The following Fedora 33 Security updates need testing:
Age URL
193
https://bodhi.fedoraproject.org/updates/FEDORA-2021-c3d587d52c shim-15.4-1
12
https://bodhi.fedoraproject.org/updates/FEDORA-2021-c24b515a72
firefox-93.0-2.fc33
7
https://bodhi.fedoraproject.org/updates/FEDORA-2021-c5a9c85737
flatpak-1.10.5-1.fc33
5
https://bodhi.fedoraproject.org/updates/FEDORA-2021-7f5a82ef57
libzapojit-0.0.3-19.fc33
5
https://bodhi.fedoraproject.org/updates/FEDORA-2021-84f4cf3244
vim-8.2.3512-1.fc33
5
https://bodhi.fedoraproject.org/updates/FEDORA-2021-cbad295a90
nodejs-14.18.1-1.fc33
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-b2c6765a41
thunderbird-91.2.0-1.fc33
0
https://bodhi.fedoraproject.org/updates/FEDORA-2021-4140b54de2 php-7.4.25-1.fc33
0
https://bodhi.fedoraproject.org/updates/FEDORA-2021-1cc8ffd122
java-1.8.0-openjdk-1.8.0.312.b07-1.fc33
0
https://bodhi.fedoraproject.org/updates/FEDORA-2021-9a51a6f8b1
java-11-openjdk-11.0.13.0.8-1.fc33
The following Fedora 33 Critical Path updates have yet to be approved:
Age URL
212
https://bodhi.fedoraproject.org/updates/FEDORA-2021-2961f34ccb
PackageKit-1.2.3-1.fc33
147
https://bodhi.fedoraproject.org/updates/FEDORA-2021-4797e362b3 abrt-2.14.6-1.fc33
libreport-2.15.1-1.fc33 satyr-0.37-2.fc33
63
https://bodhi.fedoraproject.org/updates/FEDORA-2021-4ccf3840ed
gnome-shell-3.38.6-1.fc33 mutter-3.38.6-1.fc33
12
https://bodhi.fedoraproject.org/updates/FEDORA-2021-50faf017ce bc-1.07.1-14.fc33
12
https://bodhi.fedoraproject.org/updates/FEDORA-2021-c24b515a72
firefox-93.0-2.fc33
12
https://bodhi.fedoraproject.org/updates/FEDORA-2021-3b48e0d8cb
tzdata-2021c-1.fc33
11
https://bodhi.fedoraproject.org/updates/FEDORA-2021-5d0f71681e
btrfs-progs-5.14.2-1.fc33
10
https://bodhi.fedoraproject.org/updates/FEDORA-2021-269ba2a5f1
perl-Encode-3.08-461.fc33
10
https://bodhi.fedoraproject.org/updates/FEDORA-2021-edc35b2812 koji-1.26.1-1.fc33
7
https://bodhi.fedoraproject.org/updates/FEDORA-2021-c5a9c85737
flatpak-1.10.5-1.fc33
5
https://bodhi.fedoraproject.org/updates/FEDORA-2021-54093e2d55 gdb-10.2-4.fc33
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-b2c6765a41
thunderbird-91.2.0-1.fc33
The following builds have been pushed to Fedora 33 updates-testing
kernel-5.14.14-100.fc33
notmuch-0.33.1-1.fc33
python-meautility-1.5.0-1.fc33
strongswan-5.9.4-1.fc33
vim-pathogen-2.4-5.20210104gite0a3efb.fc33
wget-1.21.2-2.fc33
Details about builds:
================================================================================
kernel-5.14.14-100.fc33 (FEDORA-2021-85ddb22e57)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
The 5.14.14 stable kernel update contains a number of important fixes across the
tree.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 20 2021 Justin M. Forbes <jforbes(a)fedoraproject.org> [5.14.14-0]
- autofs: fix wait name hash calculation in autofs_wait() (Ian Kent)
- Fix up quirk to match upstream (Justin M. Forbes)
- Re-enable CONFIG_RDMA_RXE for Fedora (Justin M. Forbes)
- Fix up backport of Dell XPS 9710 quirk (Justin M. Forbes)
- Fix changelog missing entries (Justin M. Forbes)
--------------------------------------------------------------------------------
================================================================================
notmuch-0.33.1-1.fc33 (FEDORA-2021-e601b9758b)
System for indexing, searching, and tagging email
--------------------------------------------------------------------------------
Update Information:
fix potential information leak (bz #2003106)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 10 2021 Michael J Gruber <mjg(a)fedoraproject.org> 0.33.1-1
- fix potential information leak (bz #2003106)
* Sat Sep 4 2021 Michael J Gruber <mjg(a)fedoraproject.org> 0.33-1
- rebase with upstream release 0.33 (bz #1994846)
* Sun Aug 29 2021 Michael J Gruber <mjg(a)fedoraproject.org> 0.33~rc0-1
- rebase with upstream RC
* Wed Aug 18 2021 Dan ��erm��k <dan.cermak(a)cgc-instruments.com> 0.32.3-4
- Remove no longer required info page installation
* Wed Aug 18 2021 Dan ��erm��k <dan.cermak(a)cgc-instruments.com> 0.32.3-3
- Remove no longer required
* Wed Aug 18 2021 Dan ��erm��k <dan.cermak(a)cgc-instruments.com> 0.32.3-2
- Remove outdated switches in the spec
* Wed Aug 18 2021 Dan ��erm��k <dan.cermak(a)cgc-instruments.com> 0.32.3-1
- New upstream release 0.32.3
* Thu Jul 22 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.32.2-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Mon Jun 28 2021 Michael J Gruber <mjg(a)fedoraproject.org> - 0.32.2-1
- rebase with upstream release 0.32.2 (bz #1976601)
* Wed Jun 9 2021 Michael J Gruber <mjg(a)fedoraproject.org> - 0.32.1-4
- prepare for ELN and upcoming RHEL
* Fri Jun 4 2021 Python Maint <python-maint(a)redhat.com> - 0.32.1-3
- Rebuilt for Python 3.10
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2003106 - notmuch-0.33.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2003106
--------------------------------------------------------------------------------
================================================================================
python-meautility-1.5.0-1.fc33 (FEDORA-2021-cfb62c6c28)
Package for multi-electrode array (MEA) handling and stimulation
--------------------------------------------------------------------------------
Update Information:
Update to 1.5.0. Upstream does not provide a changelog or release notes, but
1.5.0 is believed to be a compatible upgrade to 1.4.8. ---- Add a new `python-
meautility-doc` subpackage containing Sphinx-generated documentation in PDF
format. ---- Ensure tests (`MEAutility.tests`) are not packaged.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Oct 19 2021 Benjamin A. Beasley <code(a)musicinmybrain.net> - 1.5.0-1
- Upgrade to 1.5.0 (close RHBZ#2012846)
- Switch to pyproject-rpm-macros
- Ensure tests are not packaged
- Build Sphinx-generated PDF documentation and add a -doc subpackage
* Fri Jul 23 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.4.8-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Fri Jun 4 2021 Python Maint <python-maint(a)redhat.com> - 1.4.8-3
- Rebuilt for Python 3.10
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.4.8-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2012846 - python-meautility-1.5.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2012846
--------------------------------------------------------------------------------
================================================================================
strongswan-5.9.4-1.fc33 (FEDORA-2021-b3df83339e)
An OpenSource IPsec-based VPN and TNC solution
--------------------------------------------------------------------------------
Update Information:
Fix for CVE-2021-41990 and CVE-2021-41991
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 20 2021 Paul Wouters <paul.wouters(a)aiven.io> - 5.9.4-1
- Resolves: rhbz#2015165 strongswan-5.9.4 is available
- Resolves: rhbz#2015611 CVE-2021-41990 strongswan: gmp plugin: integer overflow via a
crafted certificate with an RSASSA-PSS signature
- Resolves: rhbz#2015614 CVE-2021-41991 strongswan: integer overflow when replacing
certificates in cache
- Add BuildRequire for tpm2-tss-devel and weak dependency for tpm2-tools
* Tue Sep 14 2021 Sahana Prasad <sahana(a)redhat.com> - 5.9.3-4
- Rebuilt with OpenSSL 3.0.0
* Fri Jul 23 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 5.9.3-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Sat Jul 10 2021 Bj��rn Esser <besser82(a)fedoraproject.org> - 5.9.3-2
- Rebuild for versioned symbols in json-c
* Tue Jul 6 2021 Paul Wouters <paul.wouters(a)aiven.io> - 5.9.3-1
- Resolves: rhbz#1979574 strongswan-5.9.3 is available
- Make strongswan main dir world readable so apps can find strongswan.conf
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2015165 - strongswan-5.9.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2015165
[ 2 ] Bug #2015611 - CVE-2021-41990 strongswan: gmp plugin: integer overflow via a
crafted certificate with an RSASSA-PSS signature [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2015611
[ 3 ] Bug #2015614 - CVE-2021-41991 strongswan: integer overflow when replacing
certificates in cache [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2015614
--------------------------------------------------------------------------------
================================================================================
vim-pathogen-2.4-5.20210104gite0a3efb.fc33 (FEDORA-2021-d9ab6269d4)
Manage your runtimepath
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 20 2021 Artem Polishchuk <ego.cordatus(a)gmail.com> -
2.4-5.20210104gite0a3efb
- chore(update): Latest git snapshot
* Fri Jul 23 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
2.4-4.20190625gitc6bc424
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> -
2.4-3.20190625gitc6bc424
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
wget-1.21.2-2.fc33 (FEDORA-2021-32d0a39c1a)
A utility for retrieving files using the HTTP or FTP protocols
--------------------------------------------------------------------------------
Update Information:
Fix for #2014743 - wget regression SSL_INIT output even with --quiet enabled
---- New version 1.21.1 Fix for bug #2010039
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 20 2021 Michal Ruprich <mruprich(a)redhat.com> - 1.21.2-2
- Fix for #2014743 - wget regression SSL_INIT output even with --quiet enabled
* Fri Oct 15 2021 Michal Ruprich <mruprich(a)redhat.com> - 1.21.2-1
- New version 1.21.2
- Fix for #2010039 - [abrt] wget: find_cell(): wget killed by SIGSEGV
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2010039 - [abrt] wget: find_cell(): wget killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=2010039
[ 2 ] Bug #2014743 - wget regression SSL_INIT output even with --quiet enabled
https://bugzilla.redhat.com/show_bug.cgi?id=2014743
--------------------------------------------------------------------------------