The following Fedora 32 Security updates need testing:
Age URL
102
https://bodhi.fedoraproject.org/updates/FEDORA-2021-4c8458e373
containernetworking-plugins-0.9.1-1.fc32
98
https://bodhi.fedoraproject.org/updates/FEDORA-2021-16d1596c42
buildah-1.19.4-1.fc32
14
https://bodhi.fedoraproject.org/updates/FEDORA-2021-158a237d4a bind-9.11.31-1.fc32
bind-dyndb-ldap-11.3-6.fc32 dnsperf-2.3.4-6.fc32
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-179f2fbb88
mariadb-10.4.19-1.fc32
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-4f06d202d4
firefox-88.0.1-1.fc32
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-0fa36519bb
kernel-5.11.20-100.fc32 kernel-headers-5.11.20-100.fc32 kernel-tools-5.11.20-100.fc32
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-498be8f560
prosody-0.11.9-1.fc32
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-6e540b85b9
ceph-14.2.21-1.fc32
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-8832eab899
kernel-5.11.21-100.fc32
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-7aa58932f5
composer-1.10.22-1.fc32
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-5b1dd085c7
wordpress-5.7.2-1.fc32
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-3c013b5555
php-symfony3-3.4.48-1.fc32
The following Fedora 32 Critical Path updates have yet to be approved:
Age URL
14
https://bodhi.fedoraproject.org/updates/FEDORA-2021-19cdc5683f
libmodulemd-2.12.1-1.fc32
13
https://bodhi.fedoraproject.org/updates/FEDORA-2021-7fd2a21f94
python3-3.8.10-1.fc32 python3-docs-3.8.10-1.fc32
11
https://bodhi.fedoraproject.org/updates/FEDORA-2021-276b0013e8
gnome-terminal-3.36.3-1.fc32
11
https://bodhi.fedoraproject.org/updates/FEDORA-2021-151dc7fd1b
vte291-0.60.4-1.fc32
11
https://bodhi.fedoraproject.org/updates/FEDORA-2021-a2ee549bcb
xorg-x11-drv-nouveau-1.0.17-1.fc32
8
https://bodhi.fedoraproject.org/updates/FEDORA-2021-f438908573
btrfs-progs-5.11.1-1.fc32
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-14d0195ff8
linux-firmware-20210511-120.fc32
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-0fa36519bb
kernel-5.11.20-100.fc32 kernel-headers-5.11.20-100.fc32 kernel-tools-5.11.20-100.fc32
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-4f06d202d4
firefox-88.0.1-1.fc32
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-4d58314a3e
libidn2-2.3.1-1.fc32
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-816eecc358 zstd-1.5.0-1.fc32
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-8832eab899
kernel-5.11.21-100.fc32
The following builds have been pushed to Fedora 32 updates-testing
libtirpc-1.2.6-4.rc4.fc32
lmms-1.1.3-17.fc32
ne-3.3.1-1.fc32
retroarch-1.9.3-1.fc32
rpcbind-1.2.6-0.fc32
rpki-client-7.1-1.fc32
slapi-nis-0.56.7-1.fc32
upx-3.96-9.fc32
Details about builds:
================================================================================
libtirpc-1.2.6-4.rc4.fc32 (FEDORA-2021-53ea50793d)
Transport Independent RPC Library
--------------------------------------------------------------------------------
Update Information:
Updated non-free licenses
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 18 2021 Steve Dickson <steved(a)redhat.com> 1.2.6-4.rc4
- Updated non-free licenses (bz 1955239)
* Wed Apr 7 2021 Steve Dickson <steved(a)redhat.com> 1.2.6-3.rc4
- libtirpc: disallow calling auth_refresh from clnt_call with RPCSEC_GSS (bz 1947058)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1955239 - non-free licensed files in libtirpc
https://bugzilla.redhat.com/show_bug.cgi?id=1955239
--------------------------------------------------------------------------------
================================================================================
lmms-1.1.3-17.fc32 (FEDORA-2021-b07c44d2b2)
Linux MultiMedia Studio
--------------------------------------------------------------------------------
Update Information:
Rebuild due to an unannounced soname bump in fluidsynth.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 18 2021 Thomas Moschny <thomas.moschny(a)gmx.de> - 1.1.3-17
- Add patches to fix building on F32.
* Fri May 7 2021 Carl George <carl(a)george.computer> - 1.1.3-16
- Rebuilt for fluidsynth soname bump rhbz#1953438
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1953438 - fluidsynth-libs: incompatible upgrade from libfluidsynth.so.1 to
libfluidsynth.so.2 (F32)
https://bugzilla.redhat.com/show_bug.cgi?id=1953438
--------------------------------------------------------------------------------
================================================================================
ne-3.3.1-1.fc32 (FEDORA-2021-d5a0ecfed9)
ne, the nice editor
--------------------------------------------------------------------------------
Update Information:
First release
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1952927 - Review Request: ne - ne, the nice editor
https://bugzilla.redhat.com/show_bug.cgi?id=1952927
--------------------------------------------------------------------------------
================================================================================
retroarch-1.9.3-1.fc32 (FEDORA-2021-1acc306095)
Cross-platform, sophisticated frontend for the libretro API.
--------------------------------------------------------------------------------
Update Information:
Update to 1.9.3
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 15 2021 Artem Polishchuk <ego.cordatus(a)gmail.com> - 1.9.3-1
- build(update): 1.9.3
--------------------------------------------------------------------------------
================================================================================
rpcbind-1.2.6-0.fc32 (FEDORA-2021-4fa5160678)
Universal Addresses to RPC Program Number Mapper
--------------------------------------------------------------------------------
Update Information:
Updated to latest upstream release: rpcbind-1_2_6
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 17 2021 Steve Dickson <steved(a)redhat.com> 1.2.6-0
- Updated to latest upstream release: rpcbind-1_2_6 (bz 1959127)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1959127 - rpcbind-1.2.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1959127
--------------------------------------------------------------------------------
================================================================================
rpki-client-7.1-1.fc32 (FEDORA-2021-0965639ccd)
RPKI validator to support BGP Origin Validation
--------------------------------------------------------------------------------
Update Information:
rpki-client 7.1 =============== * Add keep-alive support to the HTTP client
code for RRDP * Reference-count and delete unused files synced via RRDP, as far
as possible * In the JSON output, change the AS Number from a string ("AS123")
to an integer ("123") to make processing of the output easier * Add an
`expires` column to CSV & JSON output, based on certificate and CRL validity
times. The `expires` value can be used to avoid route selection based on stale
data when generating VRP sets, when faced with loss of communication between
consumer and valdiator, or validator and CA repository * Make the runtime
timeout (`-s` option) also triggers in child processes * Improved RRDP support,
upstream encourages testing of RRDP with the `-r` option so that RRDP can be
enabled by default in a future release; please report any RRDP issues found, if
possible, directly to upstream In the portable version, * Improve support for
older libressl versions (although the latest stable release is recommended) *
Add missing compat headers in release packages so they build on Alpine Linux and
macOS
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 18 2021 Robert Scheck <robert(a)fedoraproject.org> 7.1-1
- Upgrade to 7.1 (#1961870)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1961870 - rpki-client-7.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1961870
--------------------------------------------------------------------------------
================================================================================
slapi-nis-0.56.7-1.fc32 (FEDORA-2021-f6cbdada86)
NIS Server and Schema Compatibility plugins for Directory Server
--------------------------------------------------------------------------------
Update Information:
CVE-2021-3480: invalid BIND DN crash
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 18 2021 Alexander Bokovoy <abokovoy(a)redhat.com> - 0.56.7-1
- CVE-2021-3480: invalid bind DN crash
- New upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1961157 - CVE-2021-3480 slapi-nis: NULL dereference (DoS) with specially
crafted Binding DN [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1961157
--------------------------------------------------------------------------------
================================================================================
upx-3.96-9.fc32 (FEDORA-2021-09b10922eb)
Ultimate Packer for eXecutables
--------------------------------------------------------------------------------
Update Information:
Patch for CVE-2020-24119.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 18 2021 Gwyn Ciesla <gwync(a)protonmail.com> - 3.96-9
- Patch for CVE-2020-24119
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1961592 - CVE-2020-24119 upx: heap buffer overflow in p_lx_elf.cpp
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1961592
--------------------------------------------------------------------------------