The following Fedora 31 Security updates need testing:
Age URL
48
https://bodhi.fedoraproject.org/updates/FEDORA-2020-c5ec22e14f libuv-1.39.0-1.fc31
nodejs-12.18.4-1.fc31
13
https://bodhi.fedoraproject.org/updates/FEDORA-2020-6b35849edd
freetype-2.10.0-4.fc31
7
https://bodhi.fedoraproject.org/updates/FEDORA-2020-1da8aa9dd3
thunderbird-78.4.0-1.fc31
5
https://bodhi.fedoraproject.org/updates/FEDORA-2020-bf41fcdeba libntlm-1.6-1.fc31
5
https://bodhi.fedoraproject.org/updates/FEDORA-2020-477b00a4d8
libtpms-0.7.4-0.20201031git2452a24dab.fc31
5
https://bodhi.fedoraproject.org/updates/FEDORA-2020-a857113c7a nss-3.58.0-3.fc31
4
https://bodhi.fedoraproject.org/updates/FEDORA-2020-53773f4954 mujs-1.0.9-1.fc31
2
https://bodhi.fedoraproject.org/updates/FEDORA-2020-15e15c35da
wordpress-5.5.3-1.fc31
1
https://bodhi.fedoraproject.org/updates/FEDORA-2020-84137f197e
java-latest-openjdk-15.0.1.9-1.rolling.fc31
1
https://bodhi.fedoraproject.org/updates/FEDORA-2020-6dd36a716c xen-4.12.3-8.fc31
The following Fedora 31 Critical Path updates have yet to be approved:
Age URL
86
https://bodhi.fedoraproject.org/updates/FEDORA-2020-72bc7df001
libunwind-1.3.1-7.fc31
13
https://bodhi.fedoraproject.org/updates/FEDORA-2020-747b6fb156
linux-firmware-20201022-113.fc31
13
https://bodhi.fedoraproject.org/updates/FEDORA-2020-6b35849edd
freetype-2.10.0-4.fc31
10
https://bodhi.fedoraproject.org/updates/FEDORA-2020-df2ee7a68b
nfs-utils-2.5.2-0.fc31
9
https://bodhi.fedoraproject.org/updates/FEDORA-2020-43eb9f7d6a pcre2-10.35-8.fc31
7
https://bodhi.fedoraproject.org/updates/FEDORA-2020-1da8aa9dd3
thunderbird-78.4.0-1.fc31
7
https://bodhi.fedoraproject.org/updates/FEDORA-2020-eeb0523bd0
mtools-4.0.25-1.fc31
5
https://bodhi.fedoraproject.org/updates/FEDORA-2020-a857113c7a nss-3.58.0-3.fc31
5
https://bodhi.fedoraproject.org/updates/FEDORA-2020-c635688f4e
libbluray-1.2.1-2.fc31
2
https://bodhi.fedoraproject.org/updates/FEDORA-2020-2f6168af2a
vim-8.2.1941-1.fc31
1
https://bodhi.fedoraproject.org/updates/FEDORA-2020-6dd36a716c xen-4.12.3-8.fc31
1
https://bodhi.fedoraproject.org/updates/FEDORA-2020-2770d15afa
hwdata-0.341-1.fc31
The following builds have been pushed to Fedora 31 updates-testing
buildah-1.17.0-1.fc31
ceph-14.2.13-1.fc31
chatterino2-2.2.2-1.fc31
container-selinux-2.151.0-1.fc31
firefox-82.0.2-4.fc31
galera-25.3.31-1.fc31
groonga-10.0.8-1.fc31
ipmctl-02.00.00.3830-1.fc31
krb5-1.17-47.fc31
mariadb-10.3.26-1.fc31
mariadb-connector-c-3.1.11-1.fc31
openbgpd-6.8p1-1.fc31
perl-PathTools-3.78-441.fc31
slirp4netns-1.1.6-1.fc31
Details about builds:
================================================================================
buildah-1.17.0-1.fc31 (FEDORA-2020-646a0a4648)
A command line tool used for creating OCI Images
--------------------------------------------------------------------------------
Update Information:
Autobuilt v1.17.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 5 2020 RH Container Bot <rhcontainerbot(a)fedoraproject.org> - 1.17.0-1
- autobuilt v1.17.0
--------------------------------------------------------------------------------
================================================================================
ceph-14.2.13-1.fc31 (FEDORA-2020-04027a7b1b)
User space components of the Ceph file system
--------------------------------------------------------------------------------
Update Information:
ceph 14.2.3 GA
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 2 2020 Kaleb S. KEITHLEY <kkeithle[at]redhat.com> - 2:14.2.13-1
- ceph 14.2.13 GA
--------------------------------------------------------------------------------
================================================================================
chatterino2-2.2.2-1.fc31 (FEDORA-2020-f8d6986d92)
Chat client for twitch.tv
--------------------------------------------------------------------------------
Update Information:
Update to 2.2.2
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 5 2020 Artem Polishchuk <ego.cordatus(a)gmail.com> - 2.2.2-1
- build(update): 2.2.2
* Mon Jul 27 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.1.7-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Sat May 30 2020 Jonathan Wakely <jwakely(a)redhat.com> - 2.1.7-2
- Rebuilt for Boost 1.73
--------------------------------------------------------------------------------
================================================================================
container-selinux-2.151.0-1.fc31 (FEDORA-2020-7f35353478)
SELinux policies for container runtimes
--------------------------------------------------------------------------------
Update Information:
Autobuilt v2.151.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 5 2020 RH Container Bot <rhcontainerbot(a)fedoraproject.org> - 2:2.151.0-1
- autobuilt v2.151.0
--------------------------------------------------------------------------------
================================================================================
firefox-82.0.2-4.fc31 (FEDORA-2020-d9020b3054)
Mozilla Firefox Web browser
--------------------------------------------------------------------------------
Update Information:
- Require mozilla-openh264 package - Add firefox testing scripts ---- -
Disabled LTO due to database access issues (rhbz#1893474)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 3 2020 Martin Stransky <stransky(a)redhat.com> - 82.0.2-4
- Added mozilla-openh264 dependency to play H264 clips out of the box
- Updated Firefox tests
* Tue Nov 3 2020 Martin Stransky <stransky(a)redhat.com> - 82.0.2-3
- Disabled LTO again.
* Tue Nov 3 2020 Martin Stransky <stransky(a)redhat.com> - 82.0.2-2
- NSS debug build
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1893474 - firefox-82.0.2-1.fc33 breaks gmail and several extensions
https://bugzilla.redhat.com/show_bug.cgi?id=1893474
[ 2 ] Bug #1894217 - Cannot play H.264 video with OpenH264
https://bugzilla.redhat.com/show_bug.cgi?id=1894217
--------------------------------------------------------------------------------
================================================================================
galera-25.3.31-1.fc31 (FEDORA-2020-ac2d47d89a)
Synchronous multi-master wsrep provider (replication engine)
--------------------------------------------------------------------------------
Update Information:
**MariaDB 10.3.26** **MariaDB connector C/C++ 3.1.11** **Galera 25.3.26**
Release notes:
https://mariadb.com/kb/en/mariadb-10326-release-notes/
https://mariadb.com/kb/en/mariadb-connector-c-3111-release-notes/ ----
**MariaDB 10.3.25** Release notes:
https://mariadb.com/kb/en/mariadb-10325-release-notes/
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 4 2020 Michal Schorm <mschorm(a)redhat.com> - 25.3.31-1
- Rebase to 25.3.31
* Mon Oct 26 2020 Michal Schorm <mschorm(a)redhat.com> - 25.3.30-1
- Rebase to 25.3.30
* Fri Jun 5 2020 Michal Schorm <mschorm(a)redhat.com> - 25.3.29-1
- Rebase to 25.3.29
Resolves: rhbz#1546787
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1830119 - CVE-2020-2752 CVE-2020-2760 CVE-2020-2812 CVE-2020-2814
mariadb:10.3/mariadb: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1830119
[ 2 ] Bug #1843796 - CVE-2020-13249 mariadb:10.3/mariadb: mariadb-connector-c: Improper
validation of content in a OK packet received from server [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1843796
[ 3 ] Bug #1846527 - CVE-2020-2780 mariadb:10.3/mariadb: mysql: Server: DML unspecified
vulnerability (CPU Apr 2020) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1846527
[ 4 ] Bug #1894078 - CVE-2020-14765 CVE-2020-14776 CVE-2020-14789 CVE-2020-14812
mariadb: various flaws [fedora-31]
https://bugzilla.redhat.com/show_bug.cgi?id=1894078
[ 5 ] Bug #1894663 - mariadb-connector-c-3.1.11 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1894663
--------------------------------------------------------------------------------
================================================================================
groonga-10.0.8-1.fc31 (FEDORA-2020-d5fa3f312e)
An Embeddable Fulltext Search Engine
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 5 2020 Kentaro Hayashi <kenhys(a)gmail.com>
- New upstream release
* Tue Sep 29 2020 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl>
- Rebuilt for libevent 2.1.12
--------------------------------------------------------------------------------
================================================================================
ipmctl-02.00.00.3830-1.fc31 (FEDORA-2020-351d3cc194)
Utility for managing Intel Optane DC persistent memory modules
--------------------------------------------------------------------------------
Update Information:
Update to GitHub release v02.00.00.3830
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 4 2020 Steven Pontsler <steven.pontsler(a)intel.com> - 02.00.00.3830-1
- Release 02.00.00.3830
--------------------------------------------------------------------------------
================================================================================
krb5-1.17-47.fc31 (FEDORA-2020-0df38b2843)
The Kerberos network authentication system
--------------------------------------------------------------------------------
Update Information:
- Fix CVE-2020-28196 (DoS in ASN.1 parsing due to missing recursion depth
checks) - fc32 + fc33 only: pull-up to rawhide
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 5 2020 Robbie Harwood <rharwood(a)redhat.com> - 1.17-47
- Add recursion limit for ASN.1 indefinite lengths (CVE-2020-28196)
--------------------------------------------------------------------------------
================================================================================
mariadb-10.3.26-1.fc31 (FEDORA-2020-ac2d47d89a)
A very fast and robust SQL database server
--------------------------------------------------------------------------------
Update Information:
**MariaDB 10.3.26** **MariaDB connector C/C++ 3.1.11** **Galera 25.3.26**
Release notes:
https://mariadb.com/kb/en/mariadb-10326-release-notes/
https://mariadb.com/kb/en/mariadb-connector-c-3111-release-notes/ ----
**MariaDB 10.3.25** Release notes:
https://mariadb.com/kb/en/mariadb-10325-release-notes/
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 4 2020 Michal Schorm <mschorm(a)redhat.com> - 10.3.26-1
- Rebase to 10.3.26
* Mon Oct 26 2020 Michal Schorm <mschorm(a)redhat.com> - 10.3.25-1
- Rebase to 10.3.25
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1830119 - CVE-2020-2752 CVE-2020-2760 CVE-2020-2812 CVE-2020-2814
mariadb:10.3/mariadb: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1830119
[ 2 ] Bug #1843796 - CVE-2020-13249 mariadb:10.3/mariadb: mariadb-connector-c: Improper
validation of content in a OK packet received from server [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1843796
[ 3 ] Bug #1846527 - CVE-2020-2780 mariadb:10.3/mariadb: mysql: Server: DML unspecified
vulnerability (CPU Apr 2020) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1846527
[ 4 ] Bug #1894078 - CVE-2020-14765 CVE-2020-14776 CVE-2020-14789 CVE-2020-14812
mariadb: various flaws [fedora-31]
https://bugzilla.redhat.com/show_bug.cgi?id=1894078
[ 5 ] Bug #1894663 - mariadb-connector-c-3.1.11 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1894663
--------------------------------------------------------------------------------
================================================================================
mariadb-connector-c-3.1.11-1.fc31 (FEDORA-2020-ac2d47d89a)
The MariaDB Native Client library (C driver)
--------------------------------------------------------------------------------
Update Information:
**MariaDB 10.3.26** **MariaDB connector C/C++ 3.1.11** **Galera 25.3.26**
Release notes:
https://mariadb.com/kb/en/mariadb-10326-release-notes/
https://mariadb.com/kb/en/mariadb-connector-c-3111-release-notes/ ----
**MariaDB 10.3.25** Release notes:
https://mariadb.com/kb/en/mariadb-10325-release-notes/
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 4 2020 Michal Schorm <mschorm(a)redhat.com> - 3.1.11-1
- Rebase to 3.1.11
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1830119 - CVE-2020-2752 CVE-2020-2760 CVE-2020-2812 CVE-2020-2814
mariadb:10.3/mariadb: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1830119
[ 2 ] Bug #1843796 - CVE-2020-13249 mariadb:10.3/mariadb: mariadb-connector-c: Improper
validation of content in a OK packet received from server [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1843796
[ 3 ] Bug #1846527 - CVE-2020-2780 mariadb:10.3/mariadb: mysql: Server: DML unspecified
vulnerability (CPU Apr 2020) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1846527
[ 4 ] Bug #1894078 - CVE-2020-14765 CVE-2020-14776 CVE-2020-14789 CVE-2020-14812
mariadb: various flaws [fedora-31]
https://bugzilla.redhat.com/show_bug.cgi?id=1894078
[ 5 ] Bug #1894663 - mariadb-connector-c-3.1.11 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1894663
--------------------------------------------------------------------------------
================================================================================
openbgpd-6.8p1-1.fc31 (FEDORA-2020-835de3943e)
OpenBGPD Routing Daemon
--------------------------------------------------------------------------------
Update Information:
OpenBGPD 6.8p1 ============== This is the second stable release for the 6.8
version. It includes the following change: * Include OpenBSD 6.8 errata 001:
In `bgpd`, the roa-set parser could leak memory.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 5 2020 Robert Scheck <robert(a)fedoraproject.org> 6.8p1-1
- Upgrade to 6.8p1 (#1895063)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1895063 - openbgpd-6.8p1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1895063
--------------------------------------------------------------------------------
================================================================================
perl-PathTools-3.78-441.fc31 (FEDORA-2020-7e091212a9)
PathTools Perl module (Cwd, File::Spec)
--------------------------------------------------------------------------------
Update Information:
This release fixes copying memory in a Cwd module.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 5 2020 Petr Pisar <ppisar(a)redhat.com> - 3.78-441
- Fix an off-by-one in bsd_realpath()
* Thu Feb 6 2020 Tom Stellard <tstellar(a)redhat.com> - 3.78-440
- Spec file cleanups: Use make_build and make_install macros
-
https://docs.fedoraproject.org/en-US/packaging-guidelines/#_parallel_make
-
https://fedoraproject.org/wiki/Perl/Tips#ExtUtils::MakeMake
--------------------------------------------------------------------------------
================================================================================
slirp4netns-1.1.6-1.fc31 (FEDORA-2020-d8185f7c6f)
slirp for network namespaces
--------------------------------------------------------------------------------
Update Information:
Autobuilt v1.1.6
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 5 2020 RH Container Bot <rhcontainerbot(a)fedoraproject.org> - 1.1.6-1
- autobuilt v1.1.6
--------------------------------------------------------------------------------