The following Fedora 34 Security updates need testing:
Age URL
5
https://bodhi.fedoraproject.org/updates/FEDORA-2021-8523af7a88
fossil-2.14.2-1.fc34
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-25c0011e78
golang-1.16.6-1.fc34
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-69de7c7ca4
aspell-0.60.8-7.fc34
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-36cdab1f8d
ruby-3.0.2-149.fc34
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-6cf271948a
php-pear-1.10.12-9.fc34
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-10d54c261f redis-6.2.5-1.fc34
The following Fedora 34 Critical Path updates have yet to be approved:
Age URL
107
https://bodhi.fedoraproject.org/updates/FEDORA-2021-1300e131b6 ddpt-0.96-4.fc34
ledmon-0.95-4.fc34 libgpod-0.8.3-38.fc34 libzfcphbaapi-2.2.0-12.fc34 lsvpd-1.7.11-6.fc34
sg3_utils-1.46-1.fc34 udisks-1.0.5-18.fc34
8
https://bodhi.fedoraproject.org/updates/FEDORA-2021-59eb8f096e
rdma-core-36.0-1.fc34
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-71bdebb69f
net-snmp-5.9.1-3.fc34
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-a3bc99fffc
mtools-4.0.33-1.fc34
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-d7077131a7
kde-settings-34.7-2.fc34
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-bc56cf7c1f
libidn2-2.3.2-1.fc34
The following builds have been pushed to Fedora 34 updates-testing
buildah-1.21.4-4.fc34
composer-2.1.5-1.fc34
cppcheck-2.5-2.fc34
diffuse-0.6.0-1.fc34
dmlite-1.15.0-6.fc34
dnsmasq-2.85-3.fc34
electrum-4.1.5-1.fc34
goverlay-0.6-1.fc34
igt-gpu-tools-1.26-1.20210723git34ff2cf.fc34
imaptest-20210319-1.fc34
java-1.8.0-openjdk-1.8.0.302.b08-0.fc34
java-11-openjdk-11.0.12.0.7-0.fc34
lynis-3.0.6-1.fc34
matrix-synapse-1.38.1-1.fc34
mozilla-noscript-11.2.10-1.fc34
mrxvt-0.5.3-31.fc34
nsdiff-1.82-1.fc34
osbuild-30-1.fc34
pioneer-20210723-1.fc34
psi-plus-1.5.1550-1.fc34
pyproject-rpm-macros-0-46.fc34
python-aexpect-1.6.2-1.fc34
python-dictdiffer-0.9.0-1.fc34
seamonkey-2.53.8.1-1.fc34
systemd-248.6-1.fc34
webkit2gtk3-2.32.3-1.fc34
Details about builds:
================================================================================
buildah-1.21.4-4.fc34 (FEDORA-2021-440e34200c)
A command line tool used for creating OCI Images
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2021-3602
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 23 2021 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 1.21.4-4
- ensure consistent version-release and changelog
* Fri Jul 23 2021 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 1.21.4-1
- bump to v1.21.4
- fix gating test issues
* Thu Jul 22 2021 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 1.21.3-3
- try fix for copy-release
* Thu Jul 22 2021 Eduardo Santiago <santiago(a)redhat.com> - 1.21.3-2
- Try to deal with new buildah-copy-helper nightmare
* Fri Jul 16 2021 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 1.21.3-1
- Resolves: #1969264, #1982880 - Security fix for CVE-2021-3602
- bump to v1.21.3
* Wed Jun 30 2021 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 1.21.2-1
- bump to v1.21.2
* Tue Jun 8 2021 RH Container Bot <rhcontainerbot(a)fedoraproject.org> - 1.21.1-1
- autobuilt v1.21.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1969264 - CVE-2021-3602 buildah: Host environment variables leaked in build
container when using chroot isolation
https://bugzilla.redhat.com/show_bug.cgi?id=1969264
--------------------------------------------------------------------------------
================================================================================
composer-2.1.5-1.fc34 (FEDORA-2021-a91a776e09)
Dependency Manager for PHP
--------------------------------------------------------------------------------
Update Information:
**Version 2.1.5** - 2021-07-23 * Fixed `create-project` creating a `php:`
directory in the directory it was executed in (#10020, #10021) * Fixed curl
downloader to respect default_socket_timeout if it is bigger than our default
300s (#10018) ---- **Version 2.1.4** - 2021-07-22 * Fixed PHP 8.1
deprecation warnings (#10008) * Fixed support for working within UNC/WSL paths
on Windows (#9993) * Fixed 7-zip support to also be looked up on Linux/macOS
as 7z or 7zz (#9951) * Fixed repositories' `only`/`exclude` properties to
avoid matching names as sub-strings of full package names (#10001) * Fixed
open_basedir regression from #9855 * Fixed schema errors being reported
incorrectly in some conditions (#9986) * Fixed `archive` command not working
with async archive extraction * Fixed `init` command being able to generate an
invalid composer.json (#9986)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 23 2021 Remi Collet <remi(a)remirepo.net> - 2.1.5-1
- update to 2.1.5
* Thu Jul 22 2021 Remi Collet <remi(a)remirepo.net> - 2.1.4-1
- update to 2.1.4
- raise dependency on justinrainbow/json-schema 5.2.11
--------------------------------------------------------------------------------
================================================================================
cppcheck-2.5-2.fc34 (FEDORA-2021-ad8d7727fb)
Tool for static C/C++ code analysis
--------------------------------------------------------------------------------
Update Information:
Fix Failed to load translation for English (#1983599)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 23 2021 Wolfgang St��ggl <c72578(a)yahoo.de> - 2.5-2
- Fix Failed to load translation for English (#1983599)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1983599 - cppcheck-gui: error dialog during installation: Failed to load
translation for language English
https://bugzilla.redhat.com/show_bug.cgi?id=1983599
--------------------------------------------------------------------------------
================================================================================
diffuse-0.6.0-1.fc34 (FEDORA-2021-6eee2fb37b)
Graphical tool for merging and comparing text files
--------------------------------------------------------------------------------
Update Information:
Packaging of this application is now up to par for inclusion in the default
repos. Upon successfully importing the package, the COPR repository for test
builds will become defunct.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
dmlite-1.15.0-6.fc34 (FEDORA-2021-efc6d373b4)
Lcgdm grid data management and storage framework
--------------------------------------------------------------------------------
Update Information:
Minor bugfixes for 1.15.0 release.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 23 2021 Petr Vokac <petr.vokac(a)cern.ch> - 1.15.0-6
- Minor bugfixes
- Puppet modules version updated
* Wed Jul 21 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.15.0-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
dnsmasq-2.85-3.fc34 (FEDORA-2021-6ca42042d1)
A lightweight DHCP/caching DNS server
--------------------------------------------------------------------------------
Update Information:
Just minor issues update: - improve configuration hints for listening on public
facing interface - Reset hostname on libvirt network if another host has
requests the same hostname immediately
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 22 2021 Petr Men����k <pemensik(a)redhat.com> - 2.85-3
- Start before nss-lookup.target, hint modification to listen on IP (#1984618)
* Thu Jul 22 2021 Petr Men����k <pemensik(a)redhat.com> - 2.85-2
- Update lease if hostname is assigned to a new lease (#1978718)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1978718 - The hostname in one of the lease will disappear after libvirtd
restart
https://bugzilla.redhat.com/show_bug.cgi?id=1978718
[ 2 ] Bug #1984618 - dnsmasq fails to start
https://bugzilla.redhat.com/show_bug.cgi?id=1984618
--------------------------------------------------------------------------------
================================================================================
electrum-4.1.5-1.fc34 (FEDORA-2021-286382bea2)
A lightweight Bitcoin Client
--------------------------------------------------------------------------------
Update Information:
Update to version 4.1.5 ---- Relax dependencies to allow usage of the Fedora
versions of qdarkstyle and dnspython
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 23 2021 Henrik Nordstrom <henrik(a)henriknordstrom.net> - 4.1.5-1
- Updated to version 4.1.5
* Wed Jul 21 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.1.4-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1985368 - unable to update electrum
https://bugzilla.redhat.com/show_bug.cgi?id=1985368
--------------------------------------------------------------------------------
================================================================================
goverlay-0.6-1.fc34 (FEDORA-2021-565b84131b)
Project that aims to create a Graphical UI to help manage Linux overlays
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 23 2021 Artem Polishchuk <ego.cordatus(a)gmail.com> - 0.6-1
- build(update): 0.6
* Thu Jul 22 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.5.1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
igt-gpu-tools-1.26-1.20210723git34ff2cf.fc34 (FEDORA-2021-9693dd5175)
Test suite and tools for DRM drivers
--------------------------------------------------------------------------------
Update Information:
New git snapshot: 34ff2cf2bc352dce691593db803389fe0eb2be03
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 23 2021 Lyude Paul <lyude(a)redhat.com> - 1.26-1.20210723git34ff2cf
- New git snapshot
* Thu Jul 15 2021 Lyude Paul <lyude(a)redhat.com> - 1.26-1.20210715gita91b795
- New git snapshot
* Sat Jul 10 2021 Bj��rn Esser <besser82(a)fedoraproject.org> -
1.26-2.20210705gitb24e594
- Rebuild for versioned symbols in json-c
--------------------------------------------------------------------------------
================================================================================
imaptest-20210319-1.fc34 (FEDORA-2021-b1b18214a7)
Generic IMAP server compliancy tester
--------------------------------------------------------------------------------
Update Information:
ImapTest 20210319 ================= * profile: Adjust to settings-parser API
changes
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 23 2021 Robert Scheck <robert(a)fedoraproject.org> 20210319-1
- Upgrade to 20210319 (#1940745)
* Thu Jul 22 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
20210305-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
java-1.8.0-openjdk-1.8.0.302.b08-0.fc34 (FEDORA-2021-d20d6712bc)
OpenJDK 8 Runtime Environment
--------------------------------------------------------------------------------
Update Information:
# New in release OpenJDK 8u302 (2021-07-20) Live versions of these release
notes can be found at: *
https://bitly.com/openjdk8u302 *
https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u302.txt ##
Security fixes * JDK-8256157: Improve bytecode assembly * JDK-8256491: Better
HTTP transport * JDK-8258432, CVE-2021-2341: Improve file transfers *
JDK-8260453: Improve Font Bounding - JDK-8260960: Signs of jarsigner signing
- JDK-8260967, CVE-2021-2369: Better jar file validation - JDK-8262380:
Enhance XML processing passes - JDK-8262403: Enhanced data transfer -
JDK-8262410: Enhanced rules for zones - JDK-8262477: Enhance String
Conclusions - JDK-8262967: Improve Zip file support - JDK-8264066,
CVE-2021-2388: Enhance compiler validation - JDK-8264079: Improve abstractions
- JDK-8264460: Improve NTLM support ## Major changes * Removed Root
Certificates with 1024-bit Keys * Removed Telia Company's Sonera Class2 CA
certificate * Improve Encoding of TLS Application-Layer Protocol Negotiation
(ALPN) Values * Support for certificate_authorities Extension in TLS
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 16 2021 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:1.8.0.302.b08-0
- Update to aarch64-shenandoah-jdk8u302-b08 (EA)
- Update release notes for 8u302-b08.
- Switch to GA mode for final release.
* Thu Jul 8 2021 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:1.8.0.302.b07-0.0.ea
- Update to aarch64-shenandoah-jdk8u302-b07 (EA)
- Update release notes for 8u302-b07.
- Switch to EA mode.
- Use the "reverse" build loop (debug first) as the main and only build loop to
get more diagnostics.
--------------------------------------------------------------------------------
================================================================================
java-11-openjdk-11.0.12.0.7-0.fc34 (FEDORA-2021-4581ccb97d)
OpenJDK 11 Runtime Environment
--------------------------------------------------------------------------------
Update Information:
# New in release OpenJDK 11.0.12 (2021-07-20): Live versions of these release
notes can be found at: *
https://bitly.com/openjdk11012 *
https://builds.shipilev.net/backports-monitor/release-notes-11.0.12.txt ##
Security fixes - JDK-8256157: Improve bytecode assembly - JDK-8256491:
Better HTTP transport - JDK-8258432, CVE-2021-2341: Improve file transfers -
JDK-8260453: Improve Font Bounding - JDK-8260960: Signs of jarsigner signing
- JDK-8260967, CVE-2021-2369: Better jar file validation - JDK-8262380:
Enhance XML processing passes - JDK-8262403: Enhanced data transfer -
JDK-8262410: Enhanced rules for zones - JDK-8262477: Enhance String
Conclusions - JDK-8262967: Improve Zip file support - JDK-8264066,
CVE-2021-2388: Enhance compiler validation - JDK-8264079: Improve abstractions
- JDK-8264460: Improve NTLM support ## Major changes * Customizing PKCS12
keystore Generation * Removed Root Certificates with 1024-bit Keys * Removed
Telia Company's Sonera Class2 CA certificate * Upgraded the Default PKCS12
Encryption and MAC Algorithms * Improve Encoding of TLS Application-Layer
Protocol Negotiation (ALPN) Values * Support for certificate_authorities
Extension
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 13 2021 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:11.0.12.0.7-0
- Update to jdk-11.0.12.0+7
- Update release notes to 11.0.12.0+7
- Switch to GA mode for final release.
* Thu Jul 8 2021 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:11.0.12.0.6-0.0.ea
- Update to jdk-11.0.12.0+6
- Update release notes to 11.0.12.0+6
- Correct bug ID JDK-8264846 to intended ID of JDK-8264848
- Switch to EA mode for 11.0.12 pre-release builds.
- Update ECC patch following JDK-8226374 (bug ID yet to be confirmed)
- Use the "reverse" build loop (debug first) as the main and only build loop to
get more diagnostics.
- Remove restriction on disabling product build, as debug packages no longer have javadoc
packages.
--------------------------------------------------------------------------------
================================================================================
lynis-3.0.6-1.fc34 (FEDORA-2021-b259913369)
Security and system auditing tool
--------------------------------------------------------------------------------
Update Information:
3.0.6
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 23 2021 Gwyn Ciesla <gwync(a)protonmail.com> - 3.0.6-1
- 3.0.6
* Thu Jul 22 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.0.1-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1910547 - lynis-3.0.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1910547
--------------------------------------------------------------------------------
================================================================================
matrix-synapse-1.38.1-1.fc34 (FEDORA-2021-a627cfd31e)
A Matrix reference homeserver written in Python using Twisted
--------------------------------------------------------------------------------
Update Information:
Update to v1.38.1 ---- New upstream release 1.38.0, incorporating a number of
important security fixes. Upstream changelog:
https://github.com/matrix-
org/synapse/blob/v1.38.0/CHANGES.md Upstream upgrade notes:
https://matrix-
org.github.io/synapse/develop/upgrade#upgrading-to-v1380
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 23 2021 Kai A. Hiller <V02460(a)gmail.com> - 1.38.1-1
- Update to v1.38.1
* Thu Jul 22 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.38.0-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Sun Jul 18 2021 Dan Callaghan <djc(a)djc.id.au> - 1.38.0-2
- fix startup ordering of synapse.service (RHBZ#1910740)
- relax version requirement for python3-cryptography
* Wed Jul 14 2021 Kai A. Hiller <V02460(a)gmail.com> - 1.38.0-1
- Update to v1.38.0
* Fri Jun 4 2021 Python Maint <python-maint(a)redhat.com> - 1.26.0-3
- Rebuilt for Python 3.10
* Tue Mar 2 2021 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> - 1.26.0-2
- Rebuilt for updated systemd-rpm-macros
See
https://pagure.io/fesco/issue/2583.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1910740 - synapse.service can fail if it starts before postgresql is ready
https://bugzilla.redhat.com/show_bug.cgi?id=1910740
[ 2 ] Bug #1918426 - matrix-synapse-1.38.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1918426
[ 3 ] Bug #1934603 - CVE-2021-21274 matrix-synapse: DoS via .well-known lookups
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1934603
[ 4 ] Bug #1934606 - CVE-2021-21273 matrix-synapse: open redirects on some federation
and push requests [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1934606
[ 5 ] Bug #1944136 - CVE-2021-21332 matrix-synapse: password reset endpoint is
vulnerable to XSS [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1944136
[ 6 ] Bug #1944139 - CVE-2021-21333 matrix-synapse: HTML injection in email and account
expiry notifications [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1944139
[ 7 ] Bug #1949110 - CVE-2021-21393 matrix-synapse: Denial of service (via resource
exhaustion) due to improper input validation on groups/communities endpoints [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1949110
[ 8 ] Bug #1949112 - CVE-2021-21392 matrix-synapse: IP blacklist bypass via
transitional IPv6 addresses on dual-stack networks [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1949112
[ 9 ] Bug #1958801 - CVE-2021-21394 matrix-synapse: missing input validation may cause
excessive use of disk space and memory [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1958801
[ 10 ] Bug #1959542 - CVE-2021-29471 matrix-synapse: Denial-of-service when processing
moderate length events [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1959542
--------------------------------------------------------------------------------
================================================================================
mozilla-noscript-11.2.10-1.fc34 (FEDORA-2021-f56869f94e)
JavaScript white list extension for Mozilla Firefox
--------------------------------------------------------------------------------
Update Information:
v 11.2.10 ============================================================ * Cross-
browser file naming consistency, in spite of version numbering incompatibilities
* [nscl] Fix for potential race conditions on certain page transitions (issue
#205) * Handle exception when accessing `navigator.serviceWorker` on sandboxed
frames
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 23 2021 Dominik Mierzejewski <rpm(a)greysector.net> - 11.2.10-1
- update to 11.2.10 (#1985098)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1985098 - mozilla-noscript-11.2.10 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1985098
--------------------------------------------------------------------------------
================================================================================
mrxvt-0.5.3-31.fc34 (FEDORA-2021-0d3268fc35)
A lightweight multi-tabbed terminal emulator for X
--------------------------------------------------------------------------------
Update Information:
Fix for CVE-2021-33477
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 23 2021 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 0.5.3-31
- Patch for CVE-2021-33477 (bug 1961794)
* Thu Jul 22 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.5.3-30
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1961796 - CVE-2021-33477 mrxvt: rxvt-unicode: possible remote code execution
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1961796
--------------------------------------------------------------------------------
================================================================================
nsdiff-1.82-1.fc34 (FEDORA-2021-3240c7af45)
create an "nsupdate" script from DNS zone file differences
--------------------------------------------------------------------------------
Update Information:
- -g option added
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 23 2021 Petr Men����k <pemensik(a)redhat.com> - 1.82-1
- Update to 1.82
--------------------------------------------------------------------------------
================================================================================
osbuild-30-1.fc34 (FEDORA-2021-7b4f26b267)
A build system for OS images
--------------------------------------------------------------------------------
Update Information:
Update osbuild to the latest version (30)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 23 2021 Christian Kellner <christian(a)kellner.me> - 30-1
- Upstream release 30
- Ship osbuild-mpp in new tools sub-package.
- Remove executable bit from schemata files.
--------------------------------------------------------------------------------
================================================================================
pioneer-20210723-1.fc34 (FEDORA-2021-374406dad0)
A game of lonely space adventure
--------------------------------------------------------------------------------
Update Information:
- Release 20210723
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 23 2021 Antonio Trande <sagitter(a)fedoraproject.org> - 20210723-1
- Release 20210723
* Fri Jul 23 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
20210203-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
psi-plus-1.5.1550-1.fc34 (FEDORA-2021-5cb2eb4d93)
Jabber client based on Qt
--------------------------------------------------------------------------------
Update Information:
Updated to version 1.5.1550.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 23 2021 Vitaly Zaitsev <vitaly(a)easycoding.org> - 1:1.5.1550-1
- Updated to version 1.5.1550.
* Fri Jul 23 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
1:1.5.1548-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Thu Jul 15 2021 Vitaly Zaitsev <vitaly(a)easycoding.org> - 1:1.5.1548-2
- Rebuilt due to libtidy soversion bump.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1983339 - psi-plus-1.5.1550 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1983339
--------------------------------------------------------------------------------
================================================================================
pyproject-rpm-macros-0-46.fc34 (FEDORA-2021-fcf5e2adc6)
RPM macros for PEP 517 Python packages
--------------------------------------------------------------------------------
Update Information:
``` * Fri Jul 23 2021 Miro Hron��ok <miro(a)hroncok.cz> - 0-46 -
%pyproject_buildrequires now fails when it encounters an invalid requirement -
Fixes: rhbz#1983053 - Rename %_pyproject_ghost_distinfo and %_pyproject_record
to indicate they are private - Automatically detect LICENSE files and mark them
with %license macro ``` ---- ##### **Changelog** ``` * Fri Jul 9 2021 Python
Maint <python-maint(a)redhat.com> - 0-44 - Escape weird paths generated by
%pyproject_save_files - Fixes rhbz#1976363 - Support x.* versions in
%pyproject_buildrequires - Fixes rhbz#1981558 - %pyproject_buildrequires
fallbacks to setuptools only if setup.py exists - Fixes: rhbz#1976459 -
Explicitly require the "basic" Python RPM macros ```
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 23 2021 Miro Hron��ok <miro(a)hroncok.cz> - 0-46
- %pyproject_buildrequires now fails when it encounters an invalid requirement
- Fixes: rhbz#1983053
- Rename %_pyproject_ghost_distinfo and %_pyproject_record to indicate they are private
- Automatically detect LICENSE files and mark them with %license macro
* Fri Jul 23 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 0-45
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Fri Jul 9 2021 Python Maint <python-maint(a)redhat.com> - 0-44
- Escape weird paths generated by %pyproject_save_files
- Fixes rhbz#1976363
- Support x.* versions in %pyproject_buildrequires
- Fixes rhbz#1981558
- %pyproject_buildrequires fallbacks to setuptools only if setup.py exists
- Fixes: rhbz#1976459
- Explicitly require the "basic" Python RPM macros
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1976363 - %pyproject_save_files does not put paths with spaces to quotes and
that fails the build
https://bugzilla.redhat.com/show_bug.cgi?id=1976363
[ 2 ] Bug #1976459 - %pyproject_buildrequires should only fallback to
setuptools.build_meta:__legacy__ if setup.py exists
https://bugzilla.redhat.com/show_bug.cgi?id=1976459
[ 3 ] Bug #1981558 - ValueError: Unknown character in version: 1.0.6.*
https://bugzilla.redhat.com/show_bug.cgi?id=1981558
[ 4 ] Bug #1983053 - %pyproject_buildrequires warns about invalid requirements, but does
not fail
https://bugzilla.redhat.com/show_bug.cgi?id=1983053
--------------------------------------------------------------------------------
================================================================================
python-aexpect-1.6.2-1.fc34 (FEDORA-2021-c5b99ebda9)
A python library to control interactive applications
--------------------------------------------------------------------------------
Update Information:
Sync `python-aexpect` with upstream release 1.6.2
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 30 2021 Cleber Rosa <cleber(a)redhat.com> - 1.6.2-1
- Sync with upstream release 1.6.2.
- Removed patch to fix rpmlint error, now included upstream.
--------------------------------------------------------------------------------
================================================================================
python-dictdiffer-0.9.0-1.fc34 (FEDORA-2021-3154aa705b)
Dictdiffer is a module that helps you to diff and patch dictionaries
--------------------------------------------------------------------------------
Update Information:
Update to 0.9.0
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 23 2021 Jaosn Montleon <jmontleo(a)redhat.com> 0.9.0-1
- Update to 0.9.0
* Fri Jun 4 2021 Python Maint <python-maint(a)redhat.com> - 0.8.1-7
- Rebuilt for Python 3.10
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1985043 - python-dictdiffer-0.9.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1985043
--------------------------------------------------------------------------------
================================================================================
seamonkey-2.53.8.1-1.fc34 (FEDORA-2021-6a0249cb06)
Web browser, e-mail, news, IRC client, HTML editor
--------------------------------------------------------------------------------
Update Information:
Update to 2.53.8.1 Includes fixes for mailnews archiving, as well as account
creation after news subscribing. Show just an icon (instead of a big image
etc.) when moving in drag-and-drop operations to make sure the target is
visible. (You can change it back by toggling boolean preference
"nglayout.enable_drag_images" in about:config).
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 22 2021 Dmitry Butskoy <Dmitry(a)Butskoy.name> 2.53.8.1-1
- update to 2.53.8.1
- no more set nglayout.enable_drag_images by default
- fix mailnews account creation after subscribing by a news URL (mozbz#521861)
- avoid staring drag-and-drop in full mailnews's Wide View (mozbz#1720968)
- fix clearing in download manager (mozbz#1501277)
--------------------------------------------------------------------------------
================================================================================
systemd-248.6-1.fc34 (FEDORA-2021-3141f0eff1)
System and Service Manager
--------------------------------------------------------------------------------
Update Information:
- Create 'sgx' group (and also use soft-static uids for input and render, see
https://pagure.io/setup/c/df3194a7295c2ca3cfa923981b046f4bd2754825 and
https://pagure.io/packaging-committee/issue/1078 (#1965815) - Various bugfixes
(#1963428, #1975564) - Fix for a regression introduced in the previous release
with sd-event abort (#1984651) No need to log out or reboot.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 22 2021 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> - 248.6-1
- Create 'sgx' group (and also use soft-static uids for input and render,
see
https://pagure.io/setup/c/df3194a7295c2ca3cfa923981b046f4bd2754825
and
https://pagure.io/packaging-committee/issue/1078 (#1965815)
- Various bugfixes (#1963428, #1975564)
- Fix for a regression introduced in the previous release with
sd-event abort (#1984651)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1963428 - if keyfile >= 1024*4096-1 service
"systemd-cryptsetup@<partition name>" can't start
https://bugzilla.redhat.com/show_bug.cgi?id=1963428
[ 2 ] Bug #1965815 - 50-udev-default.rules references group "sgx" which does
not exist
https://bugzilla.redhat.com/show_bug.cgi?id=1965815
[ 3 ] Bug #1975564 - systemd-cryptenroll SIGABRT when adding recovery key - buffer
overflow
https://bugzilla.redhat.com/show_bug.cgi?id=1975564
[ 4 ] Bug #1984651 - systemd[1]: Assertion 'a <= b' failed at
src/libsystemd/sd-event/sd-event.c:2903, function sleep_between(). Aborting.
https://bugzilla.redhat.com/show_bug.cgi?id=1984651
--------------------------------------------------------------------------------
================================================================================
webkit2gtk3-2.32.3-1.fc34 (FEDORA-2021-cf7d8c7b1a)
GTK Web content engine library
--------------------------------------------------------------------------------
Update Information:
* Properly set the cookies settings after a network process crash. * Fix
accessibility tree after a cross site navigation with PSON enabled. * Ensure
WebKitScriptWorld::window-object-cleared signal is always emitted. * Fix
several crashes and rendering issues. * Security fixes: CVE-2021-21775,
CVE-2021-21779, CVE-2021-30663, CVE-2021-30665, CVE-2021-30689, CVE-2021-30720,
CVE-2021-30734, CVE-2021-30744, CVE-2021-30749, CVE-2021-30758, CVE-2021-30795,
CVE-2021-30797, CVE-2021-30799
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 23 2021 Michael Catanzaro <mcatanzaro(a)redhat.com> - 2.32.3-1
- Update to 2.32.3
--------------------------------------------------------------------------------