---- **RPM** specific changes: * disable partial XDG directory support * fix Composer\InstalledVersions RPM installation -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 10 2021 Remi Collet remi@remirepo.net - 2.1.3-1 - update to 2.1.3 * Mon Jun 7 2021 Remi Collet remi@remirepo.net - 2.1.2-1 - update to 2.1.2 * Mon Jun 7 2021 Remi Collet remi@remirepo.net - 2.1.1-2 - fix Composer\InstalledVersions RPM installation * Fri Jun 4 2021 Remi Collet remi@remirepo.net - 2.1.1-1 - update to 2.1.1 * Thu Jun 3 2021 Remi Collet remi@remirepo.net - 2.1.0-1 - update to 2.1.0 * Mon May 31 2021 Remi Collet remi@remirepo.net - 2.0.14-2 - disable XDG directories usage, see #1955455 * Sat May 22 2021 Remi Collet remi@remirepo.net - 2.0.14-1 - update to 2.0.14 - switch to composer/xdebug-handler v2 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1955455 - "global" directory added to path not correct https://bugzilla.redhat.com/show_bug.cgi?id=1955455 --------------------------------------------------------------------------------
================================================================================ container-selinux-2.162.2-2.fc33 (FEDORA-2021-0c53d8738d) SELinux policies for container runtimes -------------------------------------------------------------------------------- Update Information:
include podman-machine-cni in podman-plugins subpackage ---- autobuilt v3.2.0 ---- Autobuilt v3.2.0-rc3 ---- autobuilt v3.2.0-rc2 ---- bump to 0.20 -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 10 2021 Dan Walsh dwalsh@fedoraproject.org - 2:2.162.1-2 - Add lockdown.patch to remove lockdown access allow rules, since - selinux policy in f33 does not understand it yet. * Wed May 26 2021 RH Container Bot rhcontainerbot@fedoraproject.org - 2:2.162.2-1 - autobuilt v2.162.2 * Mon May 17 2021 Dan Walsh dwalsh@fedoraproject.org - 2:2.162.1-1 - Fix labels in users homedirs, before overlayfs is supported by default for non root users * Tue May 11 2021 RH Container Bot rhcontainerbot@fedoraproject.org - 2:2.162.0-1 - autobuilt v2.162.0 * Fri May 7 2021 RH Container Bot rhcontainerbot@fedoraproject.org - 2:2.161.1-1 - autobuilt v2.161.1 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1962008 - [podman][systemd] /usr/lib/systemd/system/cni-dhcp.service wrong executable https://bugzilla.redhat.com/show_bug.cgi?id=1962008 --------------------------------------------------------------------------------
================================================================================ containernetworking-plugins-1.0.0-0.2.rc1.fc33 (FEDORA-2021-0c53d8738d) Libraries for writing CNI plugin -------------------------------------------------------------------------------- Update Information:
include podman-machine-cni in podman-plugins subpackage ---- autobuilt v3.2.0 ---- Autobuilt v3.2.0-rc3 ---- autobuilt v3.2.0-rc2 ---- bump to 0.20 -------------------------------------------------------------------------------- ChangeLog:
* Mon Jun 7 2021 Lokesh Mandvekar lsm5@fedoraproject.org - 1.0.0-0.2.rc1 - Resolves: #1962008 - use correct plugin path in unitfile -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1962008 - [podman][systemd] /usr/lib/systemd/system/cni-dhcp.service wrong executable https://bugzilla.redhat.com/show_bug.cgi?id=1962008 --------------------------------------------------------------------------------
================================================================================ containers-common-1-17.fc33 (FEDORA-2021-0c53d8738d) Common configuration and documentation for containers -------------------------------------------------------------------------------- Update Information:
include podman-machine-cni in podman-plugins subpackage ---- autobuilt v3.2.0 ---- Autobuilt v3.2.0-rc3 ---- autobuilt v3.2.0-rc2 ---- bump to 0.20 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jun 9 2021 Lokesh Mandvekar lsm5@fedoraproject.org - 4:1-17 - use configs from latest upstream tags -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1962008 - [podman][systemd] /usr/lib/systemd/system/cni-dhcp.service wrong executable https://bugzilla.redhat.com/show_bug.cgi?id=1962008 --------------------------------------------------------------------------------
================================================================================ crun-0.20.1-1.fc33 (FEDORA-2021-0c53d8738d) OCI runtime written in C -------------------------------------------------------------------------------- Update Information:
include podman-machine-cni in podman-plugins subpackage ---- autobuilt v3.2.0 ---- Autobuilt v3.2.0-rc3 ---- autobuilt v3.2.0-rc2 ---- bump to 0.20 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jun 9 2021 Lokesh Mandvekar lsm5@fedoraproject.org - 0.20.1-1 - Fixes: https://github.com/containers/crun/issues/687 * Wed Jun 2 2021 Lokesh Mandvekar lsm5@fedoraproject.org - 0.20-1 - bump to 0.20 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1962008 - [podman][systemd] /usr/lib/systemd/system/cni-dhcp.service wrong executable https://bugzilla.redhat.com/show_bug.cgi?id=1962008 --------------------------------------------------------------------------------
================================================================================ dotnet5.0-5.0.204-1.fc33 (FEDORA-2021-4b3fc547fe) .NET Runtime and SDK -------------------------------------------------------------------------------- Update Information:
This is the .NET 5.0 update for June 2021. It includes a fix for CVE-2021-31957: ASP.NET Denial of Service Vulnerability -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 10 2021 Omair Majid omajid@redhat.com - 5.0.204-1 - Update to .NET SDK 5.0.204 and Runtime 5.0.7 --------------------------------------------------------------------------------
================================================================================ dracut-055-2.fc33 (FEDORA-2021-b02a75816e) Initramfs generator using udev -------------------------------------------------------------------------------- Update Information:
- version 055 - install the missing fsck utils - do not include bluetooth module by default (workaround #1964879) ---- - fix `get_maj_min` for kdump - suppress hardlink output - sane default --kerneldir for dracut-install - squash: don't mount the mount points if already mounted ---- fix `dracut-dev-lib.sh: line 92: str_replace: command not found` ---- * version 054 - https://github.com/dracutdevs/dracut/releases/tag/054 -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 10 2021 Adam Williamson awilliam@redhat.com - 055-2 - Never include bluetooth module by default (rhbz 1964879) (workaround) * Thu May 27 2021 Harald Hoyer harald@redhat.com - 055-1 - version 055 - install the missing fsck utils * Fri May 21 2021 Harald Hoyer harald@redhat.com - 054-12.git20210521 - fix `get_maj_min` for kdump - suppress hardlink output - sane default --kerneldir for dracut-install - squash: don't mount the mount points if already mounted * Tue May 18 2021 Harald Hoyer harald@redhat.com - 054-6.git20210518 - fix for `str_replace: command not found` * Mon May 17 2021 Harald Hoyer harald@redhat.com - 054-4.git20210517 - version 054 * Thu Apr 22 2021 Peter Robinson pbrobinson@fedoraproject.org - 053-5 - Backport: fix(90kernel-modules): add watchdog drivers for generic initrd (rhbz 1592148) * Mon Apr 19 2021 Dusty Mabe dusty@dustymabe.com - 053-4 - Backport: fix(dracut-logger.sh): double dash trigger unknown logger warnings during run - Backport: fix(network-manager): nm-run.service: don't kill forked processes - Backport: fix(network-manager): only run NetworkManager if rd.neednet=1 - Backport: fix(network-manager): use /run/NetworkManager/initrd/neednet in initqueue * Mon Apr 19 2021 Adam Williamson awilliam@redhat.com - 053-3 - Fix removal of key system files when kdump enabled (thanks kasong) (#1936781) * Thu Apr 8 2021 Adam Williamson awilliam@redhat.com - 053-2 - Backport upstream change reported to fix boot on some encrypted LVM setups (#1946074) * Tue Feb 23 2021 Harald Hoyer harald@redhat.com - 053-1 - version 053 * Tue Jan 26 2021 Fedora Release Engineering releng@fedoraproject.org - 051-1.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Tue Dec 15 2020 Harald Hoyer harald@redhat.com - 051-1 - version 051 --------------------------------------------------------------------------------
================================================================================ freeipa-healthcheck-0.9-1.fc33 (FEDORA-2021-e11f6115c7) Health check tool for FreeIPA -------------------------------------------------------------------------------- Update Information:
Update to upstream 0.9 * Add service dependencies to more checks so they are skipped if dependent services are not running * Filter out the pki healthcheck sources if IPA CA is not installed * Don't collect the CRLManager role if the CA is not configured * Drop or replace print statements which were polluting stdout/stderr with lines that should have been logged instead * Add service log files to those tracked by the FileCheck for owner/group/perms/mode * Check for mismatches in certificates between LDAP and the system * Fix the --debug option which was being reset internally back to WARN * Add check for KRA Agent to compare the certificate with LDAP, similar to RA Agent check * For human output display a message when no issues are found instead of an empty list [] * Check for a host certificate to avoid a false positive tracking * Add compatibility for python 3.10 -------------------------------------------------------------------------------- ChangeLog:
* Tue Jun 8 2021 Rob Crittenden rcritten@redhat.com - 0.9-1 - Update to upstream 0.9 --------------------------------------------------------------------------------
================================================================================ galera-26.4.8-1.fc33 (FEDORA-2021-6a9b3cf880) Synchronous multi-master wsrep provider (replication engine) -------------------------------------------------------------------------------- Update Information:
**Galera 26.4.8** -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 3 2021 Lukas Javorsky ljavorsk@redhat.com - 26.4.8-1 - Rebase to 26.4.8 * Tue Mar 2 2021 Zbigniew J��drzejewski-Szmek zbyszek@in.waw.pl - 26.4.7-2 - Rebuilt for updated systemd-rpm-macros See https://pagure.io/fesco/issue/2583. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1959484 - FTBFS: galera 26.4.8; galera-25.3.33 https://bugzilla.redhat.com/show_bug.cgi?id=1959484 --------------------------------------------------------------------------------
================================================================================ golang-github-containerd-fuse-overlayfs-snapshotter-1.0.2-3.fc33 (FEDORA-2021-6fbcd6dae1) Fuse-overlayfs plugin for rootless containerd -------------------------------------------------------------------------------- Update Information:
Initial package -------------------------------------------------------------------------------- ChangeLog:
--------------------------------------------------------------------------------
================================================================================ hplip-3.21.2-5.fc33 (FEDORA-2021-1ed70c53d6) HP Linux Imaging and Printing Project -------------------------------------------------------------------------------- Update Information:
track hplip-repack.sh as source, to have it in srpm ---- remove redundant files -------------------------------------------------------------------------------- ChangeLog:
* Wed Jun 9 2021 Zdenek Dohnal zdohnal@redhat.com - 3.21.2-5 - track hplip-repack.sh as source, to have it in srpm * Wed Jun 9 2021 Zdenek Dohnal zdohnal@redhat.com - 3.21.2-4 - remove redundant files * Fri Jun 4 2021 Python Maint python-maint@redhat.com - 3.21.2-3 - Rebuilt for Python 3.10 --------------------------------------------------------------------------------
================================================================================ iaito-5.2.2-2.fc33 (FEDORA-2021-c8951be320) GUI for radare2 reverse engineering framework -------------------------------------------------------------------------------- Update Information:
bump to radare2 5.3.0 fixes CVE-2021-32613 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jun 9 2021 Michal Ambroz <rebus _AT seznam.cz> - 5.2.2-2 - rebuild with radare2 5.3.0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1959940 - CVE-2021-32613 radare2: double free in pyc parse via creafted file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1959940 [ 2 ] Bug #1966400 - radare2-5.3.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1966400 --------------------------------------------------------------------------------
================================================================================ java-1.8.0-openjdk-1.8.0.292.b10-4.fc33 (FEDORA-2021-2dbede31eb) OpenJDK 8 Runtime Environment -------------------------------------------------------------------------------- Update Information:
FIPS Support for OpenJDK on Fedora ============================== This update allows OpenJDK to operate using a single FIPS security provider (PKCS11 using NSS) when the system is detected to be in FIPS mode. At present, this is when the FIPS crypto policy is enabled, but we intend to change this to query the NSS library in our next update. This change has been in RHEL 8 for some time and is now available to Fedora users as well. FIPS mode can be disabled for OpenJDK using the property `-Dcom.redhat.fips=false`. -------------------------------------------------------------------------------- ChangeLog:
* Mon Jun 7 2021 Andrew Hughes gnu.andrew@redhat.com - 1:1.8.0.302.b03-0.1.ea - Backport FIPS mode patch (RH1655466) to java-1.8.0-openjdk, simplifying provider removal. - nss.fips.cfg needs to be moved to %{etcjavadir} and symlinked into the JDK, like nss.cfg - SunPKCS11 runtime provider name is a concatenation of "SunPKCS11-" and the name in the config file. - Change nss.fips.cfg config name to "NSS-FIPS" to avoid confusion with nss.cfg. - Disable FIPS mode support unless com.redhat.fips is set to "true". - Add JDK-8195607/PR3776 to support NSS SQLite databases. - Enable alignment with FIPS crypto policy by default (-Dcom.redhat.fips=false to disable). - Move setup of JavaSecuritySystemConfiguratorAccess to Security class so it always occurs (RH1906862) - Add explicit runtime dependency on NSS for the PKCS11 provider in FIPS mode * Mon Jun 7 2021 Martin Balao mbalao@redhat.com - 1:1.8.0.302.b03-0.1.ea - Support the FIPS mode crypto policy on RHEL 8 (RH1655466) - Use appropriate keystore types when in FIPS mode (RH1760838) - Disable TLSv1.3 when using the NSS-FIPS provider (RH1860986) * Mon May 10 2021 Jiri Vanek jvanek@redhat.com - 1:1.8.0.292.b10-3 - removed cjc backward comaptiblity, to fix when both rpm 4.16 and 4.17 are in transaction * Mon May 3 2021 S��rgio Basto sergio@serjux.com - 1:1.8.0.292.b10-2 - Fix upgrade path after removal of accessibility subpackage. As main accessibility was requiring main package, main package now have to obsolete java-1.8.0-openjdk-accessibility-{release, slowdebug, fastdebug} < 1:1.8.0.292.b06 otherwise update fails --------------------------------------------------------------------------------
================================================================================ kernel-5.12.10-200.fc33 (FEDORA-2021-db2bb87f35) The Linux kernel -------------------------------------------------------------------------------- Update Information:
The 5.12.10 stable kernel update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 10 2021 Justin M. Forbes jforbes@fedoraproject.org [5.12.10-0] - Bluetooth: use correct lock to prevent UAF of hdev object (Lin Ma) - nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect (Krzysztof Kozlowski) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1966578 - CVE-2021-3573 kernel: use-after-free in function hci_sock_bound_ioctl() https://bugzilla.redhat.com/show_bug.cgi?id=1966578 [ 2 ] Bug #1968057 - CVE-2021-3587 kernel: nfc: Null pointer dereference in llcp_sock_getname https://bugzilla.redhat.com/show_bug.cgi?id=1968057 --------------------------------------------------------------------------------
================================================================================ kernel-tools-5.12.10-200.fc33 (FEDORA-2021-db2bb87f35) Assortment of tools for the Linux kernel -------------------------------------------------------------------------------- Update Information:
The 5.12.10 stable kernel update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 10 2021 Justin M. Forbes jforbes@fedoraproject.org - 5.12.10-200 - Linux v5.12.10 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1966578 - CVE-2021-3573 kernel: use-after-free in function hci_sock_bound_ioctl() https://bugzilla.redhat.com/show_bug.cgi?id=1966578 [ 2 ] Bug #1968057 - CVE-2021-3587 kernel: nfc: Null pointer dereference in llcp_sock_getname https://bugzilla.redhat.com/show_bug.cgi?id=1968057 --------------------------------------------------------------------------------
================================================================================ leptonica-1.81.0-1.fc33 (FEDORA-2021-a55c38199e) C library for efficient image processing and image analysis operations -------------------------------------------------------------------------------- Update Information:
Update to leptonica-1.81.0, see http://leptonica.org/source/version-notes.html for details. -------------------------------------------------------------------------------- ChangeLog:
* Mon Jun 7 2021 Sandro Mani manisandro@gmail.com - 1.81.0-1 - Update to 1.81.0 --------------------------------------------------------------------------------
================================================================================ libxcrypt-4.4.22-2.fc33 (FEDORA-2021-fed63bd217) Extended crypt library for descrypt, md5crypt, bcrypt, and others -------------------------------------------------------------------------------- Update Information:
###libxcrypt: - New upstream release. - Add a patch to fix o_size calculation for gensalt_yescrypt_rn. ###pam: - Add a patch to not use crypt_checksalt for password expiration. -------------------------------------------------------------------------------- ChangeLog:
* Sat Jun 5 2021 Bj��rn Esser besser82@fedoraproject.org - 4.4.22-2 - Add a patch to fix o_size calculation for gensalt_yescrypt_rn * Thu May 27 2021 Bj��rn Esser besser82@fedoraproject.org - 4.4.22-1 - New upstream release * Wed May 26 2021 Bj��rn Esser besser82@fedoraproject.org - 4.4.21-1 - New upstream release * Wed May 19 2021 Bj��rn Esser besser82@fedoraproject.org - 4.4.20-3 - Run test for glibc compatibility symbols - Run a build with all possible tests enabled -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1965149 - Live images built with libxcrypt 4.4.21 fail to reach login screen https://bugzilla.redhat.com/show_bug.cgi?id=1965149 [ 2 ] Bug #1965345 - out of root access on local system https://bugzilla.redhat.com/show_bug.cgi?id=1965345 [ 3 ] Bug #1967150 - pam_unix(crond:account): expired password for user wwwcron (root enforced) https://bugzilla.redhat.com/show_bug.cgi?id=1967150 --------------------------------------------------------------------------------
================================================================================ maui-mauikit-1.2.2-1.fc33 (FEDORA-2021-43a2db5a5d) Kit for developing Maui Apps -------------------------------------------------------------------------------- Update Information:
``` %changelog * Sun May 09 2021 Onuralp SEZER thunderbirdtr@fedoraproject.org - 1.2.2-1 - initial package ``` -------------------------------------------------------------------------------- ChangeLog:
--------------------------------------------------------------------------------
================================================================================ mdevctl-0.81-1.fc33 (FEDORA-2021-bfbcb2f265) Mediated device management and persistence utility -------------------------------------------------------------------------------- Update Information:
c077ee72b286 ("Automatic version commit for tag 0.81") -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 10 2021 Alex Williamson alex.williamson@redhat.com - 0.81-1 - c077ee72b286 ("Automatic version commit for tag 0.81") - 4aad72d7a921 ("Merge pull request #37 from fiuczy/fix-define-jsonfile") - e6cf620b4b04 ("Fix define from jsonfile") --------------------------------------------------------------------------------
================================================================================ mingw-leptonica-1.81.0-1.fc33 (FEDORA-2021-a55c38199e) MinGW Windows Leptonica library -------------------------------------------------------------------------------- Update Information:
Update to leptonica-1.81.0, see http://leptonica.org/source/version-notes.html for details. -------------------------------------------------------------------------------- ChangeLog:
* Mon Jun 7 2021 Sandro Mani manisandro@gmail.com - 1.81.0-1 - Update to 1.81.0 --------------------------------------------------------------------------------
================================================================================ mosquitto-1.6.15-1.fc33 (FEDORA-2021-2ab613b45b) Open Source MQTT v3.1/v3.1.1 Broker -------------------------------------------------------------------------------- Update Information:
Update to 1.6.15 Security If an authenticated client connected with MQTT v5 sent a crafted CONNECT message to the broker a memory leak would occur. Affects versions 1.6 to 2.0.10 inclusive. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 10 2021 Peter Robinson pbrobinson@fedoraproject.org - 1.6.15-1 - Update to 1.6.15 --------------------------------------------------------------------------------
================================================================================ nordugrid-arc-6.12.0-1.fc33 (FEDORA-2021-7e5056ffcc) Advanced Resource Connector Middleware -------------------------------------------------------------------------------- Update Information:
ARC 6.12 -------------------------------------------------------------------------------- ChangeLog:
* Mon Jun 7 2021 Mattias Ellert mattias.ellert@physics.uu.se - 6.12.0-1 - Update to version 6.12.0 * Fri Jun 4 2021 Python Maint python-maint@redhat.com - 6.11.0-2 - Rebuilt for Python 3.10 --------------------------------------------------------------------------------
================================================================================ pam-1.4.0-11.fc33 (FEDORA-2021-fed63bd217) An extensible library which provides authentication for applications -------------------------------------------------------------------------------- Update Information:
###libxcrypt: - New upstream release. - Add a patch to fix o_size calculation for gensalt_yescrypt_rn. ###pam: - Add a patch to not use crypt_checksalt for password expiration. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 10 2021 Bj��rn Esser besser82@fedoraproject.org - 1.4.0-11 - Add a patch to not use crypt_checksalt for password expiration Resolves: #1965345, #1967150 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1965149 - Live images built with libxcrypt 4.4.21 fail to reach login screen https://bugzilla.redhat.com/show_bug.cgi?id=1965149 [ 2 ] Bug #1965345 - out of root access on local system https://bugzilla.redhat.com/show_bug.cgi?id=1965345 [ 3 ] Bug #1967150 - pam_unix(crond:account): expired password for user wwwcron (root enforced) https://bugzilla.redhat.com/show_bug.cgi?id=1967150 --------------------------------------------------------------------------------
================================================================================ php-pecl-igbinary-3.2.3-1.fc33 (FEDORA-2021-e52594f6c5) Replacement for the standard PHP serializer -------------------------------------------------------------------------------- Update Information:
**Version 3.2.3** * Fix build for php 8.1 after changes to enum internals. * Update tests to suppress deprecations in php 8.1 and support run-tests.php changes in php 8.1 * Don't emit a notice when unserialize_callback_func causes igbinary_unserialize to throw, see PHP bug php#81118 -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 10 2021 Remi Collet remi@remirepo.net - 3.2.3-1 - update to 3.2.3 --------------------------------------------------------------------------------
================================================================================ podman-3.2.0-5.fc33 (FEDORA-2021-0c53d8738d) Manage Pods, Containers and Container Images -------------------------------------------------------------------------------- Update Information:
include podman-machine-cni in podman-plugins subpackage ---- autobuilt v3.2.0 ---- Autobuilt v3.2.0-rc3 ---- autobuilt v3.2.0-rc2 ---- bump to 0.20 -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 10 2021 Lokesh Mandvekar lsm5@fedoraproject.org - 3:3.2.0-5 - fix crun dependency issue * Wed Jun 9 2021 Lokesh Mandvekar lsm5@fedoraproject.org - 3:3.2.0-4 - use latest containers-common * Tue Jun 8 2021 Lokesh Mandvekar lsm5@fedoraproject.org - 3:3.2.0-3 - keep crun on 0.19.1-3 * Tue Jun 8 2021 Lokesh Mandvekar lsm5@fedoraproject.org - 3:3.2.0-2 - include podman-machine-cni in podman-plugins subpackage * Fri Jun 4 2021 RH Container Bot rhcontainerbot@fedoraproject.org - 3:3.2.0-1 - autobuilt v3.2.0 * Wed May 26 2021 RH Container Bot rhcontainerbot@fedoraproject.org - 3:3.2.0-0.2.rc3 - autobuilt v3.2.0-rc3 * Fri May 21 2021 RH Container Bot rhcontainerbot@fedoraproject.org - 3:3.2.0-0.1.rc2 - autobuilt v3.2.0-rc2 * Wed May 12 2021 Dusty Mabe dusty@dustymabe.com - 3:3.1.2-3 - Backport upstream bugfix: https://github.com/containers/podman/pull/10253 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1962008 - [podman][systemd] /usr/lib/systemd/system/cni-dhcp.service wrong executable https://bugzilla.redhat.com/show_bug.cgi?id=1962008 --------------------------------------------------------------------------------
================================================================================ python-fabric-2.6.0-1.fc33 (FEDORA-2021-22755a65c6) High level SSH command execution -------------------------------------------------------------------------------- Update Information:
First package for Fedora. ���� -------------------------------------------------------------------------------- ChangeLog:
-------------------------------------------------------------------------------- References:
[ 1 ] Bug #1967774 - Review Request: python-fabric - High level SSH command execution https://bugzilla.redhat.com/show_bug.cgi?id=1967774 --------------------------------------------------------------------------------
================================================================================ radare2-5.3.0-1.fc33 (FEDORA-2021-c8951be320) The reverse engineering framework -------------------------------------------------------------------------------- Update Information:
bump to radare2 5.3.0 fixes CVE-2021-32613 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jun 9 2021 Michal Ambroz <rebus at, seznam.cz> 5.3.0-1 - re-enable build for s390x on EPEL8 (libuv should be available for 8.4) - bump to 5.3.0 - remove radare2-5.2.1-meson_rhel8.patch - accepted upstream - remove radare2-5.2.1-xxhash.patch - accepted upstream * Sat May 15 2021 Michal Ambroz <rebus at, seznam.cz> 5.2.1-3 - adding the global plugins directory - for example /usr/lib64/radare2/5.2.1 * Tue May 11 2021 Michal Ambroz <rebus at, seznam.cz> 5.2.1-2 - patch for older version of meson used on EPEL8 - use pkgconfig where possible for BR - use ldconfig_scriptlets only on older platforms - add ExcludeArch for s390x on EPEL8 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1959940 - CVE-2021-32613 radare2: double free in pyc parse via creafted file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1959940 [ 2 ] Bug #1966400 - radare2-5.3.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1966400 --------------------------------------------------------------------------------
================================================================================ udftools-2.3-1.fc33 (FEDORA-2021-5e17ced5f6) Linux UDF Filesystem userspace utilities -------------------------------------------------------------------------------- Update Information:
Update udftools to 2.3. -------------------------------------------------------------------------------- ChangeLog:
* Wed Jun 9 2021 Jiri Kucera jkucera@redhat.com - 2.3-1 - Update to 2.3 * Wed Jan 27 2021 Fedora Release Engineering releng@fedoraproject.org - 2.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ urw-base35-fonts-20200910-5.fc33 (FEDORA-2021-55f367f8e9) Core Font Set containing 35 freely distributable fonts from (URW)++ -------------------------------------------------------------------------------- Update Information:
Remove definition of D050000L font as fantasy in D050000L.conf file (#1909382) -------------------------------------------------------------------------------- ChangeLog:
* Wed Jun 9 2021 Richard Lescak rlescak@redhat.com 20200910-5 - Remove definition of D050000L font as fantasy in D050000L.conf file (#1909382) * Wed Mar 10 2021 Peter Hutterer peter.hutterer@redhat.com 20200910-4 - Require mkfontscale and mkfontdir directly (#1937125) * Wed Jan 27 2021 Fedora Release Engineering releng@fedoraproject.org - 20200910-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1909382 - Fantasy family font is overwritten by symbolic font https://bugzilla.redhat.com/show_bug.cgi?id=1909382 --------------------------------------------------------------------------------
================================================================================ wireshark-3.4.6-1.fc33 (FEDORA-2021-6b166ab605) Network traffic analyzer -------------------------------------------------------------------------------- Update Information:
New version 3.4.6 -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 10 2021 Michal Ruprich mruprich@redhat.com - 1:3.4.6-1 - New version 3.4.6 - Fix for CVE-2021-22207 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1967315 - wireshark-3.4.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1967315 --------------------------------------------------------------------------------
================================================================================ youtube-dl-2021.06.06-1.fc33 (FEDORA-2021-419c1c8664) A small command-line program to download online videos -------------------------------------------------------------------------------- Update Information:
Update to version 2021.06.06 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jun 9 2021 David Schw��rer davidsch@fedoraproject.org - 2021.06.06-1 - Update to 2021.06.06 * Fri Jun 4 2021 Python Maint python-maint@redhat.com - 2021.05.16-2 - Rebuilt for Python 3.10 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1968159 - youtube-dl-2021.06.06 is available https://bugzilla.redhat.com/show_bug.cgi?id=1968159 --------------------------------------------------------------------------------