The following Fedora 33 Security updates need testing: Age URL 80 https://bodhi.fedoraproject.org/updates/FEDORA-2021-c3d587d52c shim-15.4-1 11 https://bodhi.fedoraproject.org/updates/FEDORA-2021-71de23bedd libslirp-4.3.1-5.fc33 8 https://bodhi.fedoraproject.org/updates/FEDORA-2021-f29b4643c7 glibc-2.32-8.fc33 5 https://bodhi.fedoraproject.org/updates/FEDORA-2021-4ad7c70d71 ansible-2.9.23-1.fc33 4 https://bodhi.fedoraproject.org/updates/FEDORA-2021-a856024cca nginx-1.20.1-3.fc33 4 https://bodhi.fedoraproject.org/updates/FEDORA-2021-57e3c4261a libtpms-0.8.4-1.20210624gita594c4692a.fc33 4 https://bodhi.fedoraproject.org/updates/FEDORA-2021-717516a2e9 php-league-flysystem-1.1.4-1.fc33 3 https://bodhi.fedoraproject.org/updates/FEDORA-2021-891c1ab1ac dovecot-2.3.15-1.fc33 2 https://bodhi.fedoraproject.org/updates/FEDORA-2021-58ea3e138d rabbitmq-server-3.8.18-1.fc33
The following Fedora 33 Critical Path updates have yet to be approved: Age URL 99 https://bodhi.fedoraproject.org/updates/FEDORA-2021-2961f34ccb PackageKit-1.2.3-1.fc33 34 https://bodhi.fedoraproject.org/updates/FEDORA-2021-4797e362b3 abrt-2.14.6-1.fc33 libreport-2.15.1-1.fc33 satyr-0.37-2.fc33 13 https://bodhi.fedoraproject.org/updates/FEDORA-2021-335b80f6d0 ca-certificates-2021.2.50-1.0.fc33 13 https://bodhi.fedoraproject.org/updates/FEDORA-2021-443a2c1229 libpcap-1.10.1-1.fc33 tcpdump-4.99.1-1.fc33 12 https://bodhi.fedoraproject.org/updates/FEDORA-2021-8a4490b862 satyr-0.38-1.fc33 11 https://bodhi.fedoraproject.org/updates/FEDORA-2021-5d7402c3ff nspr-4.31.0-1.fc33 nss-3.67.0-1.fc33 11 https://bodhi.fedoraproject.org/updates/FEDORA-2021-71de23bedd libslirp-4.3.1-5.fc33 8 https://bodhi.fedoraproject.org/updates/FEDORA-2021-e599e61c55 osinfo-db-20210621-1.fc33 8 https://bodhi.fedoraproject.org/updates/FEDORA-2021-ad3e5e224a nfs-utils-2.5.4-0.fc33 8 https://bodhi.fedoraproject.org/updates/FEDORA-2021-f29b4643c7 glibc-2.32-8.fc33 5 https://bodhi.fedoraproject.org/updates/FEDORA-2021-16d24ae1c1 gdb-10.2-1.fc33 4 https://bodhi.fedoraproject.org/updates/FEDORA-2021-71a6c4fbe4 libxcrypt-4.4.23-1.fc33 3 https://bodhi.fedoraproject.org/updates/FEDORA-2021-6875ea999b gdisk-1.0.8-1.fc33 1 https://bodhi.fedoraproject.org/updates/FEDORA-2021-31b3bb27dc mtools-4.0.31-1.fc33
The following builds have been pushed to Fedora 33 updates-testing
drawing-0.8.2-1.fc33 emacspeak-54.0-2.fc33 ghc-GLURaw-2.0.0.4-1.fc33 kitty-0.21.2-1.fc33 perl-Tk-804.036-3.fc33 php-7.4.21-1.fc33 php-laminas-hydrator3-3.2.1-1.fc33 php-myclabs-php-enum-1.8.1-1.fc33 pyproject-rpm-macros-0-42.fc33 python-etcd3-0.12.0-2.fc33 python-rpm-macros-3.9-16.fc33 python-urllib3-1.25.8-5.fc33 python3-docs-3.9.6-1.fc33 python3.8-3.8.11-1.fc33 python3.9-3.9.6-1.fc33 rust-glam-0.17.1-1.fc33 seamonkey-2.53.8-1.fc33
Details about builds:
================================================================================ drawing-0.8.2-1.fc33 (FEDORA-2021-f72a5a6cd7) Drawing application for the GNOME desktop -------------------------------------------------------------------------------- Update Information:
Update to 0.8.2 -------------------------------------------------------------------------------- ChangeLog:
* Tue Jun 29 2021 Artem Polishchuk ego.cordatus@gmail.com - 0.8.2-1 - build(update): 0.8.2 --------------------------------------------------------------------------------
================================================================================ emacspeak-54.0-2.fc33 (FEDORA-2021-4c2713e53a) Emacs Speech interface -------------------------------------------------------------------------------- Update Information:
- update to 54.0 and fix startup - https://github.com/tvraman/emacspeak/blob/54.0/etc/NEWS-54.0 -------------------------------------------------------------------------------- ChangeLog:
* Tue Jun 29 2021 Jens Petersen petersen@redhat.com - 54.0-2 - drop the dependency on espeak * Tue Jun 29 2021 Jens Petersen petersen@redhat.com - 54.0-1 - update to 54 - https://github.com/tvraman/emacspeak/blob/54.0/etc/NEWS-54.0 - build with the espeak-ng library * Sun May 23 2021 Jitka Plesnikova jplesnik@redhat.com - 45.0-11 - Perl 5.34 rebuild * Tue Jan 26 2021 Fedora Release Engineering releng@fedoraproject.org - 45.0-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1551686 - emacspeak does not speak https://bugzilla.redhat.com/show_bug.cgi?id=1551686 [ 2 ] Bug #1642051 - emacspeak-54.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1642051 --------------------------------------------------------------------------------
================================================================================ ghc-GLURaw-2.0.0.4-1.fc33 (FEDORA-2021-7d43905ffb) A raw binding for the OpenGL graphics system -------------------------------------------------------------------------------- Update Information:
A raw binding for the OpenGL graphics system - https://hackage.haskell.org/package/GLURaw -------------------------------------------------------------------------------- ChangeLog:
-------------------------------------------------------------------------------- References:
[ 1 ] Bug #1973950 - Review Request: ghc-GLURaw - A raw binding for the OpenGL graphics system https://bugzilla.redhat.com/show_bug.cgi?id=1973950 --------------------------------------------------------------------------------
================================================================================ kitty-0.21.2-1.fc33 (FEDORA-2021-412b81f6bd) Cross-platform, fast, feature full, GPU based terminal emulator -------------------------------------------------------------------------------- Update Information:
Update to 0.21.2 -------------------------------------------------------------------------------- ChangeLog:
* Tue Jun 29 2021 Artem Polishchuk ego.cordatus@gmail.com - 0.21.2-1 - build(update): 0.21.2 --------------------------------------------------------------------------------
================================================================================ perl-Tk-804.036-3.fc33 (FEDORA-2021-49127bd223) Perl Graphical User Interface ToolKit -------------------------------------------------------------------------------- Update Information:
Re-enable FreeType support. -------------------------------------------------------------------------------- ChangeLog:
* Mon Jun 28 2021 Xavier Bachelot xavier@bachelot.org - 804.036-3 - Add specfile patch from Mauro Carvalho Chehab to fix building with FreeType support (RHBZ#1803711, RHBZ#1853802) * Fri May 21 2021 Jitka Plesnikova jplesnik@redhat.com - 804.036-2 - Perl 5.34 rebuild * Wed Feb 17 2021 Xavier Bachelot xavier@bachelot.org - 804.036-1 - Update to 0.36 (RHBZ#1928507) * Wed Jan 27 2021 Fedora Release Engineering releng@fedoraproject.org - 804.035-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1803711 - perl-Tk-804.034-9.fc33 FTBFS: t/entry.t test fails https://bugzilla.redhat.com/show_bug.cgi?id=1803711 [ 2 ] Bug #1853802 - font selection is broken on perl-Tk-804.035-1.fc32.x86_64 https://bugzilla.redhat.com/show_bug.cgi?id=1853802 --------------------------------------------------------------------------------
================================================================================ php-7.4.21-1.fc33 (FEDORA-2021-172c8bd11d) PHP scripting language for creating dynamic web sites -------------------------------------------------------------------------------- Update Information:
**PHP version 7.4.21** (01 Jul 2021) **Core:** * Fixed bug php#81068 (Double free in realpath_cache_clean()). (Dimitry Andric) * Fixed bug php#76359 (open_basedir bypass through adding ".."). (cmb) * Fixed bug php#81090 (Typed property performance degradation with .= operator). (Nikita) * Fixed bug php#81070 (Integer underflow in memory limit comparison). (Peter van Dommelen) * Fixed bug php#81122 (SSRF bypass in FILTER_VALIDATE_URL). (**CVE-2021-21705**) (cmb) **Bzip2:** * Fixed bug php#81092 (fflush before stream_filter_remove corrupts stream). (cmb) **OpenSSL:** * Fixed bug php#76694 (native Windows cert verification uses CN as sever name). (cmb) **PDO_Firebird:** * Fixed bug php#76448 (Stack buffer overflow in firebird_info_cb). (**CVE-2021-21704**) (cmb) * Fixed bug php#76449 (SIGSEGV in firebird_handle_doer). (**CVE-2021-21704**) (cmb) * Fixed bug php#76450 (SIGSEGV in firebird_stmt_execute). (**CVE-2021-21704**) (cmb) * Fixed bug php#76452 (Crash while parsing blob data in firebird_fetch_blob). (**CVE-2021-21704**) (cmb) **Standard:** * Fixed bug php#81048 (phpinfo(INFO_VARIABLES) "Array to string conversion"). (cmb) -------------------------------------------------------------------------------- ChangeLog:
* Tue Jun 29 2021 Remi Collet remi@remirepo.net - 7.4.21-1 - Update to 7.4.21 - http://www.php.net/releases/7_4_21.php --------------------------------------------------------------------------------
================================================================================ php-laminas-hydrator3-3.2.1-1.fc33 (FEDORA-2021-5a46f4c9a9) Laminas Framework Hydrator component v3 -------------------------------------------------------------------------------- Update Information:
**Version 3.2.1** Fixed * The ClassMethodsHydrator would occasionally have a scenario whereby no methods were cached, but a conditional would miss this fact, which would lead to a logic error later. The conditional has been updated. Bug * 53: 3.2.x - remove class-methods-hydrator redundant filter thanks to @pine3ree * 48: fix never met condition thanks to @pine3ree -------------------------------------------------------------------------------- ChangeLog:
* Tue Jun 29 2021 Remi Collet remi@remirepo.net - 3.2.1-1 - update to 3.2.1 --------------------------------------------------------------------------------
================================================================================ php-myclabs-php-enum-1.8.1-1.fc33 (FEDORA-2021-bddd564f8a) PHP Enum implementation -------------------------------------------------------------------------------- Update Information:
**Version 1.8.1** * Resolve deprecation on PHP 8.1 #145 -------------------------------------------------------------------------------- ChangeLog:
* Tue Jun 29 2021 Remi Collet remi@remirepo.net - 1.8.1-1 - update to 1.8.1 --------------------------------------------------------------------------------
================================================================================ pyproject-rpm-macros-0-42.fc33 (FEDORA-2021-f5e7993ed1) RPM macros for PEP 517 Python packages -------------------------------------------------------------------------------- Update Information:
Avoid leaking `%_pyproject_builddir` to pytest collection. -------------------------------------------------------------------------------- ChangeLog:
* Tue Jun 29 2021 Miro Hron��ok mhroncok@redhat.com - 0-42 - Don't accidentally treat "~= X.0" requirement as "~= X" - Fixes rhzb#1977060 * Mon Jun 28 2021 Miro Hron��ok mhroncok@redhat.com - 0-41 - Don't leak %{_pyproject_builddir} to pytest collection - Fixes rhzb#1935212 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1935212 - %_pyproject_builddir sometimes leaks to pytest collection https://bugzilla.redhat.com/show_bug.cgi?id=1935212 --------------------------------------------------------------------------------
================================================================================ python-etcd3-0.12.0-2.fc33 (FEDORA-2021-63e8565574) Python client for the etcd API v3 -------------------------------------------------------------------------------- Update Information:
First release for fedora. -------------------------------------------------------------------------------- ChangeLog:
--------------------------------------------------------------------------------
================================================================================ python-rpm-macros-3.9-16.fc33 (FEDORA-2021-f5e7993ed1) The common Python RPM macros -------------------------------------------------------------------------------- Update Information:
Avoid leaking `%_pyproject_builddir` to pytest collection. -------------------------------------------------------------------------------- ChangeLog:
* Mon Jun 28 2021 Miro Hron��ok mhroncok@redhat.com - 3.9-16 - %pytest: Set $PYTEST_ADDOPTS when %{__pytest_addopts} is defined - Related: rhzb#1935212 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1935212 - %_pyproject_builddir sometimes leaks to pytest collection https://bugzilla.redhat.com/show_bug.cgi?id=1935212 --------------------------------------------------------------------------------
================================================================================ python-urllib3-1.25.8-5.fc33 (FEDORA-2021-9c5f3b8aae) Python HTTP library with thread-safe connection pooling and file post -------------------------------------------------------------------------------- Update Information:
Fix for CVE-2021-33503 -------------------------------------------------------------------------------- ChangeLog:
* Tue Jun 29 2021 Lum��r Balhar lbalhar@redhat.com - 1.25.8-5 - Fix for CVE-2021-33503 Catastrophic backtracking in URL authority parser Resolves: rhbz#1968076 - Update RECENT_DATE dynamically -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1968076 - CVE-2021-33503 python-urllib3: Catastrophic backtracking in URL authority parser [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1968076 --------------------------------------------------------------------------------
================================================================================ python3-docs-3.9.6-1.fc33 (FEDORA-2021-52bc2cdad9) Documentation for the Python 3 programming language -------------------------------------------------------------------------------- Update Information:
Update of Python 3.9 and python3-docs to latest release 3.9.6 -------------------------------------------------------------------------------- ChangeLog:
* Tue Jun 29 2021 Tomas Hrnciar thrnciar@redhat.com - 3.9.6-1 - Update to 3.9.6 --------------------------------------------------------------------------------
================================================================================ python3.8-3.8.11-1.fc33 (FEDORA-2021-1539c407c2) Version 3.8 of the Python interpreter -------------------------------------------------------------------------------- Update Information:
Update to 3.8.11 -------------------------------------------------------------------------------- ChangeLog:
* Tue Jun 29 2021 Tomas Hrnciar thrnciar@redhat.com - 3.8.11-1 - Update to 3.8.11 * Fri May 14 2021 Charalampos Stratakis cstratak@redhat.com - 3.8.10-2 - Add virtual provides for the bundled libmpdec (rhbz#1943359) --------------------------------------------------------------------------------
================================================================================ python3.9-3.9.6-1.fc33 (FEDORA-2021-52bc2cdad9) Version 3.9 of the Python interpreter -------------------------------------------------------------------------------- Update Information:
Update of Python 3.9 and python3-docs to latest release 3.9.6 -------------------------------------------------------------------------------- ChangeLog:
* Tue Jun 29 2021 Tomas Hrnciar thrnciar@redhat.com - 3.9.6-1 - Update to 3.9.6 * Tue Jun 1 2021 Python Maint python-maint@redhat.com - 3.9.5-3 - Rebuilt for Python 3.10 --------------------------------------------------------------------------------
================================================================================ rust-glam-0.17.1-1.fc33 (FEDORA-2021-b418cc3d28) Simple and fast 3D math library for games and graphics -------------------------------------------------------------------------------- Update Information:
Update to 0.17.1. ---- Update to 0.17.0 ---- Initial package -------------------------------------------------------------------------------- ChangeLog:
-------------------------------------------------------------------------------- References:
[ 1 ] Bug #1971817 - Review Request: rust-glam - A 3D math library for games and graphics https://bugzilla.redhat.com/show_bug.cgi?id=1971817 [ 2 ] Bug #1976423 - rust-glam-0.17.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1976423 [ 3 ] Bug #1977252 - rust-glam-0.17.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1977252 --------------------------------------------------------------------------------
================================================================================ seamonkey-2.53.8-1.fc33 (FEDORA-2021-01f851ab8d) Web browser, e-mail, news, IRC client, HTML editor -------------------------------------------------------------------------------- Update Information:
Update to 2.53.8 Some improvements for performance and stability. Following the upstream and Firefox behaviour, no more use system colors (some backgrounds etc.) by default. You can change it in Appearance-->Colors as usual. -------------------------------------------------------------------------------- ChangeLog:
* Mon Jun 28 2021 Dmitry Butskoy Dmitry@Butskoy.name 2.53.8-1 - update to 2.53.8 - fix irc link behaviour and websearch (mozbz#1712498, mozbz#1713458, mozbz#1713467) - fix handling of mail attachments (mozbz#1661070) - no more set browser.display.use_system_colors by default * Sun Jun 13 2021 Robert-Andre Mauchin zebob.m@gmail.com - 2.53.7-5 - Rebuilt for aom v3.1.1 - Add patch to build against nss 3.66 --------------------------------------------------------------------------------