The following Fedora 33 Security updates need testing:
Age URL
27
https://bodhi.fedoraproject.org/updates/FEDORA-2021-c3d587d52c shim-15.4-1
8
https://bodhi.fedoraproject.org/updates/FEDORA-2021-be94728b95
exiv2-0.27.3-6.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-77191478ad
python-markdown2-2.4.0-1.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-96a5dabcfa
mingw-exiv2-0.27.3-5.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-6af32bfcd2
mingw-OpenEXR-2.4.1-4.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-89b7823e8c
libopenmpt-0.4.20-1.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-47f23870ec bind-9.11.31-1.fc33
bind-dyndb-ldap-11.3-7.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-7b698513d5
cups-2.3.3op2-5.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-a309986711
sympa-6.2.62-1.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-a499f89369 babel-2.8.1-2.fc33
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-ecf4fed550
php-phpmailer6-6.4.1-1.fc33
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-8015a8cdc4 dom4j-2.0.3-1.fc33
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-35d2bb4627
chromium-90.0.4430.93-1.fc33
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-da76643229
hivex-1.3.20-1.fc33
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-b8b7829a83
community-mysql-8.0.24-1.fc33
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-6f34b7c382 php-7.4.19-1.fc33
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-d4c1c98a58
djvulibre-3.5.27-27.fc33
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-8f13872334
thunderbird-78.10.1-1.fc33
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-8b19c99d6a
redis-6.0.13-1.fc33
The following Fedora 33 Critical Path updates have yet to be approved:
Age URL
46
https://bodhi.fedoraproject.org/updates/FEDORA-2021-2961f34ccb
PackageKit-1.2.3-1.fc33
22
https://bodhi.fedoraproject.org/updates/FEDORA-2021-0fcde60f54
xdg-desktop-portal-1.8.1-2.fc33
11
https://bodhi.fedoraproject.org/updates/FEDORA-2021-56ab6d4bcc
osinfo-db-20210426-1.fc33
11
https://bodhi.fedoraproject.org/updates/FEDORA-2021-6761b1adac
shadow-utils-4.8.1-6.fc33
11
https://bodhi.fedoraproject.org/updates/FEDORA-2021-988350dcad
poppler-0.90.0-7.fc33
10
https://bodhi.fedoraproject.org/updates/FEDORA-2021-353ac32f40
xdg-utils-1.1.3-9.fc33
10
https://bodhi.fedoraproject.org/updates/FEDORA-2021-610deea5b8
pipewire-0.3.26-2.fc33
9
https://bodhi.fedoraproject.org/updates/FEDORA-2021-ea13091639
gnome-software-3.38.2-2.fc33
9
https://bodhi.fedoraproject.org/updates/FEDORA-2021-050d4e8def
selinux-policy-3.14.6-37.fc33
8
https://bodhi.fedoraproject.org/updates/FEDORA-2021-d6696fafa9
qt5-qtwayland-5.15.2-6.fc33
8
https://bodhi.fedoraproject.org/updates/FEDORA-2021-be94728b95
exiv2-0.27.3-6.fc33
8
https://bodhi.fedoraproject.org/updates/FEDORA-2021-9af76fe9fa pungi-4.2.9-1.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-44402e3dcf
libglvnd-1.3.3-1.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-44e5c07612 git-2.31.1-3.fc33
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-da76643229
hivex-1.3.20-1.fc33
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-0387e0bd44
ethtool-5.12-1.fc33
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-070d07ecbd
libxcrypt-4.4.20-2.fc33
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-8f13872334
thunderbird-78.10.1-1.fc33
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-04e178963a
libmodulemd-2.12.1-1.fc33
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-2a2982adb3
hwdata-0.347-1.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-13d768bd1a
firefox-88.0-8.fc33
The following builds have been pushed to Fedora 33 updates-testing
R-vcd-1.4.8-1.fc33
containernetworking-plugins-1.0.0-0.1.rc1.fc33
crun-0.19.1-1.fc33
egl-wayland-1.1.6-3.fc33
epson-inkjet-printer-escpr-1.7.10-1.1lsb3.2.fc33
fcitx5-5.0.8-2.fc33
gnome-terminal-3.38.3-1.fc33
golang-github-mattn-gtk-0-0.2.20200729gitaf2e013.fc33
icewm-2.3.4-1.fc33
jose-11-1.fc33
knot-resolver-5.3.2-1.fc33
octomap-1.9.7-1.fc33
polyml-5.8.2-1.fc33
python-aiohttp-socks-0.6.0-1.fc33
python-impacket-0.9.22-3.fc33
python-poyo-0.5.0-4.fc33
python-requre-0.8.0-1.fc33
xfce4-settings-4.14.4-1.fc33
xorg-x11-drv-nouveau-1.0.17-1.fc33
Details about builds:
================================================================================
R-vcd-1.4.8-1.fc33 (FEDORA-2021-a91186b5a7)
Visualizing categorical data
--------------------------------------------------------------------------------
Update Information:
New package
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1956051 - Review Request: R-vcd - Visualizing categorical data
https://bugzilla.redhat.com/show_bug.cgi?id=1956051
--------------------------------------------------------------------------------
================================================================================
containernetworking-plugins-1.0.0-0.1.rc1.fc33 (FEDORA-2021-55e39f3071)
Libraries for writing CNI plugin
--------------------------------------------------------------------------------
Update Information:
Autobuilt v1.0.0-rc1
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 7 2021 RH Container Bot <rhcontainerbot(a)fedoraproject.org> -
1.0.0-0.1.rc1
- autobuilt v1.0.0-rc1
--------------------------------------------------------------------------------
================================================================================
crun-0.19.1-1.fc33 (FEDORA-2021-9b33c0f48e)
OCI runtime written in C
--------------------------------------------------------------------------------
Update Information:
Autobuilt 0.19.1
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 22 2021 Giuseppe Scrivano <gscrivan(a)redhat.com> - 0.19.1-1
- built version 0.19.1
* Tue Apr 13 2021 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 0.19-2
- unversioned Provides: oci-runtime
- runc package will also provide an unversioned Provides: oci-runtime.
- user should pull in runc separately or else it will install crun by default
(alphabetical order)
- similar situation as caddy, httpd, lighttpd and nginx having Provides:
webserver
--------------------------------------------------------------------------------
================================================================================
egl-wayland-1.1.6-3.fc33 (FEDORA-2021-dfc01397a0)
Wayland EGL External Platform library
--------------------------------------------------------------------------------
Update Information:
- Update
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 7 2021 Olivier Fourdan <ofourdan(a)redhat.com> - 1.1.6-3
- Fix EGL stream closing causing a crash in Xwayland with EGLstream
(#1943936, #1949415)
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.1.6-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
epson-inkjet-printer-escpr-1.7.10-1.1lsb3.2.fc33 (FEDORA-2021-320ba070b6)
Drivers for Epson inkjet printers
--------------------------------------------------------------------------------
Update Information:
Update to 1.7.10.
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 6 2021 Susi Lehtola <jussilehtola(a)fedoraproject.org> -
1:1.7.10-1.1lsb3.2
- Update to 1.7.10.
--------------------------------------------------------------------------------
================================================================================
fcitx5-5.0.8-2.fc33 (FEDORA-2021-a07ff439aa)
Next generation of fcitx
--------------------------------------------------------------------------------
Update Information:
workaround a flatpak problem reported by some users
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 7 2021 Qiyu Yan <yanqiyu(a)fedoraproject.org> - 5.0.8-2
- Workaround a flatpak problem
* Wed May 5 2021 Qiyu Yan <yanqiyu(a)fedoraproject.org> - 5.0.8-1
- Update to 5.0.8 upstream release
--------------------------------------------------------------------------------
================================================================================
gnome-terminal-3.38.3-1.fc33 (FEDORA-2021-2a26a789e4)
Terminal emulator for GNOME
--------------------------------------------------------------------------------
Update Information:
* Update to 3.38.3
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 7 2021 Debarshi Ray <rishi(a)fedoraproject.org> - 3.38.3-1
- Update to 3.38.3
- Rebase the translations
- Backport yet-to-be-released patches from upstream to avoid translation
conflicts
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1884977 - "Open in Terminal" -> new window loses a lot of
environment variables, including $HOME
https://bugzilla.redhat.com/show_bug.cgi?id=1884977
--------------------------------------------------------------------------------
================================================================================
golang-github-mattn-gtk-0-0.2.20200729gitaf2e013.fc33 (FEDORA-2021-e365e6cb85)
Go binding for GTK
--------------------------------------------------------------------------------
Update Information:
Fix dependency on glib2
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
icewm-2.3.4-1.fc33 (FEDORA-2021-290135b33b)
Window manager designed for speed, usability, and consistency
--------------------------------------------------------------------------------
Update Information:
Update to 2.3.4
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 7 2021 Artem Polishchuk <ego.cordatus(a)gmail.com> - 2.3.4-1
- build(update): 2.3.4
* Fri May 7 2021 Artem Polishchuk <ego.cordatus(a)gmail.com> - 2.3.3-2
- build: Drop all custom stuff except default Fedora theme
- build: Drop 'fonts-settings' sub-package
--------------------------------------------------------------------------------
================================================================================
jose-11-1.fc33 (FEDORA-2021-1843061abf)
Tools for JSON Object Signing and Encryption (JOSE)
--------------------------------------------------------------------------------
Update Information:
Update to new jose upstream release, v11.
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 7 2021 Sergio Correia <scorreia(a)redhat.com> - 11-1
- Update to new jose upstream release, v11.
--------------------------------------------------------------------------------
================================================================================
knot-resolver-5.3.2-1.fc33 (FEDORA-2021-47be3c546f)
Caching full DNS Resolver
--------------------------------------------------------------------------------
Update Information:
new upstream release 5.3.2
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 7 2021 Jakub Ru��i��ka <jakub.ruzicka(a)nic.cz> - 5.3.2-1
- update to upstream version 5.3.2
--------------------------------------------------------------------------------
================================================================================
octomap-1.9.7-1.fc33 (FEDORA-2021-07e483c87d)
Efficient Probabilistic 3D Mapping Framework Based on Octrees
--------------------------------------------------------------------------------
Update Information:
Update to release 1.9.7 (rhbz#1956597)
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 6 2021 Rich Mattes <richmattes(a)gmail.com> - 1.9.7-1
- Update to release 1.9.7 (rhbz#1956597)
* Mon Feb 22 2021 Rich Mattes <richmattes(a)gmail.com> - 1.9.6-1
- Update to release 1.9.6 (rhbz#1919615)
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.9.5-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1956597 - octomap-1.9.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1956597
--------------------------------------------------------------------------------
================================================================================
polyml-5.8.2-1.fc33 (FEDORA-2021-b1f89e4c3d)
Poly/ML compiler and runtime system
--------------------------------------------------------------------------------
Update Information:
See
https://github.com/polyml/polyml/releases for a list of changes in version
5.8.2.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 5 2021 Jerry James <loganjerry(a)gmail.com> - 5.8.2-1
- Version 5.8.2
- Add uptream patches 1-3 from the fixes-5.8.2 branch
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 5.8.1-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-aiohttp-socks-0.6.0-1.fc33 (FEDORA-2021-5c8c7276e3)
SOCKS proxy connector for aiohttp
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream version
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 28 2021 Ankur Sinha <ankursinha AT fedoraproject DOT org> - 0.6.0-1
- Update to 0.6.0
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.5.3-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1933648 - python-aiohttp-socks-0.6.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1933648
--------------------------------------------------------------------------------
================================================================================
python-impacket-0.9.22-3.fc33 (FEDORA-2021-888ccfd5b6)
Collection of Python classes providing access to network packets
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2021-31800 - #1957428, #1957427 - fix path traversal in
smbserver.py ---- Updated to new upstream release 0.9.22
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 7 2021 Michal Ambroz <rebus _AT seznam.cz> - 0.9.22-3
- fix CVE-2021-31800 - #1957428, #1957427 during 0.9.22 lifecycle
* Sun May 2 2021 Michal Ambroz <rebus _AT seznam.cz> - 0.9.22-2
- fix dependencies for EPEL7 as of #1893859
* Wed Apr 14 2021 Michal Ambroz <rebus _AT seznam.cz> - 0.9.22-1
- Updated to new upstream release 0.9.22
- modernize specfile with bconds
- upstream patch for python39 compatibility (needed for FC34+)
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.9.21-8
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1957426 - CVE-2021-31800 python-impacket: Multiple path traversal
vulnerabilities in smbserver.py
https://bugzilla.redhat.com/show_bug.cgi?id=1957426
--------------------------------------------------------------------------------
================================================================================
python-poyo-0.5.0-4.fc33 (FEDORA-2021-ae7ca01e2c)
A lightweight YAML Parser for Python
--------------------------------------------------------------------------------
Update Information:
fixing missing depency
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 7 2021 Chedi Toueiti <chedi.toueiti(a)gmail.com> - 0.5.0-3
- Added missing dependency
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.5.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-requre-0.8.0-1.fc33 (FEDORA-2021-8a90ba3209)
Python library what allows re/store output of various objects for testing
--------------------------------------------------------------------------------
Update Information:
New upstream release: 0.8.0
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 7 2021 Packit Service <user-cont-team+packit-service(a)redhat.com> -
0.8.0-1
- New decorators for handling temporary files (MkTemp) and directories (MkDTemp) in a more
transparent way.
- The old implementation based on static paths and counter has been deprecated.
* Fri Apr 30 2021 Hunor Csomort��ni <csomh(a)redhat.com> - 0.7.1-1
- Fix a performance issue when detecting cassettes following the old naming format.
--------------------------------------------------------------------------------
================================================================================
xfce4-settings-4.14.4-1.fc33 (FEDORA-2021-0e0f47f6ca)
Settings Manager for Xfce
--------------------------------------------------------------------------------
Update Information:
- Update to 4.14.4
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 6 2021 Mukundan Ragavan <nonamedotc(a)fedoraproject.org> - 4.14.4-1
- Update to 4.14.4
--------------------------------------------------------------------------------
================================================================================
xorg-x11-drv-nouveau-1.0.17-1.fc33 (FEDORA-2021-ac643a7ce9)
Xorg X11 nouveau video driver for NVIDIA graphics chipsets
--------------------------------------------------------------------------------
Update Information:
Update to 1.0.17, fix build
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 6 2021 Lyude Paul <lyude(a)redhat.com> - 1:1.0.17-1
- Update to 1.0.17
- Add patch to workaround build error until 1.0.18 release
* Thu Jan 28 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
1:1.0.15-12
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Thu Nov 5 2020 Peter Hutterer <peter.hutterer(a)redhat.com> - 1:1.0.15-11
- Add BuildRequires for make
--------------------------------------------------------------------------------