The following Fedora 32 Security updates need testing:
Age URL
30
https://bodhi.fedoraproject.org/updates/FEDORA-2020-4578c4a082
java-11-openjdk-11.0.7.10-0.fc32
5
https://bodhi.fedoraproject.org/updates/FEDORA-2020-4f5588cf97
wireshark-3.2.4-1.fc32
5
https://bodhi.fedoraproject.org/updates/FEDORA-2020-11be4b36d4
drupal7-7.70-1.fc32
5
https://bodhi.fedoraproject.org/updates/FEDORA-2020-d714c08261
marked-1.1.0-3.fc32
4
https://bodhi.fedoraproject.org/updates/FEDORA-2020-062e2c016b
qutebrowser-1.11.1-1.fc32
3
https://bodhi.fedoraproject.org/updates/FEDORA-2020-7f07da3fef ant-1.10.8-1.fc32
3
https://bodhi.fedoraproject.org/updates/FEDORA-2020-d767d9077b
sympa-6.2.56-1.fc32
2
https://bodhi.fedoraproject.org/updates/FEDORA-2020-22764f623f
perl-Email-MIME-1.949-1.fc32 perl-Email-MIME-ContentType-1.024-1.fc32
2
https://bodhi.fedoraproject.org/updates/FEDORA-2020-e95ef17134
slurm-19.05.7-1.fc32
2
https://bodhi.fedoraproject.org/updates/FEDORA-2020-2d89cbcfd9
bind-9.11.19-1.fc32
1
https://bodhi.fedoraproject.org/updates/FEDORA-2020-fe80f1f388
prboom-plus-2.5.1.4-18.fc32
The following Fedora 32 Critical Path updates have yet to be approved:
Age URL
6
https://bodhi.fedoraproject.org/updates/FEDORA-2020-1738d289df
uboot-tools-2020.04-4.fc32
6
https://bodhi.fedoraproject.org/updates/FEDORA-2020-5b9a39faa9 pungi-4.2.2-2.fc32
2
https://bodhi.fedoraproject.org/updates/FEDORA-2020-d675084fa1
libgexiv2-0.12.1-1.fc32
1
https://bodhi.fedoraproject.org/updates/FEDORA-2020-fc2dfc7ac1
xorg-x11-drv-ati-19.1.0-1.fc32
1
https://bodhi.fedoraproject.org/updates/FEDORA-2020-9239def19e
binutils-2.34-3.fc32
1
https://bodhi.fedoraproject.org/updates/FEDORA-2020-d85321dad7
breeze-icon-theme-5.70.0-1.fc32 extra-cmake-modules-5.70.0-1.fc32 kf5-5.70.0-1.fc32
kf5-attica-5.70.0-1.fc32 kf5-baloo-5.70.0-1.fc32 kf5-bluez-qt-5.70.0-1.fc32
kf5-frameworkintegration-5.70.0-1.fc32 kf5-kactivities-5.70.0-1.fc32
kf5-kactivities-stats-5.70.0-1.fc32 kf5-kapidox-5.70.0-1.fc32 kf5-karchive-5.70.0-1.fc32
kf5-kauth-5.70.0-1.fc32 kf5-kbookmarks-5.70.0-1.fc32 kf5-kcalendarcore-5.70.0-1.fc32
kf5-kcmutils-5.70.0-1.fc32 kf5-kcodecs-5.70.0-1.fc32 kf5-kcompletion-5.70.0-1.fc32
kf5-kconfig-5.70.0-1.fc32 kf5-kconfigwidgets-5.70.0-1.fc32 kf5-kcontacts-5.70.0-1.fc32
kf5-kcoreaddons-5.70.0-1.fc32 kf5-kcrash-5.70.0-1.fc32 kf5-kdbusaddons-5.70.0-1.fc32
kf5-kdeclarative-5.70.0-1.fc32 kf5-kded-5.70.0-1.fc32 kf5-kdelibs4support-5.70.0-1.fc32
kf5-kdesignerplugin-5.70.0-1.fc32 kf5-kdesu-5.70.0-1.fc32 kf5-kdewebkit-5.70.0-1.fc32
kf5-kdnssd-5.70.0-1.fc32 kf5-kdoctools-5.70.0-1.fc32 kf5-kemoticons-5.70.0-1.fc32
kf5-kfilemeta
data-5.70.0-1.fc32 kf5-kglobalaccel-5.70.0-1.fc32 kf5-kguiaddons-5.70.0-1.fc32
kf5-kholidays-5.70.0-1.fc32 kf5-khtml-5.70.0-1.fc32 kf5-ki18n-5.70.0-1.fc32
kf5-kiconthemes-5.70.0-1.fc32 kf5-kidletime-5.70.0-1.fc32 kf5-kimageformats-5.70.0-1.fc32
kf5-kinit-5.70.0-1.fc32 kf5-kio-5.70.1-1.fc32 kf5-kirigami2-5.70.0-1.fc32
kf5-kitemmodels-5.70.0-1.fc32 kf5-kitemviews-5.70.0-1.fc32 kf5-kjobwidgets-5.70.0-1.fc32
kf5-kjs-5.70.0-1.fc32 kf5-kjsembed-5.70.0-1.fc32 kf5-kmediaplayer-5.70.0-1.fc32
kf5-knewstuff-5.70.0-1.fc32 kf5-knotifications-5.70.0-1.fc32
kf5-knotifyconfig-5.70.0-1.fc32 kf5-kpackage-5.70.0-1.fc32 kf5-kparts-5.70.0-1.fc32
kf5-kpeople-5.70.0-1.fc32 kf5-kplotting-5.70.0-1.fc32 kf5-kpty-5.70.0-1.fc32
kf5-kquickcharts-5.70.0-1.fc32 kf5-kross-5.70.0-1.fc32 kf5-krunner-5.70.0-1.fc32
kf5-kservice-5.70.0-1.fc32 kf5-ktexteditor-5.70.1-1.fc32 kf5-ktextwidgets-5.70.0-1.fc32
kf5-kunitconversion-5.70.0-1.fc32 kf5-kwallet-5.70.0-1.fc32 kf5-kwayland-5.70.0-1.fc32
kf5-kwidgetsaddons-5.70.0-1.fc3
2 kf5-kwindowsystem-5.70.0-1.fc32 kf5-kxmlgui-5.70.0-1.fc32
kf5-kxmlrpcclient-5.70.0-1.fc32 kf5-modemmanager-qt-5.70.0-1.fc32
kf5-networkmanager-qt-5.70.0-1.fc32 kf5-plasma-5.70.1-1.fc32 kf5-prison-5.70.0-1.fc32
kf5-purpose-5.70.0-1.fc32 kf5-solid-5.70.0-1.fc32 kf5-sonnet-5.70.0-1.fc32
kf5-syndication-5.70.0-1.fc32 kf5-syntax-highlighting-5.70.0-1.fc32
kf5-threadweaver-5.70.0-1.fc32 oxygen-icon-theme-5.70.0-1.fc32
qqc2-desktop-style-5.70.0-1.fc32
The following builds have been pushed to Fedora 32 updates-testing
cacti-1.2.12-1.fc32
cacti-spine-1.2.12-1.fc32
ceph-14.2.9-2.fc32
crypto-policies-20200527-1.gitb234a47.fc32
gfal2-2.17.3-1.fc32
glances-3.1.4.1-5.fc32
kio-fuse-4.95.0-1.fc32
kwave-20.04.1-1.fc32
libreoffice-6.4.4.2-1.fc32
libtpms-0.7.2-0.20200527git7325acb477.fc32
lollypop-1.3.0-1.fc32
massdns-0.3-1.fc32
mbedtls-2.16.6-1.fc32
openssh-8.3p1-1.fc32
perl-Compress-Bzip2-2.27-2.fc32
php-doctrine-orm-2.7.3-1.fc32
php-swaggest-json-diff-3.7.5-1.fc32
rubygem-jekyll-4.1.0-1.fc32
Details about builds:
================================================================================
cacti-1.2.12-1.fc32 (FEDORA-2020-8560db8779)
An rrd based graphing tool
--------------------------------------------------------------------------------
Update Information:
- Update to 1.2.12 Release notes:
https://www.cacti.net/release_notes.php?version=1.2.12
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 27 2020 Morten Stevens <mstevens(a)fedoraproject.org> - 1.2.12-1
- Update to 1.2.12
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1830785 - cacti-1.2.12 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1830785
[ 2 ] Bug #1840312 - CVE-2020-13231 cacti: CSRF at admin email [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1840312
[ 3 ] Bug #1840317 - CVE-2020-13230 cacti: improper access control on disabling a user
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1840317
--------------------------------------------------------------------------------
================================================================================
cacti-spine-1.2.12-1.fc32 (FEDORA-2020-8560db8779)
Threaded poller for Cacti written in C
--------------------------------------------------------------------------------
Update Information:
- Update to 1.2.12 Release notes:
https://www.cacti.net/release_notes.php?version=1.2.12
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 27 2020 Morten Stevens <mstevens(a)fedoraproject.org> - 1.2.12-1
- Update to 1.2.12
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1830785 - cacti-1.2.12 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1830785
[ 2 ] Bug #1840312 - CVE-2020-13231 cacti: CSRF at admin email [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1840312
[ 3 ] Bug #1840317 - CVE-2020-13230 cacti: improper access control on disabling a user
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1840317
--------------------------------------------------------------------------------
================================================================================
ceph-14.2.9-2.fc32 (FEDORA-2020-9d683bce64)
User space components of the Ceph file system
--------------------------------------------------------------------------------
Update Information:
fix fail to install ceph-test
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 26 2020 Kaleb S. KEITHLEY <kkeithle[at]redhat.com> - 2:14.2.9-2
- ceph 14.2.9, /w system gtest, gmock, or would be if it was new enough
thus disabling as the bundled gtest, etc. result in a build that doesn't
install.
--------------------------------------------------------------------------------
================================================================================
crypto-policies-20200527-1.gitb234a47.fc32 (FEDORA-2020-feb2e50aa4)
System-wide crypto policies
--------------------------------------------------------------------------------
Update Information:
Refresh from upstream repository with many bug fixes, clean-ups and
enhancements.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 27 2020 Tom���� Mr��z <tmraz(a)redhat.com> - 20200527-1.gitb234a47
- explicitly enable DHE-DSS in gnutls config if enabled in policy
- use grubby with --update-kernel=ALL to avoid breaking kernelopts
- OSPP subpolicy: Allow GCM for SSH protocol
- openssh: Support newly standardized ECDHE-GSS and DHE-GSS key exchanges
- if the policy in FIPS mode is not a FIPS policy print a message
- openssl: Add SignatureAlgorithms support
* Thu Mar 12 2020 Tom���� Mr��z <tmraz(a)redhat.com> - 20200312-1.git3ae59d2
- custom crypto policies: enable completely overriding contents of the list
value
- added ECDHE-ONLY.pmod policy module example
- openssh: make LEGACY policy to prefer strong public key algorithms
- openssh: support FIDO/U2F (with the exception of FIPS policy)
- gnutls: add support for GOST ciphers
- various python code cleanups
- update-crypto-policies: dump the current policy to
/etc/crypto-policies/state/CURRENT.pol
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1830285 - openssh-8.2 missing PubKeyAcceptedTypes for u2f in crypto-policies
https://bugzilla.redhat.com/show_bug.cgi?id=1830285
--------------------------------------------------------------------------------
================================================================================
gfal2-2.17.3-1.fc32 (FEDORA-2020-29aa3cef65)
Grid file access library 2.0
--------------------------------------------------------------------------------
Update Information:
Upgrade to upstream release 2.17.3
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 15 2020 Michal Simon <michal.simon(a)cern.ch> - 2.17.3-1
- Upgrade to upstream release 2.17.3
* Tue Apr 21 2020 Bj��rn Esser <besser82(a)fedoraproject.org> - 2.17.2-2
- Rebuild (json-c)
--------------------------------------------------------------------------------
================================================================================
glances-3.1.4.1-5.fc32 (FEDORA-2020-c6c3e20b02)
CLI curses based monitoring tool
--------------------------------------------------------------------------------
Update Information:
minor update, should be ok. Provides a /etc/glances/glances.conf to prevent
glances checking for updated versions from pypi and not RPMs ---- Update to
3.1.4.1.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 27 2020 Edouard Bourguignon <madko(a)linuxed.net> - 3.1.4.1-5
- /etc/glances/glances.conf is config(noreplace)
* Wed May 27 2020 Edouard Bourguignon <madko(a)linuxed.net> - 3.1.4.1-4
- Upgrade to 3.1.4.1
- Adding glances.conf to prevent update checks rhbz#1773662
* Wed May 27 2020 Carl George <carl(a)george.computer> - 3.1.4.1-3
- Add patch0 to disable outdated warning rhbz#1773662
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1763319 - build of glances for EPEL 8
https://bugzilla.redhat.com/show_bug.cgi?id=1763319
[ 2 ] Bug #1773662 - Package from distro should not suggest update method outside of
distro way
https://bugzilla.redhat.com/show_bug.cgi?id=1773662
[ 3 ] Bug #1817300 - glances-3.1.4.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1817300
--------------------------------------------------------------------------------
================================================================================
kio-fuse-4.95.0-1.fc32 (FEDORA-2020-669fa1a4ae)
KIO FUSE
--------------------------------------------------------------------------------
Update Information:
first spec for version 4.95.0
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
kwave-20.04.1-1.fc32 (FEDORA-2020-d216ef9f8a)
Sound Editor for KDE
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 26 2020 S��rgio Basto <sergio(a)serjux.com> - 20.04.1-1
- Update kwave to 20.04.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1839953 - kwave-20.04.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1839953
--------------------------------------------------------------------------------
================================================================================
libreoffice-6.4.4.2-1.fc32 (FEDORA-2020-121ecd9526)
Free Software Productivity Suite
--------------------------------------------------------------------------------
Update Information:
latest stable release
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 21 2020 Caol��n McNamara <caolanm(a)redhat.com> - 1:6.4.4.2-1
- latest stable
--------------------------------------------------------------------------------
================================================================================
libtpms-0.7.2-0.20200527git7325acb477.fc32 (FEDORA-2020-902dbd2c7c)
Library providing Trusted Platform Module (TPM) functionality
--------------------------------------------------------------------------------
Update Information:
Following stable-0.7.0 branch for TPM 2 related fixes: RSA decryption, ----
Following stable-0.7.0 branch for TPM 2 related fixes; v0.7.1 + gcc related
patch
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 27 2020 Stefan Berger <stefanb(a)linux.ibm.com> -
0.7.2-0.20200527git7325acb477
- Following stable-0.7.0 branch for TPM 2 related fixes: RSA decryption,
PSS salt length, symmetric decryption (padding)
- Under certain circumstances an RSA decryption could cause a buffer overflow causing
termination of the program (swtpm)
* Wed May 20 2020 Stefan Berger <stefanb(a)linux.ibm.com> -
0.7.1-0.20200520git8fe99d1fd0
- Following stable-0.7.0 branch for TPM 2 related fixes; v0.7.1 + gcc related patch
- elliptic curve fixes
- MANUFACTURER changed from "IBM " to "IBM"
- gcc 10 related fix
* Wed Jan 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org> -
0.7.0-0.20191018gitdc116933b7.1
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
lollypop-1.3.0-1.fc32 (FEDORA-2020-2a3f700c2b)
Music player for GNOME
--------------------------------------------------------------------------------
Update Information:
- Update to 1.3.0 - Remove RR python3-pylast
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 27 2020 Martin Gansser <martinkg(a)fedoraproject.org> - 1.3.0-1
- Update to 1.3.0
- Remove RR python3-pylast
* Tue May 26 2020 Miro Hron��ok <mhroncok(a)redhat.com> - 1.2.35-2
- Rebuilt for Python 3.9
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1840593 - lollypop-1.3.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1840593
--------------------------------------------------------------------------------
================================================================================
massdns-0.3-1.fc32 (FEDORA-2020-767638bae4)
High-performance DNS stub resolver for bulk lookups and reconnaissance
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release 0.3
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1840604 - massdns-0.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1840604
--------------------------------------------------------------------------------
================================================================================
mbedtls-2.16.6-1.fc32 (FEDORA-2020-9a6e8e63e9)
Light-weight cryptographic and SSL/TLS library
--------------------------------------------------------------------------------
Update Information:
- Update to 2.16.6 Release notes:
https://tls.mbed.org/tech-
updates/releases/mbedtls-2.16.6-and-2.7.15-released Security Advisory:
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-
advisory-2020-04
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 27 2020 Morten Stevens <mstevens(a)fedoraproject.org> - 2.16.6-1
- Update to 2.16.6
- Security Advisory 2020-04 (CVE-2020-10932)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1838551 - CVE-2020-10932 mbedtls: side channel attack possibly leading to
information disclosure [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1838551
--------------------------------------------------------------------------------
================================================================================
openssh-8.3p1-1.fc32 (FEDORA-2020-794e81c4cc)
An open source implementation of SSH protocol version 2
--------------------------------------------------------------------------------
Update Information:
New upstream release (#1840503) and fix for sshd_config include corner cases.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 27 2020 Jakub Jelen <jjelen(a)redhat.com> - 8.3p1-1 + 0.10.3-10
- New upstream release (#1840503)
- Unbreak corner cases of sshd_config include
- Fix order of gssapi key exchange algorithms
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1840503 - openssh-8.3p1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1840503
--------------------------------------------------------------------------------
================================================================================
perl-Compress-Bzip2-2.27-2.fc32 (FEDORA-2020-5c3d40ee89)
Interface to Bzip2 compression library
--------------------------------------------------------------------------------
Update Information:
This release fixes few possible NULL pointer dereferences.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 27 2020 Petr Pisar <ppisar(a)redhat.com> - 2.27-2
- A dummy release to overcome a Koji failure
* Wed May 27 2020 Petr Pisar <ppisar(a)redhat.com> - 2.27-1
- 2.27 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1840363 - perl-Compress-Bzip2-2.27 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1840363
--------------------------------------------------------------------------------
================================================================================
php-doctrine-orm-2.7.3-1.fc32 (FEDORA-2020-85ee14cdb3)
Doctrine Object-Relational-Mapper (ORM)
--------------------------------------------------------------------------------
Update Information:
**Version 2.7.3** * 8158: Allow doctrine/common 3 and doctrine/persistence 2
thanks to @greg0ire * 8062: Convert PHP to SQL for new object expression
thanks to @jeroenvdheuvel * 7989: Fix issues detected by psalm on 2.7 thanks
to @orklah **BC Break, Bug** * 8138: Revert changes to embeddable mapping
in 2.7 thanks to @beberlei **Deprecation, Improvement** * 7953: Address
deprecations from persistence thanks to @greg0ire
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 27 2020 Remi Collet <remi(a)remirepo.net> - 2.7.3-1
- update to 2.7.3
- allow doctrine/common v3
- allow doctrine/persistence v2
- add dependency on doctrine/inflector
- add dependency on doctrine/lexer
--------------------------------------------------------------------------------
================================================================================
php-swaggest-json-diff-3.7.5-1.fc32 (FEDORA-2020-87b85a4452)
JSON diff/rearrange/patch/pointer library for PHP
--------------------------------------------------------------------------------
Update Information:
**Version 3.7.5** - 2020-05-26 **Fixed** - Accidental array to associative
array conversion ([#31](https://github.com/swaggest/json-diff/issues/31)).
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 27 2020 Remi Collet <remi(a)remirepo.net> - 3.7.5-1
- update to 3.7.5
--------------------------------------------------------------------------------
================================================================================
rubygem-jekyll-4.1.0-1.fc32 (FEDORA-2020-e222373bb7)
Simple, blog aware, static site generator
--------------------------------------------------------------------------------
Update Information:
Update to version 4.1.0. Release notes:
https://github.com/jekyll/jekyll/releases/tag/v4.1.0
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 27 2020 Fabio Valentini <decathorpe(a)gmail.com> - 4.1.0-1
- Update to version 4.1.0.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1840623 - rubygem-jekyll-4.1.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1840623
--------------------------------------------------------------------------------