The following Fedora 34 Security updates need testing:
Age URL
62
https://bodhi.fedoraproject.org/updates/FEDORA-2022-6aba96e1b8
radare2-5.6.4-1.fc34
14
https://bodhi.fedoraproject.org/updates/FEDORA-2022-2fec5f30be git-2.34.3-1.fc34
14
https://bodhi.fedoraproject.org/updates/FEDORA-2022-63de6726ce
libinput-1.19.4-1.fc34
13
https://bodhi.fedoraproject.org/updates/FEDORA-2022-5e637f6cc6
podman-3.4.7-1.fc34
8
https://bodhi.fedoraproject.org/updates/FEDORA-2022-b0a47f8060
freerdp-2.7.0-1.fc34
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-a0a4c7eb31 redis-6.2.7-1.fc34
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-5d6aaab56e
maven-shared-utils-3.2.1-0.9.fc34
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-5cfe372ab7
mariadb-10.5.15-1.fc34
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-9cc421562b
java-1.8.0-openjdk-1.8.0.332.b09-1.fc34 java-11-openjdk-11.0.15.0.10-1.fc34
java-17-openjdk-17.0.3.0.7-1.fc34 java-latest-openjdk-18.0.1.0.10-1.rolling.fc34
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-34de4f833d
cifs-utils-6.15-1.fc34
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-fc5776b142
curl-7.76.1-15.fc34
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-d9d630891d
blender-2.93.8-2.fc34
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-f624aad735
libxml2-2.9.14-1.fc34
0
https://bodhi.fedoraproject.org/updates/FEDORA-2022-abbb9d5575
seamonkey-2.53.12-1.fc34
0
https://bodhi.fedoraproject.org/updates/FEDORA-2022-0f15da474c
firefox-100.0-2.fc34
0
https://bodhi.fedoraproject.org/updates/FEDORA-2022-857d1f7050
mingw-SDL2_ttf-2.0.18-2.fc34
The following Fedora 34 Critical Path updates have yet to be approved:
Age URL
392
https://bodhi.fedoraproject.org/updates/FEDORA-2021-1300e131b6 ddpt-0.96-4.fc34
ledmon-0.95-4.fc34 libgpod-0.8.3-38.fc34 libzfcphbaapi-2.2.0-12.fc34 lsvpd-1.7.11-6.fc34
sg3_utils-1.46-1.fc34 udisks-1.0.5-18.fc34
114
https://bodhi.fedoraproject.org/updates/FEDORA-2022-e3b891fe11 gdb-11.1-7.fc34
62
https://bodhi.fedoraproject.org/updates/FEDORA-2022-8f3103b973
hwdata-0.357-1.fc34
44
https://bodhi.fedoraproject.org/updates/FEDORA-2022-dab75a01b8
gnome-shell-40.10-1.fc34 gnome-shell-extensions-40.7-1.fc34 mutter-40.10-1.fc34
29
https://bodhi.fedoraproject.org/updates/FEDORA-2022-eb1d10aba3 libldb-2.3.3-1.fc34
samba-4.14.13-0.fc34
14
https://bodhi.fedoraproject.org/updates/FEDORA-2022-63de6726ce
libinput-1.19.4-1.fc34
14
https://bodhi.fedoraproject.org/updates/FEDORA-2022-2fec5f30be git-2.34.3-1.fc34
13
https://bodhi.fedoraproject.org/updates/FEDORA-2022-86a5792181
webkit2gtk3-2.36.1-1.fc34
13
https://bodhi.fedoraproject.org/updates/FEDORA-2022-13c91c9fef
langtable-0.0.58-1.fc34
11
https://bodhi.fedoraproject.org/updates/FEDORA-2022-41e16c6c1e annobin-9.79-5.fc34
gcc-11.3.1-2.fc34
11
https://bodhi.fedoraproject.org/updates/FEDORA-2022-681d2ee7ea rtkit-0.11-28.fc34
10
https://bodhi.fedoraproject.org/updates/FEDORA-2022-c17b776b17 inih-55-1.fc34
8
https://bodhi.fedoraproject.org/updates/FEDORA-2022-b0a47f8060
freerdp-2.7.0-1.fc34
7
https://bodhi.fedoraproject.org/updates/FEDORA-2022-095ac0abfb
livecd-tools-30.0-1.fc34
7
https://bodhi.fedoraproject.org/updates/FEDORA-2022-47554f7728
gnutls-3.7.4-1.fc34
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-f624aad735
libxml2-2.9.14-1.fc34
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-fc5776b142
curl-7.76.1-15.fc34
0
https://bodhi.fedoraproject.org/updates/FEDORA-2022-0f15da474c
firefox-100.0-2.fc34
The following builds have been pushed to Fedora 34 updates-testing
erlang-23.3.4.14-1.fc34
fldigi-4.1.21-1.fc34
freetype-2.10.4-6.fc34
glibmm24-2.66.4-1.fc34
gtkmm30-3.24.6-1.fc34
java-1.8.0-openjdk-aarch32-1.8.0.332.b09-1.fc34
keylime-6.4.0-1.fc34
mangohud-0.6.7-2.fc34
mingw-glibmm24-2.66.4-1.fc34
mingw-gtkmm30-3.24.6-1.fc34
myproxy-6.2.9-9.fc34
osbuild-composer-51-1.fc34
perl-Alien-Libxml2-0.17-5.fc34
scap-security-guide-0.1.61-1.fc34
Details about builds:
================================================================================
erlang-23.3.4.14-1.fc34 (FEDORA-2022-ce839ef954)
General-purpose programming language and runtime environment
--------------------------------------------------------------------------------
Update Information:
Erlang ver. 23.3.4.14
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 4 2022 Peter Lemenkov <lemenkov(a)gmail.com> - 23.3.4.14-1
- Ver. 23.3.4.14
--------------------------------------------------------------------------------
================================================================================
fldigi-4.1.21-1.fc34 (FEDORA-2022-b7e5aeb093)
Digital modem program for Linux
--------------------------------------------------------------------------------
Update Information:
Version 4.1.21 * Maintenance release . many changes, refer to
git log APPLE PortAudio * add device index to device names to allow
fldigi choice menu to discern amongst identical devices . i.e.
multiple C-Media USB Audio Devices will possibly list as -
C-Media USB Audio Device #3 - C-Media USB Audio Device #5 Lion
compilation * fix missing includes for mach_time.h in cw.cxx IPC log
report * change logging date report to date ON vice date OFF xmlrpc
methods * add new methods all data in ADIF 3.1.2 compliant format
. logbook.last_record . logbook.all_records * add new methods as
ADIF 3.1.2 compliant strings . modem.get_mode .
modem.get_submode * add new date-time methods . log.get_time_on
. log.get_date_on . log.get_time_off . log.get_date_off
date-time correctly synchronized and in ZULU time CW h/w weight *
provide control to control keying weight for DTR/RTS keying. build
m4 script * correction to m4 build script for libmbedtls test trx fft
* Add fft monitoring of transmitted signal flrig poll * provide user
configurable poll interval CW/FSK * update flrig cw/rtty code *
update rigcat FSK code - separate all bit timing from main thread
- adjust sleep method for OS-X performance - adjust sleep method for
Windows OS * add missing FSK commport control initialization *
update cwio DTR/RTS rigcat keying - replace bit timing with high
resolution interval timer - deprecate timing compensation - test
satisfactory on Linux, 5 to 100 WPM log macro * fix parsing bug when
a trailing <HS, <LOCK etc is in macro text psk reporter * update to
report generation logic Documentation * Build instructions, update
link * operating multiple copies, fix --config-dir text FFT Monitor
update * Add complex signal processing to FFT usage CW multi-channel
* changed cw viewer multi-decoder filtering to use independent fir
bandpass filter centered on 50 Hz intervals . out-of-band reject 60 dB
between adjacent channels * add right click clears channel to cw viewer
PO translator recognition * Correct entry for Italian translator fmt
debug file * suppress writing fmt debug.csv file IFKP Avatar *
Fix crash when sending IFKP avatar FSK keying * add ability to key
xcvr in FSK using either . a DTR or RTS serial signal line (default
RTS). . serial port can be shared with rigio or a separate port *
SPACE always sent as LETTERS character * 100% functional on Linux
including Pi3/4 * 100% functional on on macOS 11.6, 10.13.6, and 10.7.5
* 100% functional on Win-10 * BUG - fixed excessive CPU usage while Tx
without text (idle) * TIMING - tune timing loop for slow cpu's such as Pi3
* update to accu_sleep . improved function performance . move
accu_sleep to util.cxx * update to baudot generator * add flrig /
FSK interface xmlrpc QSY * add enable/disable QSY xmlrpc command for
server dxcluster * bug - do not change mode if comments do not
contain a valid ADIF mode name * set correct mode based on dxline
contents * qsy to rf/sweetspot for identified mode Mode Parameters
* save squelch settings by mode and reapply when mode selected: squelch
value, squelch button . setting saved in file squelch_by_mode.prefs
located in the fldigi main files folder. prefs files are
user editable text format which are read during program start up.
* save and reapply AFC state by mode * save and reapply TX level
attenuator by mode * initialize all values to current states on first
execution, or when file mode_state.prefs is deleted. MAPIT macro *
force lat/lon specifier to use '.' and NOT ',' Google maps will
not
accept the ',' decimal separator Documentation update * add/update
documentation for . Domino-EX Micro . OFDM modes . Thor
Micro . Thor 25/50/100 . 8 psk modes Polish translation
update * update to pl.po provided by Roman Baginski, SP4JEU flarq
using fix WinKeyer * Fix disconnect between fldigi and WinKeyer
potentiometer * Change WK WPM char/space timing. . remove
dependence on winkeyer echo . allow user to calibrate to a nominal WPM
setting KNWD cat keying synop event reporting * changed default
event reporting to VERBOSE to reduce event log noise for users not
operating SYNOP RsID EOT * Add RsID end-of-transmission code
sequence, 263 . separately configurable notify dialog MacOS Lion
seg fault * Disallow static instantiation of cMorse class. .
ALWAYS USE cMorse * instantiation. using namespace std * deprecate
usage. conflicts caused by c++11 compiler when building 64 bit minGW
target . remove all use of "using namespace std" . add explicit
"std::" predecessor for every standard lib reference
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 4 2022 Richard Shaw <hobbes1069(a)gmail.com> - 4.1.21-1
- Update to 4.1.21.
* Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.1.20-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2081549 - fldigi-4.1.21 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2081549
--------------------------------------------------------------------------------
================================================================================
freetype-2.10.4-6.fc34 (FEDORA-2022-5e45671294)
A free and portable font rendering engine
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2022-27404, CVE-2022-27405 and CVE-2022-27406.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 3 2022 Marek Kasik <mkasik(a)redhat.com> - 2.10.4-6
- Guard face->size
- Resolves: #2079181
* Tue May 3 2022 Marek Kasik <mkasik(a)redhat.com> - 2.10.4-5
- Properly guard "face_index"
- Resolves: #2079255
* Tue May 3 2022 Marek Kasik <mkasik(a)redhat.com> - 2.10.4-4
- Avoid invalid face index
- Resolves: #2079203
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2077985 - CVE-2022-27406 Freetype: Segmentation violation
https://bugzilla.redhat.com/show_bug.cgi?id=2077985
[ 2 ] Bug #2077989 - CVE-2022-27404 FreeType: Buffer Overflow
https://bugzilla.redhat.com/show_bug.cgi?id=2077989
[ 3 ] Bug #2077991 - CVE-2022-27405 FreeType: Segementation Fault
https://bugzilla.redhat.com/show_bug.cgi?id=2077991
--------------------------------------------------------------------------------
================================================================================
glibmm24-2.66.4-1.fc34 (FEDORA-2022-ce42d27317)
C++ interface for the GLib library
--------------------------------------------------------------------------------
Update Information:
Update to 2.66.4 and 3.24.6
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 4 2022 David King <amigadave(a)amigadave.com> - 2.66.4-1
- Update to 2.66.4
* Tue May 3 2022 David King <amigadave(a)amigadave.com> - 2.66.3-1
- Update to 2.66.3
--------------------------------------------------------------------------------
================================================================================
gtkmm30-3.24.6-1.fc34 (FEDORA-2022-ce42d27317)
C++ interface for the GTK+ library
--------------------------------------------------------------------------------
Update Information:
Update to 2.66.4 and 3.24.6
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 4 2022 David King <amigadave(a)amigadave.com> - 3.24.6-1
- Update to 3.24.6
--------------------------------------------------------------------------------
================================================================================
java-1.8.0-openjdk-aarch32-1.8.0.332.b09-1.fc34 (FEDORA-2022-efaa7e8775)
OpenJDK Runtime Environment 8 in a preview of the OpenJDK AArch32 project
--------------------------------------------------------------------------------
Update Information:
8u332 update
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 3 2022 Alex Kashchenko <akashche(a)redhat.com> - 1:1.8.0.332.b09-1
- update sources to 8u332
- sync with mainline package
--------------------------------------------------------------------------------
================================================================================
keylime-6.4.0-1.fc34 (FEDORA-2022-f9ace23a78)
Open source TPM software for Bootstrapping and Maintaining Trust
--------------------------------------------------------------------------------
Update Information:
Updating for Keylime release v6.4.0 Fixes CVE-2022-1053
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 4 2022 Sergio Correia <scorreia(a)redhat.com> - 6.4.0-1
- Updating for Keylime release v6.4.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2065024 - Private bug
https://bugzilla.redhat.com/show_bug.cgi?id=2065024
--------------------------------------------------------------------------------
================================================================================
mangohud-0.6.7-2.fc34 (FEDORA-2022-ca59fd18ac)
Vulkan overlay layer for monitoring FPS, temperatures, CPU/GPU load and more
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 4 2022 Artem Polishchuk <ego.cordatus(a)gmail.com> - 0.6.7-1
- chore(update): 0.6.7
* Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.6.6-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
mingw-glibmm24-2.66.4-1.fc34 (FEDORA-2022-8407a4e3fe)
MinGW Windows C++ interface for GTK2 (a GUI library for X)
--------------------------------------------------------------------------------
Update Information:
Update to gtkmm30-3.24.6 and glibmm-2.66.4, see
https://ftp.fau.de/gnome/sources/gtkmm/3.24/gtkmm-3.24.6.news and
https://ftp.fau.de/gnome/sources/glibmm/2.66/glibmm-2.66.4.news for details.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 4 2022 Sandro Mani <manisandro(a)gmail.com> - 2.66.4-1
- Update to 2.66.4
* Wed May 4 2022 Sandro Mani <manisandro(a)gmail.com> - 2.66.3-1
- Update to 2.66.3
--------------------------------------------------------------------------------
================================================================================
mingw-gtkmm30-3.24.6-1.fc34 (FEDORA-2022-8407a4e3fe)
MinGW Windows C++ interface for the GTK+ library
--------------------------------------------------------------------------------
Update Information:
Update to gtkmm30-3.24.6 and glibmm-2.66.4, see
https://ftp.fau.de/gnome/sources/gtkmm/3.24/gtkmm-3.24.6.news and
https://ftp.fau.de/gnome/sources/glibmm/2.66/glibmm-2.66.4.news for details.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 4 2022 Sandro Mani <manisandro(a)gmail.com> - 3.24.6-1
- Update to 3.24.6
* Fri Mar 25 2022 Sandro Mani <manisandro(a)gmail.com> - 3.24.5-4
- Rebuild with mingw-gcc-12
* Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.24.5-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Thu Jul 22 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.24.5-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
myproxy-6.2.9-9.fc34 (FEDORA-2022-711eaf8222)
Manage X.509 Public Key Infrastructure (PKI) security credentials
--------------------------------------------------------------------------------
Update Information:
Support both SHA1 and SHA256. SHA1 is not allowed by default by OpenSSL in RHEL
9.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 4 2022 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 6.2.9-9
- Support both SHA1 (backward compatibility) and SHA256 (compatible with
openssl 3.0.2)
--------------------------------------------------------------------------------
================================================================================
osbuild-composer-51-1.fc34 (FEDORA-2022-41c7ae38de)
An image building service based on osbuild
--------------------------------------------------------------------------------
Update Information:
Update osbuild-composer to the latest version
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 4 2022 Packit <hello(a)packit.dev> - 51-1
Changes with 51
----------------
* Add 9.1 alias & 8.7 test repositories (#2602)
* Devcontainer update to Fedora 36. (#2609)
* Don't support `gce-rhui` image type on CentOS Stream 8 (#2600)
* New functions for resizing partitions based on directory size requirements (#2588)
* RHEL-8.6/9.0 EC2 SAP image changes (#2574)
* Schutzfile: Pin osbuild version to use minimal required caps (#2597)
* Update GPG keys for all RHEL 8.x repos (#2563)
* Use array of objects to maintain order for RPM stage inputs (#2578)
* build(deps): bump
cloud.google.com/go/cloudbuild from 1.0.0 to 1.2.0 (#2553)
* build(deps): bump
cloud.google.com/go/compute from 1.6.0 to 1.6.1 (#2587)
* build(deps): bump
github.com/Azure/azure-sdk-for-go from 63.1.0+incompatible to
63.4.0+incompatible (#2583)
* build(deps): bump
github.com/Azure/go-autorest/autorest from 0.11.25 to 0.11.27
(#2579)
* build(deps): bump
github.com/aws/aws-sdk-go from 1.43.42 to 1.44.4 (#2606)
* build(deps): bump
github.com/google/go-cmp from 0.5.7 to 0.5.8 (#2607)
* build(deps): bump
github.com/hashicorp/go-retryablehttp from 0.7.0 to 0.7.1 (#2571)
* build(deps): bump
google.golang.org/api from 0.74.0 to 0.75.0 (#2585)
* cloudapi/v2: Generate valid GCP image name (#2586)
* disk: fix ensureLVM for partition tables without /boot (#2580)
* entrypoint - add parameters for socket bind address and port (#2605)
* image-info: dynamically detect the rpm database (#2594)
* rhel85: automatically convert to LVM on fs customizations (#2552)
* tools/generate-all-test-cases: add `manifests` command (#2593)
* worker: add proxy support to worker (#2576)
* ������������ Introduce chain dependency solving (#2568)
Contributions from: Achilleas Koutsou, Alexander Todorov, Christian Kellner, Ond��ej
Budai, Sanne Raymaekers, Simon de Vlieger, Tomas Hozza, Ygal Blum, dependabot[bot]
��� Somewhere on the Internet, 2022-05-04
* Thu Apr 28 2022 Packit <hello(a)packit.dev> - 46.3-1
CHANGES WITH 46.3:
----------------
* disk: fix ensureLVM for partition tables without /boot (#2580)
Contributions from: Achilleas Koutsou, Christian Kellner
��� Liberec, 2022-04-28
--------------------------------------------------------------------------------
================================================================================
perl-Alien-Libxml2-0.17-5.fc34 (FEDORA-2022-4fb32b461f)
Install the C libxml2 library on your system
--------------------------------------------------------------------------------
Update Information:
Rebuilt against libxml2-2.9.14
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 3 2022 Jitka Plesnikova <jplesnik(a)redhat.com> - 0.17-5
- Rebuild against libxml2-2.9.14
--------------------------------------------------------------------------------
================================================================================
scap-security-guide-0.1.61-1.fc34 (FEDORA-2022-0f891f03f2)
Security guidance and baselines in SCAP formats
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release 0.1.61
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 4 2022 Watson Sato <wsato(a)redhat.com> - 0.1.61-1
- Update to latest upstream SCAP-Security-Guide-0.1.61 release:
https://github.com/ComplianceAsCode/content/releases/tag/v0.1.61
--------------------------------------------------------------------------------