The following Fedora 32 Security updates need testing:
Age URL
52
https://bodhi.fedoraproject.org/updates/FEDORA-2021-4c8458e373
containernetworking-plugins-0.9.1-1.fc32
48
https://bodhi.fedoraproject.org/updates/FEDORA-2021-16d1596c42
buildah-1.19.4-1.fc32
37
https://bodhi.fedoraproject.org/updates/FEDORA-2021-88d9d29680
python3-3.8.8-1.fc32
13
https://bodhi.fedoraproject.org/updates/FEDORA-2021-87e26421fb
linux-firmware-20210315-119.fc32
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-2024803354
busybox-1.32.1-1.fc32
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-662680e477
rpm-4.15.1.1-1.fc32.1
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-89cb264e4d exim-4.94-2.fc32
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-dc534847b2 atasm-1.09-1.fc32
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-c93a3a5d3f libldb-2.1.5-1.fc32
samba-4.12.14-0.fc32
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-5a4377797c
spamassassin-3.4.5-1.fc32
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-619711d709
webkit2gtk3-2.30.6-1.fc32
The following Fedora 32 Critical Path updates have yet to be approved:
Age URL
109
https://bodhi.fedoraproject.org/updates/FEDORA-2020-345d2fd2aa
iproute-5.9.0-1.fc32
85
https://bodhi.fedoraproject.org/updates/FEDORA-2021-50c22ae8fd
lua-socket-3.0-0.27.rc1.fc32
37
https://bodhi.fedoraproject.org/updates/FEDORA-2021-88d9d29680
python3-3.8.8-1.fc32
28
https://bodhi.fedoraproject.org/updates/FEDORA-2021-5cf5afe520
hwdata-0.345-1.fc32
18
https://bodhi.fedoraproject.org/updates/FEDORA-2021-ef4aa8623e gdisk-1.0.7-1.fc32
17
https://bodhi.fedoraproject.org/updates/FEDORA-2021-b55547281d
osinfo-db-20210312-1.fc32
13
https://bodhi.fedoraproject.org/updates/FEDORA-2021-d191e54a3c
nfs-utils-2.5.3-1.fc32
13
https://bodhi.fedoraproject.org/updates/FEDORA-2021-49b5302e38
libmaxminddb-1.5.2-1.fc32
13
https://bodhi.fedoraproject.org/updates/FEDORA-2021-b48c01f40a
gnome-shell-3.36.9-1.fc32 mutter-3.36.9-1.fc32
13
https://bodhi.fedoraproject.org/updates/FEDORA-2021-87e26421fb
linux-firmware-20210315-119.fc32
12
https://bodhi.fedoraproject.org/updates/FEDORA-2021-e33f35a999
thunderbird-78.8.1-1.fc32
12
https://bodhi.fedoraproject.org/updates/FEDORA-2021-6540e26fc2 quota-4.05-10.fc32
6
https://bodhi.fedoraproject.org/updates/FEDORA-2021-662680e477
rpm-4.15.1.1-1.fc32.1
4
https://bodhi.fedoraproject.org/updates/FEDORA-2021-c93a3a5d3f libldb-2.1.5-1.fc32
samba-4.12.14-0.fc32
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-dd636b1e54
libgweather-3.36.2-1.fc32
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-275679ee22
gtk3-3.24.28-1.fc32
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-619711d709
webkit2gtk3-2.30.6-1.fc32
The following builds have been pushed to Fedora 32 updates-testing
chromium-89.0.4389.90-3.fc32
fedmod-0.6.3-14.fc32
giada-0.17.2-1.fc32
kiwi-9.23.22-1.fc32
libkcapi-1.2.1-1.fc32
nspr-4.30.0-1.fc32
perl-Perl-Metrics-Simple-1.0.1-1.fc32
php-phpunit-php-code-coverage9-9.2.6-1.fc32
python-pykeepass-4.0.0-2.fc32
python-pyunicorn-0.6.1-2.fc32
rsms-inter-fonts-3.16-1.fc32
taglib-1.12-4.fc32
unrealircd-5.0.9.1-1.fc32
video-downloader-0.7.2-1.fc32
whois-5.5.9-1.fc32
xen-4.13.3-1.fc32
ydotool-0.2.0-5.fc32
Details about builds:
================================================================================
chromium-89.0.4389.90-3.fc32 (FEDORA-2021-141d8640ce)
A WebKit (Blink) powered web browser that Google doesn't want you to use
--------------------------------------------------------------------------------
Update Information:
Fix issue where chromium would crash upon accessing components/cast_*. Thanks to
Gentoo for the patch. It also fixes some security issues, because why not:
CVE-2021-21191 CVE-2021-21192 CVE-2021-21193
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 25 2021 Tom Callaway <spot(a)fedoraproject.org> - 89.0.4389.90-3
- apply upstream fix for newer system libva
* Wed Mar 24 2021 Tom Callaway <spot(a)fedoraproject.org> - 89.0.4389.90-2
- fix crashes with components/cast_*
* Thu Mar 18 2021 Tom Callaway <spot(a)fedoraproject.org> - 89.0.4389.90-1
- update to 89.0.4389.90
- disable auto-download of widevine binary only blob
* Mon Mar 15 2021 Tom Callaway <spot(a)fedoraproject.org> - 89.0.4389.82-2
- add support for futex_time64
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1939460 - CVE-2021-21191 chromium-browser: Use after free in WebRTC
https://bugzilla.redhat.com/show_bug.cgi?id=1939460
[ 2 ] Bug #1939461 - CVE-2021-21192 chromium-browser: Heap buffer overflow in tab
groups
https://bugzilla.redhat.com/show_bug.cgi?id=1939461
[ 3 ] Bug #1939462 - CVE-2021-21193 chromium-browser: Use after free in Blink
https://bugzilla.redhat.com/show_bug.cgi?id=1939462
--------------------------------------------------------------------------------
================================================================================
fedmod-0.6.3-14.fc32 (FEDORA-2021-2aa85feee0)
Utilities for generating & maintaining modulemd files
--------------------------------------------------------------------------------
Update Information:
Add support for F34, and update rpm2flatpak to use 'stable' branch rather than
'master' (all flatpak master branches were renamed to stable in dist-git).
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 29 2021 Kalev Lember <klember(a)redhat.com> - 0.6.3-14
- Add f34 branched dataset and update the default
- rpm2flatpak: Use 'stable' branch rather than 'master'
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.6.3-13
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
giada-0.17.2-1.fc32 (FEDORA-2021-254b23994c)
Your hardcore loop machine
--------------------------------------------------------------------------------
Update Information:
New upstream version 0.17.2 ---- Unbundle json/���JSON for Modern
C++���/nlohmann_json
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 28 2021 Benjamin A. Beasley <code(a)musicinmybrain.net> - 0.17.2-1
- New upstream version 0.17.2
- Replace giada-0.17.1-fix-install-path.patch with setting CMAKE_INSTALL_PREFIX
to an unusual value
- Switch to GitHub source tarball
- Validate bundled rtaudio version in %check
- Work around arched json-static for now
* Sat Mar 27 2021 Benjamin A. Beasley <code(a)musicinmybrain.net> - 0.17.1-5.1
- Fix Fedora 32 compatibility
* Fri Mar 26 2021 Benjamin A. Beasley <code(a)musicinmybrain.net> - 0.17.1-5
- Unbundle json/���JSON for Modern C++���/nlohmann_json
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1943881 - giada-0.17.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1943881
--------------------------------------------------------------------------------
================================================================================
kiwi-9.23.22-1.fc32 (FEDORA-2021-578713e169)
Flexible operating system image builder
--------------------------------------------------------------------------------
Update Information:
Update to 9.23.22 to fix `yum` redirecting to `dnf` properly in image
descriptions.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 29 2021 Neal Gompa <ngompa13(a)gmail.com> - 9.23.22-1
- Update to 9.23.22 (RH#1941503)
* Wed Mar 17 2021 Neal Gompa <ngompa13(a)gmail.com> - 9.23.20-3
- Update kiwi-schema provides to match the current schema version
- Sync systemdeps dependencies from upstream
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1941503 - kiwi-9.23.22 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1941503
--------------------------------------------------------------------------------
================================================================================
libkcapi-1.2.1-1.fc32 (FEDORA-2021-a51c0106f6)
User space interface to the Linux Kernel Crypto API
--------------------------------------------------------------------------------
Update Information:
Update libkcapi to upstream version 1.2.1. Only minor fixes in this release.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 15 2021 Sahana Prasad <sahana(a)redhat.com> - 1.2.1-1
- Update to upstream version 1.2.1
- Remove patch fix MSG_MORE uasge as it is added upstream
- Remove cppcheck dependency for rhel bz#1931518
- Add a patch to fix fuzz tests
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.2.0-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
nspr-4.30.0-1.fc32 (FEDORA-2021-71928b0f1d)
Netscape Portable Runtime
--------------------------------------------------------------------------------
Update Information:
Update NSPR to 4.30 for NSS 3.63
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 24 2021 Bob Relyea <rrelyea(a)redhat.com> - 4.30.0-1
- Update to NSPR 4.30
--------------------------------------------------------------------------------
================================================================================
perl-Perl-Metrics-Simple-1.0.1-1.fc32 (FEDORA-2021-cefcaa82a2)
Count packages, subs, lines, etc. of many files
--------------------------------------------------------------------------------
Update Information:
This releease improves the tests. ---- This release fixes metadata for its
tests. We deliver it mainly to provide an up-to-date version string. ---- This
release brings a support for HTML and JSON output.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 29 2021 Petr Pisar <ppisar(a)redhat.com> - 1.0.1-1
- 1.0.1 bump
* Fri Mar 26 2021 Petr Pisar <ppisar(a)redhat.com> - 1.0.0-2
- Correct dependencies for the tests
* Fri Mar 26 2021 Petr Pisar <ppisar(a)redhat.com> - 1.0.0-1
- 1.0.0 bump
* Mon Mar 22 2021 Michal Josef Spacek <mspacek(a)redhat.com> - 0.19-1
- 0.19 bump
- Package tests
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1941319 - perl-Perl-Metrics-Simple-0.19 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1941319
[ 2 ] Bug #1943227 - perl-Perl-Metrics-Simple-1.0.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1943227
[ 3 ] Bug #1943812 - perl-Perl-Metrics-Simple-1.0.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1943812
--------------------------------------------------------------------------------
================================================================================
php-phpunit-php-code-coverage9-9.2.6-1.fc32 (FEDORA-2021-8208d43505)
PHP code coverage information
--------------------------------------------------------------------------------
Update Information:
**Version 9.2.6** - 2021-03-28 Fixed *
[#846](https://github.com/sebastianbergmann/php-code-coverage/issues/846):
Method name should not appear in the method signature attribute of Cobertura XML
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 29 2021 Remi Collet <remi(a)remirepo.net> - 9.2.6-1
- update to 9.2.6
--------------------------------------------------------------------------------
================================================================================
python-pykeepass-4.0.0-2.fc32 (FEDORA-2021-962f77cf03)
Python library to interact with keepass databases
--------------------------------------------------------------------------------
Update Information:
build: Drop manual Requires
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 29 2021 Artem Polishchuk <ego.cordatus(a)gmail.com> - 4.0.0-2
- build: Drop manual Requires
--------------------------------------------------------------------------------
================================================================================
python-pyunicorn-0.6.1-2.fc32 (FEDORA-2021-4e160e605b)
Unified complex network and recurrence analysis toolbox
--------------------------------------------------------------------------------
Update Information:
New package
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
rsms-inter-fonts-3.16-1.fc32 (FEDORA-2021-e0d935bd62)
The Inter font family
--------------------------------------------------------------------------------
Update Information:
* Fixes issues with appearance in Microsoft Word.
[#352](https://github.com/rsms/inter/issues/352) (note that
[#156](https://github.com/rsms/inter/issues/156) is still unresolved although we
have made some progress in v3.16 toward developing workarounds for certain
printers.) * Fixes double grave interpolation issue.
[#317](https://github.com/rsms/inter/issues/317) * Fixes design issue with
glyphs acutedblnosp, dblgravecmb, uni02F6 and uni02F5.
[#339](https://github.com/rsms/inter/issues/339) * Fixes missing or incorrect
mark anchors in several turn* glyphs.
[#336](https://github.com/rsms/inter/issues/336) * Adds Baht currency glyph
U+0E3F. [#323](https://github.com/rsms/inter/issues/323) * Improvement to
Latin iota (lower and upper case) glyphs.
[#340](https://github.com/rsms/inter/issues/340) * Improvement to some
numerical fraction glyphs * Adds a dummy DSIG table to address issues with
Microsoft Office 2003 and older * Improvements when using Inter with certain
older Microsoft products by decomposing any nested components which some of that
software has issues with
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 29 2021 Mohamed El Morabity <melmorabity(a)fedoraproject.org> - 3.16-1
- Update to 3.16
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1944063 - rsms-inter-fonts-3.16 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1944063
--------------------------------------------------------------------------------
================================================================================
taglib-1.12-4.fc32 (FEDORA-2021-7fa34a0d1f)
Audio Meta-Data Library
--------------------------------------------------------------------------------
Update Information:
Latest stable upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 29 2021 Rex Dieter <rdieter(a)fedoraproject.org> - 1.12-4
- fix multilib.patch (#1943870)
* Wed Mar 3 2021 Rex Dieter <rdieter(a)fedoraproject.org> - 1.12-3
- -devel: fix/drop -lz references in taglib-config, taglib.pc
* Tue Feb 16 2021 Rex Dieter <rdieter(a)fedoraproject.org> - 1.12-2
- use versioned obsoletes
* Tue Feb 16 2021 David King <amigadave(a)amigadave.com> - 1.12-1
- Update to 1.12 (#1584870)
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.11.1-14
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Jul 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.11.1-13
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
unrealircd-5.0.9.1-1.fc32 (FEDORA-2021-9abcc06b19)
Open Source IRC server
--------------------------------------------------------------------------------
Update Information:
# UnrealIRCd 5.0.9.1 * Build improvements on *NIX
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 26 2021 Robert Scheck <robert(a)fedoraproject.org> 5.0.9.1-1
- Upgrade to 5.0.9.1 (#1943492)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1943492 - unrealircd-5.0.9.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1943492
--------------------------------------------------------------------------------
================================================================================
video-downloader-0.7.2-1.fc32 (FEDORA-2021-47c0b39bcc)
Download videos from websites like YouTube and many others
--------------------------------------------------------------------------------
Update Information:
Update to 0.7.2
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 29 2021 Artem Polishchuk <ego.cordatus(a)gmail.com> - 0.7.2-1
- build(update): 0.7.2
* Mon Feb 8 2021 Artem Polishchuk <ego.cordatus(a)gmail.com> - 0.7.1-1
- build(update): 0.7.1
--------------------------------------------------------------------------------
================================================================================
whois-5.5.9-1.fc32 (FEDORA-2021-03b2a9bd68)
Improved WHOIS client
--------------------------------------------------------------------------------
Update Information:
This release updates records for cd., cf., and ga. domains. It also removes
records for 72 deceased domains.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 29 2021 Petr Pisar <ppisar(a)redhat.com> - 5.5.9-1
- 5.5.9 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1943877 - whois-5.5.9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1943877
--------------------------------------------------------------------------------
================================================================================
xen-4.13.3-1.fc32 (FEDORA-2021-bbbefdb6ec)
Xen is a virtual machine monitor
--------------------------------------------------------------------------------
Update Information:
update to 4.13.3
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 29 2021 Michael Young <m.a.young(a)durham.ac.uk> - 4.13.3-1
- update to 4.13.3
remove patches now included or superceded upstream
adjust xen.hypervisor.config
--------------------------------------------------------------------------------
================================================================================
ydotool-0.2.0-5.fc32 (FEDORA-2021-ad96c76e97)
Generic command-line automation tool (no X!)
--------------------------------------------------------------------------------
Update Information:
Rebuilt for updated systemd-rpm-macros
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 2 2021 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> - 0.2.0-5
- Rebuilt for updated systemd-rpm-macros
See
https://pagure.io/fesco/issue/2583.
* Thu Jan 28 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.2.0-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Fri Jan 22 2021 Jonathan Wakely <jwakely(a)redhat.com> - 0.2.0-3
- Rebuilt for Boost 1.75
* Wed Jan 20 2021 Bob Hepple <bob.hepple(a)gmail.com> - 0.2.0-2
- rebuilt excluding s390x and ppc64le
* Mon Jan 11 2021 Bob Hepple <bob.hepple(a)gmail.com> - 0.2.0-1
- new version
- upstream has dropped the idea of -devel libraries so we are only
distributing the regular package now; also libevdevPlus-devel and
libuInputPlus-devel are no longer needed as they are now compiled
in.
--------------------------------------------------------------------------------