The following Fedora 35 Security updates need testing:
Age URL
7
https://bodhi.fedoraproject.org/updates/FEDORA-2022-a403286212
libtiff-4.3.0-3.fc35
5
https://bodhi.fedoraproject.org/updates/FEDORA-2022-421e65c5d4 usbview-3.0-1.fc35
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-914fa8641a
phpMyAdmin-5.1.2-1.fc35
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-b670788a8d
strongswan-5.9.5-2.fc35
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-a1bc7decc9
mingw-python-pillow-8.3.2-2.fc35 python-pillow-8.3.2-2.fc35
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-420bf9fc1e xen-4.15.1-5.fc35
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-c0c11c4776
perl-Image-ExifTool-12.38-1.fc35
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-ecdf338eb1
qt5-qtwebengine-5.15.8-2.fc35
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-7d8b535724
java-latest-openjdk-17.0.2.0.8-2.rolling.fc35
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-68d155ca82
rust-ammonia-3.1.3-1.fc35
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-7f67e9e695
trojita-0.7.0.1-0.13.20220117git266c757.fc35
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-eb16f07001
rust-cargo-insta-1.11.0-1.fc35 rust-insta-1.11.0-1.fc35 rust-ron-0.7.0-1.fc35
rust-ron0.6-0.6.6-1.fc35 rust-similar-2.1.0-1.fc35 rust-similar-asserts-1.2.0-1.fc35
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-5770dad5f8
keylime-6.3.0-2.fc35
The following Fedora 35 Critical Path updates have yet to be approved:
Age URL
62
https://bodhi.fedoraproject.org/updates/FEDORA-2021-12f6c46ad8 qemu-6.1.0-13.fc35
21
https://bodhi.fedoraproject.org/updates/FEDORA-2022-39ffce84e3 gdb-11.1-6.fc35
11
https://bodhi.fedoraproject.org/updates/FEDORA-2022-a581f05398
bluedevil-5.23.5-1.fc35 breeze-gtk-5.23.5-1.fc35 breeze-icon-theme-5.90.0-1.fc35
extra-cmake-modules-5.90.0-1.fc35 grub2-breeze-theme-5.23.5-1.fc35
kactivitymanagerd-5.23.5-1.fc35 kde-cli-tools-5.23.5-1.fc35 kde-gtk-config-5.23.5-1.fc35
kdecoration-5.23.5-1.fc35 kdeplasma-addons-5.23.5-1.fc35 kf5-5.90.0-1.fc35
kf5-attica-5.90.0-1.fc35 kf5-baloo-5.90.0-1.fc35 kf5-bluez-qt-5.90.0-1.fc35
kf5-frameworkintegration-5.90.0-1.fc35 kf5-kactivities-5.90.0-1.fc35
kf5-kactivities-stats-5.90.0-1.fc35 kf5-kapidox-5.90.0-1.fc35 kf5-karchive-5.90.0-1.fc35
kf5-kauth-5.90.0-1.fc35 kf5-kbookmarks-5.90.0-1.fc35 kf5-kcalendarcore-5.90.0-1.fc35
kf5-kcmutils-5.90.0-1.fc35 kf5-kcodecs-5.90.0-1.fc35 kf5-kcompletion-5.90.0-1.fc35
kf5-kconfig-5.90.0-1.fc35 kf5-kconfigwidgets-5.90.0-1.fc35 kf5-kcontacts-5.90.0-1.fc35
kf5-kcoreaddons-5.90.0-1.fc35 kf5-kcrash-5.90.0-1.fc35 kf5-kdav-5.90.0-1.fc35
kf5-kdbusaddons-5.90.0-1.fc35 kf5-kdeclarative-5
.90.0-1.fc35 kf5-kded-5.90.0-1.fc35 kf5-kdelibs4support-5.90.0-1.fc35
kf5-kdesignerplugin-5.90.0-1.fc35 kf5-kdesu-5.90.0-1.fc35 kf5-kdewebkit-5.90.0-1.fc35
kf5-kdnssd-5.90.0-1.fc35 kf5-kdoctools-5.90.0-1.fc35 kf5-kemoticons-5.90.0-1.fc35
kf5-kfilemetadata-5.90.0-1.fc35 kf5-kglobalaccel-5.90.0-1.fc35
kf5-kguiaddons-5.90.0-1.fc35 kf5-kholidays-5.90.0-1.fc35 kf5-khtml-5.90.0-1.fc35
kf5-ki18n-5.90.0-1.fc35 kf5-kiconthemes-5.90.0-1.fc35 kf5-kidletime-5.90.0-1.fc35
kf5-kimageformats-5.90.0-1.fc35 kf5-kinit-5.90.0-1.fc35 kf5-kio-5.90.0-1.fc35
kf5-kirigami2-5.90.0-1.fc35 kf5-kitemmodels-5.90.0-1.fc35 kf5-kitemviews-5.90.0-1.fc35
kf5-kjobwidgets-5.90.0-1.fc35 kf5-kjs-5.90.0-1.fc35 kf5-kjsembed-5.90.0-1.fc35
kf5-kmediaplayer-5.90.0-1.fc35 kf5-knewstuff-5.90.0-1.fc35
kf5-knotifications-5.90.0-1.fc35 kf5-knotifyconfig-5.90.0-1.fc35
kf5-kpackage-5.90.0-1.fc35 kf5-kparts-5.90.0-1.fc35 kf5-kpeople-5.90.0-1.fc35
kf5-kplotting-5.90.0-1.fc35 kf5-kpty-5.90.0-1.fc35 kf5-kquickcharts-5.90.0-1.fc35 kf5-k
ross-5.90.0-1.fc35 kf5-krunner-5.90.0-1.fc35 kf5-kservice-5.90.0-1.fc35
kf5-ktexteditor-5.90.0-1.fc35 kf5-ktextwidgets-5.90.0-1.fc35
kf5-kunitconversion-5.90.0-1.fc35 kf5-kwallet-5.90.0-1.fc35 kf5-kwayland-5.90.0-1.fc35
kf5-kwidgetsaddons-5.90.0-1.fc35 kf5-kwindowsystem-5.90.0-1.fc35 kf5-kxmlgui-5.90.0-1.fc35
kf5-kxmlrpcclient-5.90.0-1.fc35 kf5-modemmanager-qt-5.90.0-1.fc35
kf5-networkmanager-qt-5.90.0-1.fc35 kf5-plasma-5.90.0-1.fc35 kf5-prison-5.90.0-1.fc35
kf5-purpose-5.90.0-1.fc35 kf5-solid-5.90.0-1.fc35 kf5-sonnet-5.90.0-1.fc35
kf5-syndication-5.90.0-1.fc35 kf5-syntax-highlighting-5.90.0-1.fc35
kf5-threadweaver-5.90.0-1.fc35 kgamma-5.23.5-1.fc35 khotkeys-5.23.5-1.fc35
kinfocenter-5.23.5-1.fc35 kmenuedit-5.23.5-1.fc35 kscreen-5.23.5-1.fc35
kscreenlocker-5.23.5-1.fc35 ksshaskpass-5.23.5-1.fc35 ksystemstats-5.23.5-1.fc35
kwayland-integration-5.23.5-1.fc35 kwayland-server-5.23.5-1.fc35 kwin-5.23.5-1.fc35
kwrited-5.23.5-1.fc35 layer-shell-qt-5.23.5-1.fc35 libkscreen-qt5-5.23.5-1.fc35
libksysguard-5.23.5-1.fc35 oxygen-icon-theme-5.90.0-1.fc35 pam-kwallet-5.23.5-1.fc35
plasma-breeze-5.23.5-1.fc35 plasma-browser-integration-5.23.5-1.fc35
plasma-desktop-5.23.5-1.fc35 plasma-discover-5.23.5-1.fc35 plasma-disks-5.23.5-1.fc35
plasma-drkonqi-5.23.5-1.fc35 plasma-firewall-5.23.5-1.fc35
plasma-integration-5.23.5-1.fc35 plasma-milou-5.23.5-1.fc35 plasma-nm-5.23.5-1.fc35
plasma-oxygen-5.23.5-1.fc35 plasma-pa-5.23.5-1.fc35 plasma-sdk-5.23.5-1.fc35
plasma-systemmonitor-5.23.5-1.fc35 plasma-systemsettings-5.23.5-1.fc35
plasma-thunderbolt-5.23.5-1.fc35 plasma-vault-5.23.5-1.fc35 plasma-workspace-5.23.5-1.fc35
plasma-workspace-wallpapers-5.23.5-1.fc35 plymouth-kcm-5.23.5-1.fc35
plymouth-theme-breeze-5.23.5-1.fc35 polkit-kde-5.23.5-1.fc35 powerdevil-5.23.5-1.fc35
qqc2-breeze-style-5.23.5-1.fc35 qqc2-desktop-style-5.90.0-1.fc35 sddm-kcm-5.23.5-1.fc35
xdg-desktop-portal-kde-5.23.5-1.fc35
7
https://bodhi.fedoraproject.org/updates/FEDORA-2022-a403286212
libtiff-4.3.0-3.fc35
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-001c2215a6 bolt-0.9.2-1.fc35
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-420bf9fc1e xen-4.15.1-5.fc35
The following builds have been pushed to Fedora 35 updates-testing
memkind-1.13.0-1.fc35
scap-security-guide-0.1.60-1.fc35
uglify-js-3.15.0-1.fc35
vim-8.2.4232-1.fc35
Details about builds:
================================================================================
memkind-1.13.0-1.fc35 (FEDORA-2022-27ff6f046c)
User Extensible Heap Manager
--------------------------------------------------------------------------------
Update Information:
Update memkind source file to 1.13.0 upstream
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 28 2022 Rafael Aquini <aquini(a)linux.com> - 1.13.0-1
- Update memkind source file to 1.13.0 upstream
* Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.11.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2035221 - Update memkind package to the latest release (1.13.0)
https://bugzilla.redhat.com/show_bug.cgi?id=2035221
--------------------------------------------------------------------------------
================================================================================
scap-security-guide-0.1.60-1.fc35 (FEDORA-2022-8936f7d630)
Security guidance and baselines in SCAP formats
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release 0.1.60
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 28 2022 Watson Sato <wsato(a)redhat.com> - 0.1.60-1
- Update to latest upstream SCAP-Security-Guide-0.1.60 release:
https://github.com/ComplianceAsCode/content/releases/tag/v0.1.60
* Wed Dec 1 2021 Watson Sato <wsato(a)redhat.com> - 0.1.59-1
- Update to latest upstream SCAP-Security-Guide-0.1.59 release:
https://github.com/ComplianceAsCode/content/releases/tag/v0.1.59
- Fix loading of jinja files
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1467034 - scap-security-guide-0.1.59 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1467034
--------------------------------------------------------------------------------
================================================================================
uglify-js-3.15.0-1.fc35 (FEDORA-2022-14d6c3b92c)
JavaScript parser, mangler/compressor and beautifier toolkit
--------------------------------------------------------------------------------
Update Information:
Uglify-JS 3.15.0
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 26 2022 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 3.15.0-1
- Update to 3.15.0
* Sat Jan 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.14.5-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Wed Jan 19 2022 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 3.14.5-2
- Update uglify-js for EPEL 7 to version 3
- Provide/Obsolete uglify-js3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2045909 - uglify-js-3.15.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2045909
--------------------------------------------------------------------------------
================================================================================
vim-8.2.4232-1.fc35 (FEDORA-2022-f05f9c155b)
The VIM editor
--------------------------------------------------------------------------------
Update Information:
Security fixes for CVE-2022-0351, CVE-2022-0359 ---- Security fixes for
CVE-2022-0213, CVE-2022-0261
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 27 2022 Zdenek Dohnal <zdohnal(a)redhat.com> - 2:8.2.4232-1
- patchlevel 4232
* Mon Jan 24 2022 Zdenek Dohnal <zdohnal(a)redhat.com> - 2:8.2.4198-1
- patchlevel 4198
* Sat Jan 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
2:8.2.4068-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2043779 - CVE-2022-0213 vim: vim is vulnerable to out of bounds read
https://bugzilla.redhat.com/show_bug.cgi?id=2043779
[ 2 ] Bug #2044607 - CVE-2022-0261 vim: Heap-based Buffer Overflow in block_insert() in
src/ops.c
https://bugzilla.redhat.com/show_bug.cgi?id=2044607
[ 3 ] Bug #2046436 - CVE-2022-0351 vim: access of memory location before start of
buffer
https://bugzilla.redhat.com/show_bug.cgi?id=2046436
[ 4 ] Bug #2046479 - CVE-2022-0359 vim: heap-based buffer overflow in init_ccline() in
ex_getln.c
https://bugzilla.redhat.com/show_bug.cgi?id=2046479
--------------------------------------------------------------------------------