The following Fedora 36 Security updates need testing:
Age URL
5
https://bodhi.fedoraproject.org/updates/FEDORA-2022-7ece4f6d74
mingw-freetype-2.12.1-1.fc36
5
https://bodhi.fedoraproject.org/updates/FEDORA-2022-bbee226200
seamonkey-2.53.12-1.fc36
5
https://bodhi.fedoraproject.org/updates/FEDORA-2022-280ac942be
mingw-SDL2_ttf-2.0.18-3.fc36
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-eb9cc91549
java-1.8.0-openjdk-aarch32-1.8.0.332.b09-1.fc36
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-748fda10e7
keylime-6.4.0-1.fc36
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-2a6ebe688a
thunderbird-91.9.0-1.fc36
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-916bb58e38
slurm-21.08.8-1.fc36
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-509887bd99
supertux-0.6.3-4.fc36
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-111177a5ac
ecdsautils-0.4.1-1.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-b8691af27b
clamav-0.103.6-1.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-e72698d659 chafa-1.8.0-4.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-ec3ce5fb9a CImg-3.1.0-1.fc36
gmic-3.1.0-1.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-e3a794b591 et-6.2.1-2.fc36
The following Fedora 36 Critical Path updates have yet to be approved:
Age URL
20
https://bodhi.fedoraproject.org/updates/FEDORA-2022-42003bf3a9
libsolv-0.7.22-1.fc36
18
https://bodhi.fedoraproject.org/updates/FEDORA-2022-e90643ce61
redhat-rpm-config-217-1.fc36
11
https://bodhi.fedoraproject.org/updates/FEDORA-2022-2bd45a5cd8
swtpm-0.7.3-1.20220427gitf2268ee.fc36
8
https://bodhi.fedoraproject.org/updates/FEDORA-2022-bb9ed3409a
switcheroo-control-2.5-1.fc36
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-8c9270d57e
NetworkManager-1.37.92-1.fc36
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-f9021f3a78
createrepo_c-0.20.0-1.fc36
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-fe23fcfb82 gvfs-1.50.1-2.fc36
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-7a5b733a7a mesa-22.0.3-1.fc36
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-2a6ebe688a
thunderbird-91.9.0-1.fc36
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-a4e4574562 hexedit-1.6-1.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-6f98f3e6cc git-2.36.1-1.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-9889ca1219
gnome-software-42.1-1.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-259602f1ca
evolution-3.44.1-1.fc36 evolution-data-server-3.44.1-1.fc36 evolution-ews-3.44.1-1.fc36
evolution-mapi-3.44.1-2.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-85c7210ebb
gnome-shell-42.1-1.fc36 gnome-shell-extensions-42.1-1.fc36 mutter-42.1-1.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-893b870b9b
ostree-2022.3-2.fc36
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-14e4bfaa27
libnl3-3.6.0-3.fc36
0
https://bodhi.fedoraproject.org/updates/FEDORA-2022-6baf643f11 gjs-1.72.0-3.fc36
mozjs91-91.9.0-1.fc36
0
https://bodhi.fedoraproject.org/updates/FEDORA-2022-c086fb92ed gdisk-1.0.9-2.fc36
0
https://bodhi.fedoraproject.org/updates/FEDORA-2022-13c2b1e6db
setup-2.13.10-1.fc36
The following builds have been pushed to Fedora 36 updates-testing
ImageMagick-6.9.12.48-2.fc36
annobin-10.69-2.fc36
annobin-10.70-1.fc36
calibre-5.42.0-1.fc36
cross-binutils-2.37-7.fc36
disciplining-minipod-3.0.8-1.fc36
edk2-20220221gitb24306f15daa-4.fc36
gcc-12.1.1-1.fc36
libarrow-8.0.0-1.fc36
libyang-2.0.194-1.fc36
nmap-7.92-2.fc36
oscillatord-3.0.8-1.fc36
perl-Config-Model-2.150-1.fc36
perl-TAP-Formatter-JUnit-0.14-1.fc36
petsc-3.16.4-3.fc36
php-doctrine-persistence2-2.5.3-1.fc36
printer-driver-brlaser-6-2.20220509git7716c7d.fc36
rsyslog-8.2204.0-1.fc36
rust-bitflags-1.3.2-3.fc36
rust-serde_json-1.0.81-1.fc36
Details about builds:
================================================================================
ImageMagick-6.9.12.48-2.fc36 (FEDORA-2022-13083eb9a9)
An X application for displaying and manipulating images
--------------------------------------------------------------------------------
Update Information:
- Update ImageMagick to 6.9.12.48 - add support libzstd - add supoort eln
--------------------------------------------------------------------------------
ChangeLog:
* Sun May 8 2022 S��rgio Basto <sergio(a)serjux.com> - 1:6.9.12.48-2
- Support eln
- add support libzst
- should we enable hdri ?
* Sun May 8 2022 S��rgio Basto <sergio(a)serjux.com> - 1:6.9.12.48-1
- Update ImageMagick to 6.9.12.48
- Change the way of calculte VER and Patchlevel which will fix
the-new-hotness/release-monitoring.org's scratch build
--------------------------------------------------------------------------------
================================================================================
annobin-10.69-2.fc36 (FEDORA-2022-b2e2bcbdc6)
Annotate and examine compiled binary files
--------------------------------------------------------------------------------
Update Information:
GCC 12.1 release. Upstream bugs (
http://gcc.gnu.org/PRNNNNN) fixed: 65211,
70673, 78054, 82980, 86193, 89125, 90107, 93602, 97219, 99290, 100810, 100838,
101442, 101698, 102043, 102059, 102629, 102804, 102987, 102994, 103197, 103662,
103818, 103868, 103911, 103941, 104010, 104051, 104492, 104624, 104646, 104676,
104717, 104858, 104996, 105089, 105203, 105219, 105231, 105242, 105247, 105252,
105254, 105256, 105257, 105264, 105265, 105266, 105268, 105269, 105271, 105276,
105282, 105287, 105289, 105297, 105301, 105304, 105306, 105310, 105312, 105314,
105321, 105322, 105324, 105331, 105333, 105334, 105338, 105339, 105349, 105353,
105358, 105364, 105365, 105366, 105367, 105368, 105374, 105375, 105376, 105379,
105381, 105386, 105394, 105396, 105398, 105399, 105417, 105425, 105426, 105433,
105437, 105441, 105461, 105476, 105484, 105502 ---- Fixes another problem with
a false FAIL result from annocheck about -mbranch-protection for AArch64
binaries built with LTO enabled
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 9 2022 Jakub Jelinek <jakub(a)redhat.com> - 10.69-2
- NVR bump to allow rebuild for new GCC.
* Fri May 6 2022 Nick Clifton <nickc(a)redhat.com> - 10.69-1
- Annocheck: Do not complain about unenabled -mbranch-protection option in AArch64
binaries if compiled using LTO. (#2082146)
* Tue May 3 2022 Nick Clifton <nickc(a)redhat.com> - 10.68-1
- Annocheck: Add more glibc exceptions + check PT_TLS segments. (#2081131)
--------------------------------------------------------------------------------
================================================================================
annobin-10.70-1.fc36 (FEDORA-2022-0eca5d3774)
Annotate and examine compiled binary files
--------------------------------------------------------------------------------
Update Information:
Add another exception (to annocheck) for glibc libraries
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 9 2022 Nick Clifton <nickc(a)redhat.com> - 10.70-1
- Annocheck: Add another special case for glibc rpms. (#2083070)
* Mon May 9 2022 Jakub Jelinek <jakub(a)redhat.com> - 10.69-2
- NVR bump to allow rebuild for new GCC.
* Fri May 6 2022 Nick Clifton <nickc(a)redhat.com> - 10.69-1
- Annocheck: Do not complain about unenabled -mbranch-protection option in AArch64
binaries if compiled using LTO. (#2082146)
* Tue May 3 2022 Nick Clifton <nickc(a)redhat.com> - 10.68-1
- Annocheck: Add more glibc exceptions + check PT_TLS segments. (#2081131)
--------------------------------------------------------------------------------
================================================================================
calibre-5.42.0-1.fc36 (FEDORA-2022-25d1358e32)
E-book converter and library manager
--------------------------------------------------------------------------------
Update Information:
Latest upstream version.
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 9 2022 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> 5.42.0-1
- Version 5.42.0 (rhbz#2081446)
* Sun Apr 24 2022 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> 5.41.0-2
- Skip test that fails on 32 bit
* Sun Apr 24 2022 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> 5.41.0-1
- Version 5.41.0 (rhbz#2070931)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2081446 - calibre-5.42.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2081446
--------------------------------------------------------------------------------
================================================================================
cross-binutils-2.37-7.fc36 (FEDORA-2022-340dc7ed58)
A GNU collection of cross-compilation binary utilities
--------------------------------------------------------------------------------
Update Information:
Update to binutils-2.37-27.fc36
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 22 2022 Peter Robinson <pbrobinson(a)fedoraproject.org> - 2.37-7
- Sync with binutils-2.37-27.fc36
* Mon Feb 28 2022 Peter Robinson <pbrobinson(a)fedoraproject.org> - 2.37-6
- Rebase to binutils-2.37-26.fc36
* Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.37-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Sun Dec 5 2021 Peter Robinson <pbrobinson(a)fedoraproject.org> - 2.37-4
- Sync to binutils-2.37-22
* Thu Oct 28 2021 Peter Jones <pjones(a)redhat.com> - 2.37-3
- Add support for pei-aarch64-little objects on aarch64
--------------------------------------------------------------------------------
================================================================================
disciplining-minipod-3.0.8-1.fc36 (FEDORA-2022-41fd17f63c)
Disciplining algorithm for Atomic Reference Time Card
--------------------------------------------------------------------------------
Update Information:
Updating oscillatord to 3.0.8
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 5 2022 Alexander Bulimov <abulimov(a)fedoraproject.org> 3.0.8-1
- Update to 3.0.8
--------------------------------------------------------------------------------
================================================================================
edk2-20220221gitb24306f15daa-4.fc36 (FEDORA-2022-46d6399ee0)
UEFI firmware for 64-bit virtual machines
--------------------------------------------------------------------------------
Update Information:
switch to virt-firmware for secure boot key enrollment
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 19 2022 Gerd Hoffmann <kraxel(a)redhat.com> - 20220221gitb24306f15daa-4
- switch to virt-firmware for secure boot key enrollment
- Stop builds on armv7 too (iasl missing).
--------------------------------------------------------------------------------
================================================================================
gcc-12.1.1-1.fc36 (FEDORA-2022-b2e2bcbdc6)
Various compilers (C, C++, Objective-C, ...)
--------------------------------------------------------------------------------
Update Information:
GCC 12.1 release. Upstream bugs (
http://gcc.gnu.org/PRNNNNN) fixed: 65211,
70673, 78054, 82980, 86193, 89125, 90107, 93602, 97219, 99290, 100810, 100838,
101442, 101698, 102043, 102059, 102629, 102804, 102987, 102994, 103197, 103662,
103818, 103868, 103911, 103941, 104010, 104051, 104492, 104624, 104646, 104676,
104717, 104858, 104996, 105089, 105203, 105219, 105231, 105242, 105247, 105252,
105254, 105256, 105257, 105264, 105265, 105266, 105268, 105269, 105271, 105276,
105282, 105287, 105289, 105297, 105301, 105304, 105306, 105310, 105312, 105314,
105321, 105322, 105324, 105331, 105333, 105334, 105338, 105339, 105349, 105353,
105358, 105364, 105365, 105366, 105367, 105368, 105374, 105375, 105376, 105379,
105381, 105386, 105394, 105396, 105398, 105399, 105417, 105425, 105426, 105433,
105437, 105441, 105461, 105476, 105484, 105502 ---- Fixes another problem with
a false FAIL result from annocheck about -mbranch-protection for AArch64
binaries built with LTO enabled
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 7 2022 Jakub Jelinek <jakub(a)redhat.com> 12.1.1-1
- update from releases/gcc-12 branch
- GCC 12.1 release
- PRs c++/105476, libstdc++/103911, libstdc++/105441, libstdc++/105502,
middle-end/105376, middle-end/105461, target/102059, testsuite/105433,
tree-optimization/105394, tree-optimization/105437,
tree-optimization/105484
* Thu May 5 2022 Stephen Gallagher <sgallagh(a)redhat.com> 12.0.1-0.18
- fix annobin plugin conditional to build for ELN
* Fri Apr 29 2022 Jakub Jelinek <jakub(a)redhat.com> 12.0.1-0.17
- update from trunk and releases/gcc-12 branch
- GCC 12.1-rc1
- PRs analyzer/105252, analyzer/105264, analyzer/105365, analyzer/105366,
c++/65211, c++/82980, c++/86193, c++/90107, c++/97219, c++/100838,
c++/101442, c++/101698, c++/102629, c++/102804, c++/102987,
c++/103868, c++/104051, c++/104624, c++/104646, c++/104996,
c++/105256, c++/105265, c++/105268, c++/105287, c++/105289,
c++/105297, c++/105301, c++/105304, c++/105321, c++/105322,
c++/105353, c++/105386, c++/105398, c++/105425, c++/105426,
debug/105089, debug/105203, fortran/70673, fortran/78054,
fortran/102043, fortran/103662, fortran/104717, fortran/105242,
fortran/105310, fortran/105379, fortran/105381, gcov-profile/105282,
ipa/103818, ipa/105306, libgomp/105358, libstdc++/93602,
libstdc++/99290, libstdc++/102994, libstdc++/104858,
libstdc++/105269, libstdc++/105324, libstdc++/105375,
libstdc++/105417, lto/105364, lto/105399, middle-end/104492,
rtl-optimization/105231, rtl-optimization/105314,
rtl-optimization/105333, sanitizer/105396, target/89125,
target/103197, target/104676, target/105247, target/105257,
target/105271, target/105331, target/105334, target/105338,
target/105339, target/105349, target/105367, testsuite/105266,
tree-optimization/100810, tree-optimization/103941,
tree-optimization/104010, tree-optimization/105219,
tree-optimization/105254, tree-optimization/105276,
tree-optimization/105312, tree-optimization/105368,
tree-optimization/105374
--------------------------------------------------------------------------------
================================================================================
libarrow-8.0.0-1.fc36 (FEDORA-2022-1c3202c0a2)
A toolbox for accelerated data interchange and in-memory processing
--------------------------------------------------------------------------------
Update Information:
Apache Arrow 8.0.0 GA
--------------------------------------------------------------------------------
ChangeLog:
* Sun May 8 2022 Kaleb S. KEITHLEY <kkeithle [at] redhat.com> - 8.0.0-1
- Arrow 8.0.0 GA
--------------------------------------------------------------------------------
================================================================================
libyang-2.0.194-1.fc36 (FEDORA-2022-709bc73f05)
YANG data modeling language library
--------------------------------------------------------------------------------
Update Information:
Rebase to version 2.0.194
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 9 2022 Tomas Korbar <tkorbar(a)redhat.com> - 2.0.194-1
- Rebase to version 2.0.194
- Resolves: rhbz#2082735
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2082735 - libyang-2.0.194 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2082735
--------------------------------------------------------------------------------
================================================================================
nmap-7.92-2.fc36 (FEDORA-2022-de7fea2a3f)
Network exploration tool and security scanner
--------------------------------------------------------------------------------
Update Information:
ncat: close on EOF by default new --no-terminate option for backward
compatibility (#2082270)
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 5 2022 Martin Osvald <mosvald(a)redhat.com> - 3:7.92-2
- ncat: close on EOF by default, new --no-terminate option
for backward compatibility (#2082270)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2082270 - [RFE] ncat: change default behavior and close immediately when the
server is done sending
https://bugzilla.redhat.com/show_bug.cgi?id=2082270
--------------------------------------------------------------------------------
================================================================================
oscillatord-3.0.8-1.fc36 (FEDORA-2022-41fd17f63c)
Daemon for disciplining an oscillator
--------------------------------------------------------------------------------
Update Information:
Updating oscillatord to 3.0.8
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 5 2022 Alexander Bulimov <abulimov(a)fedoraproject.org> 3.0.8-1
- Update to 3.0.8
--------------------------------------------------------------------------------
================================================================================
perl-Config-Model-2.150-1.fc36 (FEDORA-2022-4bc60c2591)
Framework to create configuration validation tools and editors
--------------------------------------------------------------------------------
Update Information:
2.150 2022-05-08 New features: Loader: add list:.ensure(value) function Bug
fixes: Loader: fix reading JSON file with utf8 characters
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 9 2022 Jitka Plesnikova <jplesnik(a)redhat.com> - 2.150-1
- 2.150 bump
--------------------------------------------------------------------------------
================================================================================
perl-TAP-Formatter-JUnit-0.14-1.fc36 (FEDORA-2022-8992bd16a1)
Harness output delegate for JUnit output
--------------------------------------------------------------------------------
Update Information:
Update "t/formatter.t" to accommodate fixes made in Test::Harness v3.44
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 5 2022 Jitka Plesnikova <jplesnik(a)redhat.com> - 0.14-1
- 0.14 bump
--------------------------------------------------------------------------------
================================================================================
petsc-3.16.4-3.fc36 (FEDORA-2022-c973884025)
Portable Extensible Toolkit for Scientific Computation
--------------------------------------------------------------------------------
Update Information:
Just a rebuild against the latest mpich.
--------------------------------------------------------------------------------
ChangeLog:
* Sun May 8 2022 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> - 3.16.4-3
- Rebuild for mpich-3.4.3, 2nd attempt
--------------------------------------------------------------------------------
================================================================================
php-doctrine-persistence2-2.5.3-1.fc36 (FEDORA-2022-777c085540)
Doctrine Persistence abstractions, version 2
--------------------------------------------------------------------------------
Update Information:
**Version 2.5.3** Bug * 292: Declare ObjectRepository's template as
covariant thanks to @derrabus ---- **Version 2.5.2** Improvement * 289:
Allow doctrine/deprecations 1.0 thanks to @derrabus Bug * 286: Handle
anonymous classes more gracefully thanks to @greg0ire
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 9 2022 Remi Collet <remi(a)remirepo.net> - 2.5.3-1
- update to 2.5.3
* Tue May 3 2022 Remi Collet <remi(a)remirepo.net> - 2.5.2-1
- update to 2.5.2
- allow doctrine/deprecations 1
--------------------------------------------------------------------------------
================================================================================
printer-driver-brlaser-6-2.20220509git7716c7d.fc36 (FEDORA-2022-92a8b6c8f7)
Brother laser printer driver
--------------------------------------------------------------------------------
Update Information:
A free driver for many Brother laser printers.
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 9 2022 Ondrej Budai <ondrej(a)budai.cz> - 6-2
- Add support for many devices by pulling merging unmerged upstream PRs
* Sun Mar 27 2022 Ondrej Budai <ondrej(a)budai.cz> - 6-1
- Initial package version
--------------------------------------------------------------------------------
================================================================================
rsyslog-8.2204.0-1.fc36 (FEDORA-2022-7988dad217)
Enhanced system logging and kernel message trapping daemon
--------------------------------------------------------------------------------
Update Information:
Rebase to 8.2204.0 Add patch to resolve potential heap buffer overflow, details:
https://github.com/rsyslog/rsyslog/security/advisories/GHSA-ggw7-xr6h-mmr8
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 9 2022 Attila Lakatos <alakatos(a)redhat.com> - 8.2204.0-1
- rebase to 8.2204.0
resolves: rhbz#1951970
- CVE-2022-24903 rsyslog: Heap-based overflow in TCP syslog server
resolves: rhbz#2082302
--------------------------------------------------------------------------------
================================================================================
rust-bitflags-1.3.2-3.fc36 (FEDORA-2022-82d3437808)
Macro to generate structures which behave like bitflags
--------------------------------------------------------------------------------
Update Information:
Backport upstream fix to resolve problems with compiling the test suite (by no
longer relying on undocumented behaviour). Fixes FTBFS issues on Fedora 34+ /
with versions 1.0.57+ of the trybuild crate.
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 9 2022 Fabio Valentini <decathorpe(a)gmail.com> 1.3.2-3
- Fix compilation of test suite with trybuild >= 1.0.57
--------------------------------------------------------------------------------
================================================================================
rust-serde_json-1.0.81-1.fc36 (FEDORA-2022-ddc6ef3cc3)
JSON serialization file format
--------------------------------------------------------------------------------
Update Information:
Update to version 1.0.81. Fixes FTBFS issues on Fedora 34+ / with versions
1.0.57+ of the trybuild crate (by no longer relying on undocumented behaviour in
test suite code).
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 9 2022 Fabio Valentini <decathorpe(a)gmail.com> 1.0.81-1
- Update to version 1.0.81; Fixes RHBZ#2080665
--------------------------------------------------------------------------------