The following Fedora 33 Security updates need testing:
Age URL
7
https://bodhi.fedoraproject.org/updates/FEDORA-2021-e435a8bb88
golang-1.15.7-1.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-5f7da70bfe
monitorix-3.13.1-1.fc33
5
https://bodhi.fedoraproject.org/updates/FEDORA-2021-9d65b22041
mingw-SDL2-2.0.12-3.fc33
5
https://bodhi.fedoraproject.org/updates/FEDORA-2021-354441fcdd
mingw-binutils-2.34-7.fc33
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-8ecb3686ca
mingw-jasper-2.0.24-2.fc33
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-f3011da665
wireshark-3.4.2-1.fc33
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-175e686ca6
python-pygments-2.6.1-5.fc33
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-8b3202b783
zeromq-4.3.4-1.fc33
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-674d704f6c
pngcheck-2.4.0-7.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-6fe9346693
privoxy-3.0.31-1.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-a4f016c6c8 mutt-2.0.5-1.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-879c756377
kernel-5.10.12-200.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-db2b870848
cups-2.3.3op1-4.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-c756747fd0 czmq-4.2.1-1.fc33
The following Fedora 33 Critical Path updates have yet to be approved:
Age URL
27
https://bodhi.fedoraproject.org/updates/FEDORA-2021-d1074696ac
libguestfs-1.44.0-1.fc33
11
https://bodhi.fedoraproject.org/updates/FEDORA-2021-0ecd4abda7 pungi-4.2.7-2.fc33
8
https://bodhi.fedoraproject.org/updates/FEDORA-2021-8656548c9b
vte291-0.62.2-1.fc33
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-039b93d5e4
dnsmasq-2.84-1.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-879c756377
kernel-5.10.12-200.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-577dd8fbdb
libwebp-1.2.0-1.fc33 mingw-libwebp-1.2.0-1.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-b302f21c3e
libsndfile-1.0.31-1.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-5ed9f71f50
supermin-5.2.1-1.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-136fec7edc
libsolv-0.7.17-1.fc33
1
https://bodhi.fedoraproject.org/updates/FEDORA-2021-437a1d7ab2
libevdev-1.11.0-1.fc33
The following builds have been pushed to Fedora 33 updates-testing
389-ds-base-1.4.4.12-1.fc33
avr-binutils-2.35-3.fc33
ceph-15.2.8-2.fc33
coreutils-8.32-17.fc33
cups-2.3.3op2-1.fc33
doctest-2.4.5-1.fc33
fedora-coreos-config-transpiler-0.10.0-1.fc33
flatpak-xdg-utils-1.0.4-1.fc33
ghc-HsOpenSSL-x509-system-0.1.0.4-2.fc33
gnome-builder-3.38.2-1.fc33
ibus-typing-booster-2.10.4-1.fc33
inkscape-1.0.2-1.fc33
java-1.8.0-openjdk-1.8.0.282.b08-0.fc33
java-11-openjdk-11.0.10.0.9-0.fc33
kdevelop-5.6.2-1.fc33
kdevelop-php-5.6.2-1.fc33
kdevelop-python-5.6.2-1.fc33
knot-3.0.4-1.fc33
ledmon-0.95-1.fc33
libdatovka-0.1.0-2.fc33
mock-core-configs-33.6-1.fc33
mozilla-ublock-origin-1.33.2-1.fc33
nghttp2-1.43.0-1.fc33
oggvideotools-0.9.1-4.fc33
osinfo-db-20210202-1.fc33
pcre2-10.36-3.fc33
perl-Attean-0.029-1.fc33
perl-Tree-1.15-1.fc33
perl-Tree-Simple-VisitorFactory-0.16-1.fc33
python-defusedxml-0.7.0~rc2-1.fc33
python-eccodes-1.1.0-1.fc33
python2.7-2.7.18-8.fc33
qtractor-0.9.19-1.fc33
rubygem-mechanize-2.7.7-1.fc33
systemd-246.10-1.fc33
texlive-base-20200327-21.fc33
thermald-2.4.1-2.fc33
vdr-extrecmenung-2.0.11-1.fc33
vdr-osdteletext-0.9.8-1.fc33
vim-8.2.2451-1.fc33
wine-6.1-1.fc33
xpdf-4.03-1.fc33
Details about builds:
================================================================================
389-ds-base-1.4.4.12-1.fc33 (FEDORA-2021-8e3d89c9dc)
389 Directory Server (base)
--------------------------------------------------------------------------------
Update Information:
Bump version to 1.4.4.12
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Mark Reynolds <mreynolds(a)redhat.com> - 1.4.4.12-1
- Bump version to 1.4.4.12
- Issue 4579 - libasan detects heap-use-after-free in URP test (#4584)
- Issue 4563 - Failure on s390x: 'Fails to split RDN "o=pki-tomcat-CA" into
components' (#4573)
- Issue 4526 - sync_repl: when completing an operation in the pending list, it can select
the wrong operation (#4553)
- Issue 4396 - Minor memory leak in backend (#4558) (#4572)
- Issue 4324 - Performance search rate: change entry cache monitor to recursive pthread
mutex (#4569)
- Issue 5442 - Search results are different between RHDS10 and RHDS11
--------------------------------------------------------------------------------
================================================================================
avr-binutils-2.35-3.fc33 (FEDORA-2021-6ab5d52c9e)
Cross Compiling GNU binutils targeted at avr
--------------------------------------------------------------------------------
Update Information:
bugfix release
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Michal Hlavinka <mhlavink(a)redhat.com> - 1:2.35-3
- fix --format=avr option (#1907907)
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1:2.35-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1907907 - avr-size --format=avr throws error
https://bugzilla.redhat.com/show_bug.cgi?id=1907907
--------------------------------------------------------------------------------
================================================================================
ceph-15.2.8-2.fc33 (FEDORA-2021-2ab5382088)
User space components of the Ceph file system
--------------------------------------------------------------------------------
Update Information:
ceph 15.2.8, w/ system rocksdb, w/ system npm
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 1 2021 Kaleb S. KEITHLEY <kkeithle[at]redhat.com> - 2:15.2.8-2
- ceph 15.2.8, w/ system rocksdb, w/ system npm
--------------------------------------------------------------------------------
================================================================================
coreutils-8.32-17.fc33 (FEDORA-2021-74e0c6f8bd)
A set of basic GNU tools commonly used in shell scripts
--------------------------------------------------------------------------------
Update Information:
- ls: fix crash printing SELinux context for unstatable files (#1921249) -
split: fix --number=K/N to output correct part of file (#1921246) - expr: fix
invalid read with unmatched \(...\) (#1919775)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Kamil Dudka <kdudka(a)redhat.com> - 8.32-17
- ls: fix crash printing SELinux context for unstatable files (#1921249)
- split: fix --number=K/N to output correct part of file (#1921246)
- expr: fix invalid read with unmatched \(...\) (#1919775)
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org>
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1921246 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1921246
[ 2 ] Bug #1921249 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1921249
--------------------------------------------------------------------------------
================================================================================
cups-2.3.3op2-1.fc33 (FEDORA-2021-ef84cd3f69)
CUPS printing system
--------------------------------------------------------------------------------
Update Information:
1923828 - cups-2.3.3op2 is available
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Zdenek Dohnal <zdohnal(a)redhat.com> - 1:2.3.3op2-1
- 1923828 - cups-2.3.3op2 is available
* Mon Feb 1 2021 Zdenek Dohnal <zdohnal(a)redhat.com> - 1:2.3.3op1-4
- fix for CVE-2020-10001
- recommend nss-mdns for Fedora to have a working default for now
- 1921881 - [abrt] cups: __strcmp_avx2(): help.cgi killed by SIGSEGV
- 1909980 - cupsd crashes on parsing malformed Brother PPD
* Thu Jan 28 2021 Zdenek Dohnal <zdohnal(a)redhat.com> - 1:2.3.3op1-3
- remove nss-mdns dependency - let the user decide whether use resolved or nss-mdns
- remove cups dependency on cups-ipptool - actually not needed
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
1:2.3.3op1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1909980 - cupsd crashes on parsing malformed Brother PPD
https://bugzilla.redhat.com/show_bug.cgi?id=1909980
[ 2 ] Bug #1921881 - [abrt] cups: __strcmp_avx2(): help.cgi killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1921881
[ 3 ] Bug #1923828 - cups-2.3.3op2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1923828
--------------------------------------------------------------------------------
================================================================================
doctest-2.4.5-1.fc33 (FEDORA-2021-53118d32e1)
Feature-rich header-only C++ testing framework
--------------------------------------------------------------------------------
Update Information:
Upgrade to 2.4.5 from 2.4.4.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Nick Black <dankamongmen(a)gmail.com> - 2.4.5-1
- New upstream release
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.4.4-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
fedora-coreos-config-transpiler-0.10.0-1.fc33 (FEDORA-2021-b53b1e717b)
Fedora CoreOS Config Transpiler (FCCT)
--------------------------------------------------------------------------------
Update Information:
New upstream release; see [release
notes](https://github.com/coreos/fcct/blob/v0.10.0/NEWS).
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 1 2021 Benjamin Gilbert <bgilbert(a)redhat.com> - 0.10.0-1
- New release
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.9.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
flatpak-xdg-utils-1.0.4-1.fc33 (FEDORA-2021-d8f85fced4)
Command-line tools for use inside Flatpak sandboxes
--------------------------------------------------------------------------------
Update Information:
flatpak-xdg-utils 1.0.4 release, fixing compatibility with xdg-desktop-portals
1.8.0. For details what's changed between the previous version in Fedora (1.0.1)
and 1.0.4, see: *
https://github.com/flatpak/flatpak-xdg-
utils/releases/tag/1.0.2 *
https://github.com/flatpak/flatpak-xdg-
utils/releases/tag/1.0.3 *
https://github.com/flatpak/flatpak-xdg-
utils/releases/tag/1.0.4
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Kalev Lember <klember(a)redhat.com> - 1.0.4-1
- Update to 1.0.4
--------------------------------------------------------------------------------
================================================================================
ghc-HsOpenSSL-x509-system-0.1.0.4-2.fc33 (FEDORA-2021-4a03d26f9a)
Use the system's native CA certificate store with HsOpenSSL
--------------------------------------------------------------------------------
Update Information:
Use the system's native CA certificate store with HsOpenSSL -
https://hackage.haskell.org/package/HsOpenSSL-x509-system
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1897436 - Review Request: ghc-HsOpenSSL-x509-system - Use the system's
native CA certificate store with HsOpenSSL
https://bugzilla.redhat.com/show_bug.cgi?id=1897436
--------------------------------------------------------------------------------
================================================================================
gnome-builder-3.38.2-1.fc33 (FEDORA-2021-30852946b5)
IDE for writing GNOME-based software
--------------------------------------------------------------------------------
Update Information:
gnome-builder 3.38.2 release: * Always give access to a11y bus from Flatpak *
Support for Flatpak's --add-policy * Default to cloning remote's HEAD branch *
Stop showing GLib debug messages when running application unless debugging *
Translation updates
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Kalev Lember <klember(a)redhat.com> - 3.38.2-1
- Update to 3.38.2
--------------------------------------------------------------------------------
================================================================================
ibus-typing-booster-2.10.4-1.fc33 (FEDORA-2021-87fc6ef365)
A completion input method
--------------------------------------------------------------------------------
Update Information:
Update to 2.10.4
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Mike FABIAN <mfabian(a)redhat.com> - 2.10.4-1
- Update to 2.10.4
- Use ���from unittest import mock��� instead of just ���import mock���.
- Update emoji annotations from CLDR
- Translation update from Weblate for zh_CN (still 100% complete)
--------------------------------------------------------------------------------
================================================================================
inkscape-1.0.2-1.fc33 (FEDORA-2021-9422693a6f)
Vector-based drawing program using SVG
--------------------------------------------------------------------------------
Update Information:
1.0.2
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 1 2021 Gwyn Ciesla <gwync(a)protonmail.com> - 1.0.2-1
- 1.0.2
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.0.1-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Tue Jan 12 2021 Gwyn Ciesla <gwync(a)protonmail.com> - 1.0.1-4
- Poppler rebuild.
* Mon Jan 4 2021 Tomas Popela <tpopela(a)redhat.com> - 1.0.1-3
- Don't build with ImageMagick support in ELN/RHEL
--------------------------------------------------------------------------------
================================================================================
java-1.8.0-openjdk-1.8.0.282.b08-0.fc33 (FEDORA-2021-09272cf059)
OpenJDK 8 Runtime Environment
--------------------------------------------------------------------------------
Update Information:
# New in release OpenJDK 8u282 (2021-01-19) Live versions of these release
notes can be found at: *
https://bitly.com/openjdk8u282 *
https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u282.txt ##
Security fixes * JDK-8247619: Improve Direct Buffering of Characters ## Other
changes * [
JDK-8230839](https://bugs.openjdk.java.net/browse/JDK-8230839):
Updated XML Signature Implementation to Apache Santuario 2.1.3, adding support
for embedding elliptic curve public keys in the KeyValue element * Default to
RSA when using keytool, as DSA is only supported by the LEGACY crypto policy.
* Make java-1.8.0-openjdk-demo own its directories as well as its files
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jan 30 2021 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:1.8.0.282.b08-0
- Update to aarch64-shenandoah-jdk8u282-b08 (GA)
- Update release notes for 8u282.
- Remove PR3601, covered upstream by JDK-8062808.
- Remove upstreamed JDK-8197981/PR3548, JDK-8062808/PR3548 & JDK-8254177.
- Extend RH1750419 alt-java fix to include external debuginfo, following JDK-8252395
- Adapt JDK-8143245 patch, following JDK-8254166
- Remove upstreamed patch PR3519
- Use RSA as default for keytool, as DSA is disabled in all crypto policies except LEGACY
- Add directories to files directive for demo package.
- Include a test in the RPM to check the build has the correct vendor information.
- Use 'oj_' prefix on new vendor globals to avoid a conflict with RPM's vendor
value.
- Cleanup package descriptions and version number placement.
--------------------------------------------------------------------------------
================================================================================
java-11-openjdk-11.0.10.0.9-0.fc33 (FEDORA-2021-5dcdf8b2b1)
OpenJDK 11 Runtime Environment
--------------------------------------------------------------------------------
Update Information:
# New in release OpenJDK 11.0.10 (2021-01-19): Live versions of these release
notes can be found at: *
https://bitly.com/openjdk11010 *
https://builds.shipilev.net/backports-monitor/release-notes-11.0.10.txt ##
Security fixes * JDK-8247619: Improve Direct Buffering of Characters ## Other
changes * [
JDK-8213821](https://bugs.openjdk.java.net/browse/JDK-8213821):
-groupname Option Added to keytool Key Pair Generation e.g. `keytool -genkeypair
-keyalg EC -groupname secp384r1` *
[
JDK-8248263](https://bugs.openjdk.java.net/browse/JDK-8248263): jarsigner
Preserves POSIX File Permission and symlink Attributes *
[
JDK-8225764](https://bugs.openjdk.java.net/browse/JDK-8225764): Support for
X25519 and X448 in TLS * OpenJDK now uses the system HarfBuzz installation
instead of a bundled copy * Default to RSA when using keytool, as DSA is only
supported by the LEGACY crypto policy. * SystemTap directories are correctly
named on all supported architectures. * Class data sharing is now supported on
all architectures with a JIT (x86, x86_64, AArch64, ppc64, ppc64le, s390x,
armv7hl)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 1 2021 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:11.0.10.0.9-0
- Update to jdk-11.0.10.0+9
- Update release notes to 11.0.10.0+9
- Use JEP-322 Time-Based Versioning so we can handle a future 11.0.9.1-like release
correctly.
- Still use 11.0.x rather than 11.0.x.0 for file naming, as the trailing zero is omitted
from tags.
- Revert configure and built_doc_archive hacks to build 11.0.9.1 from 11.0.9.0 sources,
and synced with RHEL version.
- Drop JDK-8250861, JDK-8222286 & JDK-8254177 as applied upstream
- Use system harfbuzz now this is supported.
- Update tarball generation script to use PR3818 which handles JDK-8171279 changes
- Use RSA as default for keytool, as DSA is disabled in all crypto policies except LEGACY
- Adjust RH1842572 RSA default patch due to context change from JDK-8213400
- Following JDK-8005165, class data sharing can be enabled on all JIT architectures
- Introduce stapinstall variable to set SystemTap arch directory correctly (e.g. arm64 on
aarch64)
- Need to support noarch for creating source RPMs for non-scratch builds.
- Include a test in the RPM to check the build has the correct vendor information.
- Update build documentation to reflect this is java-11-openjdk, not java-1.8.0-openjdk
- Cleanup debug package descriptions and version number placement.
- Remove redundant closure and immediate reopening of include_normal_build block.
- Fix location and comment differences from RHEL.
- Introduced nm based check to verify alt-java on x86_64 is patched, and no other alt-java
or java is patched
- Patch600 rh1750419-redhat_alt_java.patch amended to die, if it is used wrongly
- Introduce ssbd_arches with currently only valid arch of x86_64 to separate real alt-java
architectures
--------------------------------------------------------------------------------
================================================================================
kdevelop-5.6.2-1.fc33 (FEDORA-2021-381d2331bd)
Integrated Development Environment for C++/C
--------------------------------------------------------------------------------
Update Information:
KDevelop 5.6.2 bugfix release.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Jan Grulich <jgrulich(a)redhat.com> - 9:5.6.2-1
- 5.6.2
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 9:5.6.1-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Fri Jan 22 2021 Tom Stellard <tstellar(a)redhat.com> - 9:5.6.1-2
- Rebuild for clang-11.1.0
--------------------------------------------------------------------------------
================================================================================
kdevelop-php-5.6.2-1.fc33 (FEDORA-2021-381d2331bd)
Php language and documentation plugins for KDevelop
--------------------------------------------------------------------------------
Update Information:
KDevelop 5.6.2 bugfix release.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Jan Grulich <jgrulich(a)redhat.com> - 5.6.2-1
- 5.6.2
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 5.6.1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
kdevelop-python-5.6.2-1.fc33 (FEDORA-2021-381d2331bd)
Python 3 Plugin for KDevelop
--------------------------------------------------------------------------------
Update Information:
KDevelop 5.6.2 bugfix release.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Jan Grulich <jgrulich(a)redhat.com> - 5.6.2-1
- 5.6.2
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 5.6.1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
knot-3.0.4-1.fc33 (FEDORA-2021-eede124235)
High-performance authoritative DNS server
--------------------------------------------------------------------------------
Update Information:
- Update to 3.0.4 - Move dnstap module to subpackage - Move geoip module to
subpackage - Remove redundant VERSION macro
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 1 2021 Jakub Ru��i��ka <jakub.ruzicka(a)nic.cz> - 3.0.4-1
- Update to 3.0.4
- Move dnstap module to subpackage
- Move geoip module to subpackage
- Remove redundant VERSION macro
--------------------------------------------------------------------------------
================================================================================
ledmon-0.95-1.fc33 (FEDORA-2021-1f20a87d25)
Enclosure LED Utilities
--------------------------------------------------------------------------------
Update Information:
ledmon rebase
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Jan Macku <jamacku(a)redhat.com> - 0.95-1
- clean up spec based on RHEL 8.4.0 spec
- remove -Werror=format-truncation=1 from configure
- update to 0.95 (#1880599)
--------------------------------------------------------------------------------
================================================================================
libdatovka-0.1.0-2.fc33 (FEDORA-2021-176ac75330)
Client library for accessing SOAP services of ISDS (Czech Data Boxes)
--------------------------------------------------------------------------------
Update Information:
This is new package libdatovka.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1922147 - Review Request: libdatovka - Client library for accessing SOAP
services of ISDS (Czech Data Boxes)
https://bugzilla.redhat.com/show_bug.cgi?id=1922147
--------------------------------------------------------------------------------
================================================================================
mock-core-configs-33.6-1.fc33 (FEDORA-2021-3ee5007953)
Mock core config files basic chroots
--------------------------------------------------------------------------------
Update Information:
- Add Mageia 8 stable release configs (ngompa13(a)gmail.com) - Update Mageia
Cauldron configuration for Mageia 9 (ngompa13(a)gmail.com) - add RHEL 6 x86_64
configuration
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Pavel Raiskup <praiskup(a)redhat.com> 33.6-1
- Add Mageia 8 stable release configs (ngompa13(a)gmail.com)
- Update Mageia Cauldron configuration for Mageia 9 (ngompa13(a)gmail.com)
- add RHEL 6 x86_64 configuration
--------------------------------------------------------------------------------
================================================================================
mozilla-ublock-origin-1.33.2-1.fc33 (FEDORA-2021-3383ca0a61)
An efficient blocker for Firefox
--------------------------------------------------------------------------------
Update Information:
##Changes since 1.32.4 ### Fixed: * After downgrading to 1.32.4, uBO is broken
* Whitelisting a site on Chromium Edge still blocks resources fetched by service
worker * click2load.html fails to load CNAME-3p frames after click on
tagesschau.de * Only filtered part of rules is uploaded to cloud storage *
remove-attr does not always work * Add AdGuard's noopvmap-1.0 equivalent as a
redirect resource * Using an alias for custom scriptlet in my Filters pane is
seen as invalid * Third party is not detected (or not exposed to the user) ###
Improved: * Add any-delay to timeout/interval boosters * Improve neutered
adsbygoogle scriptlet * Expand managed storage for admins: * Add `userSettings`
entry to managed storage * Add `toOverwrite.filters` entry as managed storage
property * Add `toOverwrite.filterLists` property to managed storage * Adding to
and further reviewing admin-managed settings * Add support for admin-managed
hidden settings * Add ability to lookup effective context from store of frames *
Just extract token from queryprune -- don't create pattern * Fix word-based
selection in filter list editor/viewer * Fix potentially missing context in
logger for popup entries * Improve extraction of tokens from regex-based filters
* Upgrade CodeMirror library to 5.59.0 (from 5.46.0)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Dominik Mierzejewski <rpm(a)greysector.net> - 1.33.2-1
- update to 1.33.2 (#1922482)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1922482 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1922482
--------------------------------------------------------------------------------
================================================================================
nghttp2-1.43.0-1.fc33 (FEDORA-2021-e0dc0a7631)
Experimental HTTP/2 client, server and proxy
--------------------------------------------------------------------------------
Update Information:
- update to the latest upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Kamil Dudka <kdudka(a)redhat.com> 1.43.0-1
- update to the latest upstream release
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.42.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Tue Nov 24 2020 Kamil Dudka <kdudka(a)redhat.com> 1.42.0-1
- update to the latest upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1924030 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1924030
--------------------------------------------------------------------------------
================================================================================
oggvideotools-0.9.1-4.fc33 (FEDORA-2021-82e41e242c)
Toolbox for manipulating Ogg video files
--------------------------------------------------------------------------------
Update Information:
Just a rebuild to catch new compiler settings in F33.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 6 2021 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> - 0.9.1-4
- Fix build and minor rpmlint permission issues
* Sat Aug 1 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.9.1-4
- Second attempt - Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Tue Jul 28 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.9.1-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
osinfo-db-20210202-1.fc33 (FEDORA-2021-28c9947145)
osinfo database files
--------------------------------------------------------------------------------
Update Information:
Update to new release (v20210202)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Fabiano Fid��ncio <fidencio(a)redhat.com> - 20210202-1
- Update to new release (v20210202)
--------------------------------------------------------------------------------
================================================================================
pcre2-10.36-3.fc33 (FEDORA-2021-933191a6c1)
Perl-compatible regular expression library
--------------------------------------------------------------------------------
Update Information:
This release fixes misparsing long numbers as a backreference and misparing the
numbers without a closing bracket as a quantifier. It also prevents from a
possible NULL pointer dereference in auto_possessify() function.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Petr Pisar <ppisar(a)redhat.com> - 10.36-3
- Fix misparsing long numbers as a backreference and a number without
a closing bracket as a quantifier (upstream bug #2690)
* Fri Jan 15 2021 Petr Pisar <ppisar(a)redhat.com> - 10.36-2
- Fix a possible NULL pointer dereference in auto_possessify()
(upstream bug #2686)
--------------------------------------------------------------------------------
================================================================================
perl-Attean-0.029-1.fc33 (FEDORA-2021-11911dcc88)
Semantic web framework
--------------------------------------------------------------------------------
Update Information:
This release fixes Attean::API::ResultSerializer->serialize_list_to_io. It also
adds Add Attean::API::MutableModel->load_triples_from_io and -n CLI argument to
attean_parse to allow numbering of the results. It also updates Attean
get_parser and get_serializer to allow searching file extensions and media types
for 1-arg calls, Attean::API::Serializer to require file_extensions, and
AtteanX::Serializer::TextTable to print table borders and rules.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Petr Pisar <ppisar(a)redhat.com> - 0.029-1
- 0.029 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1923871 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1923871
--------------------------------------------------------------------------------
================================================================================
perl-Tree-1.15-1.fc33 (FEDORA-2021-96d639cae5)
Tree data structure
--------------------------------------------------------------------------------
Update Information:
This release updates a documentation.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Petr Pisar <ppisar(a)redhat.com> - 1.15-1
- 1.15 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1923810 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1923810
--------------------------------------------------------------------------------
================================================================================
perl-Tree-Simple-VisitorFactory-0.16-1.fc33 (FEDORA-2021-dc94c8c842)
Factory object for dispensing Visitor objects
--------------------------------------------------------------------------------
Update Information:
Added tests and update Makefile.PL
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Jitka Plesnikova <jplesnik(a)redhat.com> - 0.16-1
- 0.16 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1923845 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1923845
--------------------------------------------------------------------------------
================================================================================
python-defusedxml-0.7.0~rc2-1.fc33 (FEDORA-2021-32652dea31)
XML bomb protection for Python stdlib modules
--------------------------------------------------------------------------------
Update Information:
Reverts the removal of cElementTree.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 27 2021 Miro Hron��ok <mhroncok(a)redhat.com> - 0.7.0~rc2-1
- Update to 0.7.0rc2
- Fixes: rhbz#1915522
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
0.7.0~rc1-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1915522 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1915522
--------------------------------------------------------------------------------
================================================================================
python-eccodes-1.1.0-1.fc33 (FEDORA-2021-07a06730ef)
Python interface to the ecCodes GRIB and BUFR decoder/encoder
--------------------------------------------------------------------------------
Update Information:
new upstream release 1.1.0
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jan 30 2021 Jos de Kloe <josdekloe(a)gmail.com> 1.1.0-1
- new upstream release 1.1.0
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.0.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Fri Nov 13 2020 Jos de Kloe <josdekloe(a)gmail.com> 1.0.0-1
- new upstream release 1.0.0; remove no longer needed patch 3
* Sun Oct 18 2020 Jos de Kloe <josdekloe(a)gmail.com> 0.9.9-1
- new upstream version, and adapt to upstream project name change
- add patch for sphinx configuration problem
- add patch to fix test run for eccodes 2.19.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1918427 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1918427
--------------------------------------------------------------------------------
================================================================================
python2.7-2.7.18-8.fc33 (FEDORA-2021-66547ff92d)
Version 2.7 of the Python interpreter
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2021-3177
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 1 2021 Miro Hron��ok <mhroncok(a)redhat.com> - 2.7.18-8
- Security fix for CVE-2021-3177
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.7.18-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1918168 - CVE-2021-3177 python: stack-based buffer overflow in PyCArg_repr in
_ctypes/callproc.c
https://bugzilla.redhat.com/show_bug.cgi?id=1918168
--------------------------------------------------------------------------------
================================================================================
qtractor-0.9.19-1.fc33 (FEDORA-2021-fcc933d16d)
Audio/MIDI multi-track sequencer
--------------------------------------------------------------------------------
Update Information:
Update to 0.;9.19
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Brendan Jones <brendan.jones.it(a)gmail.com> - 0.9.19-1
- Update to 0.9.18
--------------------------------------------------------------------------------
================================================================================
rubygem-mechanize-2.7.7-1.fc33 (FEDORA-2021-db8ebc547e)
A handy web browsing ruby object
--------------------------------------------------------------------------------
Update Information:
New version 2.7.7 is released. Note that a security flaw was found on the
previous version which may allow OS commands' injection, which is now assigned
as CVE-2021-21289 . This new rpm fixes this issue.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 2.7.7-1
- 2.7.7
- Including fix for CVE-2021-21289
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.7.6-2.1
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Jan 6 2021 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 2.7.6-2
- Fix build failure
--------------------------------------------------------------------------------
================================================================================
systemd-246.10-1.fc33 (FEDORA-2021-dcc8b357ea)
System and Service Manager
--------------------------------------------------------------------------------
Update Information:
- Latest bugfix release (#1903106, #1895937). - Fixes #1813219.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> - 246.10-1
- Latest bugfix release (#1903106, #1895937).
- Fixes #1813219.
* Mon Jan 4 2021 Owen Taylor <otaylor(a)redhat.com> - 246.9-3
- Fix nss-resolve to properly fallback in a Flatpak sandbox
* Sat Jan 2 2021 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> - 246.9-2
- Fix bfq patch again (#1813219)
* Wed Dec 16 2020 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> - 246.9-1
- Minor stable release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1813219 - systemd-udevd issue with mmc on arm
https://bugzilla.redhat.com/show_bug.cgi?id=1813219
[ 2 ] Bug #1903106 - sd_notify timeouts ("Exchange full")
https://bugzilla.redhat.com/show_bug.cgi?id=1903106
--------------------------------------------------------------------------------
================================================================================
texlive-base-20200327-21.fc33 (FEDORA-2021-c08dcba23d)
TeX formatting system
--------------------------------------------------------------------------------
Update Information:
Minimize the scope of the "mtxrun --generate" command in the texlive-context
scriptlet so that it does not try to scan the entire system.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Tom Callaway <spot(a)fedoraproject.org> - 7:20200327-21
- set TEXMFLOCAL during the context scriptlet to minimize the scope of where it looks
during mtxrun --generate
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1923745 - texlive-context %transfiletriggerin does a recursive search from /
that can take a very long time
https://bugzilla.redhat.com/show_bug.cgi?id=1923745
--------------------------------------------------------------------------------
================================================================================
thermald-2.4.1-2.fc33 (FEDORA-2021-5565bcc484)
Thermal Management daemon
--------------------------------------------------------------------------------
Update Information:
Add upstream patch fixing parsing of passive targets
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Benjamin Berg <bberg(a)redhat.com> - 2.4.1-2
- Add upstream patch fixing parsing of passive targets
--------------------------------------------------------------------------------
================================================================================
vdr-extrecmenung-2.0.11-1.fc33 (FEDORA-2021-94b98edf26)
Powerful next generation recordings menu replacement plugin for VDR
--------------------------------------------------------------------------------
Update Information:
Update to 2.0.11 incl. dependency to vdr >= 2.4.4-3 to enable rename features
based on EPG
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Peter Bieringer <pb(a)bieringer.de> - 2.0.11-1
- Update to 2.0.11 incl. dependency to vdr >= 2.4.4-3 to enable rename features based
on EPG
--------------------------------------------------------------------------------
================================================================================
vdr-osdteletext-0.9.8-1.fc33 (FEDORA-2021-60d1ee4d75)
OSD teletext plugin for VDR
--------------------------------------------------------------------------------
Update Information:
Update to 0.9.8-1 ---- add configurable 4bpp color mode base on hardcoded
patch
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Martin Gansser <martinkg(a)fedoraproject.org> - 0.9.8-1
- Update to 0.9.8
* Wed Jan 27 2021 Martin Gansser <martinkg(a)fedoraproject.org> - 0.9.7-12
- add configurable 4bpp color mode base on hardcoded patch
* Sun Jan 3 2021 Martin Gansser <martinkg(a)fedoraproject.org> - 0.9.7-11
- Rebuilt for new VDR API version
--------------------------------------------------------------------------------
================================================================================
vim-8.2.2451-1.fc33 (FEDORA-2021-518db3ca84)
The VIM editor
--------------------------------------------------------------------------------
Update Information:
The newest upstream commit
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Zdenek Dohnal <zdohnal(a)redhat.com> - 2:8.2.2451-1
- patchlevel 2451
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
2:8.2.2311-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Mon Jan 11 2021 Zdenek Dohnal <zdohnal(a)redhat.com> - 2:8.2.2311-2
- conflicting the version when the change happened doesnt make sense
* Fri Jan 8 2021 Zdenek Dohnal <zdohnal(a)redhat.com> - 2:8.2.2311-1
- patchlevel 2311
--------------------------------------------------------------------------------
================================================================================
wine-6.1-1.fc33 (FEDORA-2021-d806df7654)
A compatibility layer for windows applications
--------------------------------------------------------------------------------
Update Information:
- Arabic text shaping. - More WinRT support in WIDL. - VKD3D version 1.2 is
used for Direct3D 12. - Support for Rosetta's memory layout on M1 Macs. -
Support for Thumb-2 mode on ARM. - Various bug fixes.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 1 2021 Michael Cronenworth <mike(a)cchtml.com> 6.1-1
- version update
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 6.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
xpdf-4.03-1.fc33 (FEDORA-2021-013d9a30e0)
A PDF file viewer for the X Window System
--------------------------------------------------------------------------------
Update Information:
Update to 4.03. Fixes CVE-2020-35376 and CVE-2020-25725.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2021 Tom Callaway <spot(a)fedoraproject.org> - 1:4.03-1
- update to 4.03
* Thu Jan 28 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1:4.02-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1899520 - CVE-2020-25725 xpdf: sending crafted a PDF document to the pdftops
tool could result in DoS
https://bugzilla.redhat.com/show_bug.cgi?id=1899520
[ 2 ] Bug #1911349 - CVE-2020-35376 xpdf: stack consumption due to an incorrect
subroutine reference in a Type 1C font charstring
https://bugzilla.redhat.com/show_bug.cgi?id=1911349
--------------------------------------------------------------------------------