The following Fedora 32 Security updates need testing:
Age URL
56
https://bodhi.fedoraproject.org/updates/FEDORA-2020-1f643c272c libntlm-1.6-1.fc32
9
https://bodhi.fedoraproject.org/updates/FEDORA-2020-d32853a28d
mingw-openjpeg2-2.3.1-11.fc32 openjpeg2-2.3.1-10.fc32
8
https://bodhi.fedoraproject.org/updates/FEDORA-2020-307946cfb6
python-lxml-4.4.1-5.fc32
3
https://bodhi.fedoraproject.org/updates/FEDORA-2020-66e6e8d027
golang-gopkg-macaron-1-1.4.0-1.fc32
3
https://bodhi.fedoraproject.org/updates/FEDORA-2020-968067abfa
grafana-7.3.6-1.fc32
The following Fedora 32 Critical Path updates have yet to be approved:
Age URL
176
https://bodhi.fedoraproject.org/updates/FEDORA-2020-ebbe0f7b25 cpio-2.13-6.fc32
28
https://bodhi.fedoraproject.org/updates/FEDORA-2020-e49210967b dnf-4.4.2-1.fc32
libdnf-0.55.0-3.fc32 microdnf-3.5.1-1.fc32
24
https://bodhi.fedoraproject.org/updates/FEDORA-2020-e3cff2530e koji-1.23.0-2.fc32
21
https://bodhi.fedoraproject.org/updates/FEDORA-2020-4f53b68751 dnf-4.5.2-1.fc32
dnf-plugins-extras-4.0.13-1.fc32 libdnf-0.55.2-1.fc32
16
https://bodhi.fedoraproject.org/updates/FEDORA-2020-345d2fd2aa
iproute-5.9.0-1.fc32
11
https://bodhi.fedoraproject.org/updates/FEDORA-2020-8c96ea7de3
enchant2-2.2.14-1.fc32 mingw-enchant2-2.2.14-1.fc32
10
https://bodhi.fedoraproject.org/updates/FEDORA-2020-4ccd211011 fwupd-1.5.4-1.fc32
10
https://bodhi.fedoraproject.org/updates/FEDORA-2020-da9438a4ae
webkit2gtk3-2.30.4-1.fc32
9
https://bodhi.fedoraproject.org/updates/FEDORA-2020-f6910afeec
libmodulemd-2.11.1-1.fc32
9
https://bodhi.fedoraproject.org/updates/FEDORA-2020-d32853a28d
mingw-openjpeg2-2.3.1-11.fc32 openjpeg2-2.3.1-10.fc32
9
https://bodhi.fedoraproject.org/updates/FEDORA-2020-b425e20781
nfs-utils-2.5.2-1.rc3.fc32
9
https://bodhi.fedoraproject.org/updates/FEDORA-2020-a649873794 audit-3.0-1.fc32
8
https://bodhi.fedoraproject.org/updates/FEDORA-2020-0896207697 zstd-1.4.7-1.fc32
8
https://bodhi.fedoraproject.org/updates/FEDORA-2020-e7a8b3931d
osinfo-db-20201218-1.fc32
6
https://bodhi.fedoraproject.org/updates/FEDORA-2020-53df9f500d
linux-firmware-20201218-116.fc32
3
https://bodhi.fedoraproject.org/updates/FEDORA-2020-88275b3477
procps-ng-3.3.16-2.fc32
3
https://bodhi.fedoraproject.org/updates/FEDORA-2020-d96c86b050 ndctl-71.1-1.fc32
3
https://bodhi.fedoraproject.org/updates/FEDORA-2020-d4c4f04447
ethtool-5.10-1.fc32
1
https://bodhi.fedoraproject.org/updates/FEDORA-2020-29fcb2cec6
tracker-2.3.6-2.fc32
The following builds have been pushed to Fedora 32 updates-testing
bcd-1.1-2.20180610gitd94c9fa.fc32
container-selinux-2.153.0-1.fc32
elementary-calculator-1.6.0-1.fc32
etcd-3.4.13-1.fc32
flashrom-1.2-5.fc32
gitjacker-0.0.2-3.fc32
guacamole-server-1.2.0-3.fc32
libtelnet-0.23-1.fc32
liferea-1.13.4-1.fc32
mopidy-3.1.1-1.fc32
msmtp-1.8.14-1.fc32
opencv-4.2.0-8.fc32
perl-App-ccdiff-0.30-1.fc32
python-niapy-2.0.0-0.3rc12.fc32
python3-3.8.7-1.fc32
python3-docs-3.8.7-1.fc32
ravada-0.10.5-1.fc32
shotwell-0.31.3-3.fc32
swtpm-0.5.2-0.20201226gite59c0c1.fc32
tilda-1.5.4-1.fc32
Details about builds:
================================================================================
bcd-1.1-2.20180610gitd94c9fa.fc32 (FEDORA-2020-5a9e29b2e0)
Bayesian Collaborative Denoiser for Monte-Carlo Rendering
--------------------------------------------------------------------------------
Update Information:
Introduce package
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
container-selinux-2.153.0-1.fc32 (FEDORA-2020-5ac25a7c9c)
SELinux policies for container runtimes
--------------------------------------------------------------------------------
Update Information:
Autobuilt v2.153.0 ---- Autobuilt v2.152.0
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 26 2020 RH Container Bot <rhcontainerbot(a)fedoraproject.org> - 2:2.153.0-1
- autobuilt v2.153.0
* Tue Dec 22 2020 RH Container Bot <rhcontainerbot(a)fedoraproject.org> - 2:2.152.0-1
- autobuilt v2.152.0
--------------------------------------------------------------------------------
================================================================================
elementary-calculator-1.6.0-1.fc32 (FEDORA-2020-3cc46f804b)
Calculator app designed for elementary
--------------------------------------------------------------------------------
Update Information:
Update to version 1.6.0. Release notes:
https://github.com/elementary/calculator/releases/tag/1.6.0
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 26 2020 Fabio Valentini <decathorpe(a)gmail.com> - 1.6.0-1
- Update to version 1.6.0.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1910498 - elementary-calculator-1.6.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1910498
--------------------------------------------------------------------------------
================================================================================
etcd-3.4.13-1.fc32 (FEDORA-2020-cd43b84c16)
Distributed reliable key-value store for the most critical data of a distributed system
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2020-15113, CVE-2020-15112, CVE-2020-15114, CVE-2020-15115,
CVE-2020-15136, CVE-2020-15106
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 4 2020 Robert-Andr�� Mauchin <zebob.m(a)gmail.com> - 3.4.13-1
- Update to 3.4.13
* Sat Aug 1 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.4.7-3
- Second attempt - Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Mon Jul 27 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.4.7-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1868871 - CVE-2020-15113 etcd: directories created via os.MkdirAll are not
checked for permissions [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1868871
[ 2 ] Bug #1868873 - CVE-2020-15112 etcd: DoS in wal/wal.go [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1868873
[ 3 ] Bug #1868875 - CVE-2020-15114 etcd: gateway can include itself as an endpoint
resulting in resource exhaustion and leads to DoS [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1868875
[ 4 ] Bug #1868879 - CVE-2020-15115 etcd: improper validation of passwords allow an
attacker to guess or brute-force user's passwords [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1868879
[ 5 ] Bug #1868881 - CVE-2020-15136 etcd: no authentication is performed against
endpoints provided in the --endpoints flag [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1868881
[ 6 ] Bug #1868884 - CVE-2020-15106 etcd: large slice causes panic in decodeRecord
method [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1868884
--------------------------------------------------------------------------------
================================================================================
flashrom-1.2-5.fc32 (FEDORA-2020-2e869fda66)
Simple program for reading/writing flash chips content
--------------------------------------------------------------------------------
Update Information:
* Enable support for j-link
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 26 2020 Peter Lemenkov <lemenkov(a)gmail.com> - 1.2-5
- Added jlink support
* Tue Dec 22 2020 Robert Scheck <robert(a)fedoraproject.org> - 1.2-4
- Perform source file verification during %prep
* Mon Jul 27 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.2-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1906403 - add libjaylink as dependency to flashrom
https://bugzilla.redhat.com/show_bug.cgi?id=1906403
--------------------------------------------------------------------------------
================================================================================
gitjacker-0.0.2-3.fc32 (FEDORA-2020-cd2630f1df)
Leak git repositories from misconfigured websites
--------------------------------------------------------------------------------
Update Information:
Add requirement
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 26 2020 Fabian Affolter <mail(a)fabian-affolter.ch> - 0.0.2-3
- Add requirement
--------------------------------------------------------------------------------
================================================================================
guacamole-server-1.2.0-3.fc32 (FEDORA-2020-bfde0ab889)
Server-side native components that form the Guacamole proxy
--------------------------------------------------------------------------------
Update Information:
Updated SPEC file and rebuilt for new dependencies.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 26 2020 Simone Caronni <negativo17(a)gmail.com> - 1.2.0-3
- Do not ship deprecated sysconfig file.
- Trim changelog.
* Tue Jul 28 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.2.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Fri Jul 24 2020 Simone Caronni <negativo17(a)gmail.com> - 1.2.0-1
- Update to 1.2.0.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1853386 - CVE-2020-9498 guacamole-server: Dangling pointer in RDP static
virtual channel handling [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1853386
[ 2 ] Bug #1853388 - CVE-2020-9498 guacamole-server: Dangling pointer in RDP static
virtual channel handling [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1853388
[ 3 ] Bug #1853391 - CVE-2020-9497 guacamole-server: Improper input validation of RDP
static virtual channels [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1853391
[ 4 ] Bug #1853393 - CVE-2020-9497 guacamole-server: Improper input validation of RDP
static virtual channels [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1853393
[ 5 ] Bug #1878395 - F34FailsToInstall: libguac-client-kubernetes
https://bugzilla.redhat.com/show_bug.cgi?id=1878395
[ 6 ] Bug #1899751 - Dependency error installing libguac-client-kubernetes
https://bugzilla.redhat.com/show_bug.cgi?id=1899751
--------------------------------------------------------------------------------
================================================================================
libtelnet-0.23-1.fc32 (FEDORA-2020-f6bd9897fc)
TELNET protocol parsing framework
--------------------------------------------------------------------------------
Update Information:
Update to 0.23, modernize SPEC file.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 26 2020 Simone Caronni <negativo17(a)gmail.com> - 0.23-1
- Update to 0.23.
- Modernize SPEC file.
- Trim changelog.
- rpmlint fixes.
* Tue Jul 28 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.21-18
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1909867 - Non-responsive maintainer check for slaanesh
https://bugzilla.redhat.com/show_bug.cgi?id=1909867
--------------------------------------------------------------------------------
================================================================================
liferea-1.13.4-1.fc32 (FEDORA-2020-fffe5eabe5)
An RSS/RDF feed reader
--------------------------------------------------------------------------------
Update Information:
bump version
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 26 2020 josef radinger <cheese(a)nosuchhost.net> - 1:1.13.4-1
- bump version
- icons have now full name
* Thu Oct 15 2020 josef radinger <cheese(a)nosuchhost.net> - 1:1.13.3-4
- fix build for epel7 (thanks tis)
--------------------------------------------------------------------------------
================================================================================
mopidy-3.1.1-1.fc32 (FEDORA-2020-3cf34ee4e2)
An extensible music server written in Python
--------------------------------------------------------------------------------
Update Information:
Upgrade to Mopidy 3.1.1, fixing a crash when extracting tags with gst 1.18
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 26 2020 Tobias Girstmair <t-fedora(a)girst.at> - 3.1.1-1
- Upgrade to Mopidy 3.1.1, fixing a crash when extracting tags with gst 1.18
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1910968 - mopidy-3.1.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1910968
--------------------------------------------------------------------------------
================================================================================
msmtp-1.8.14-1.fc32 (FEDORA-2020-ff8416ed27)
SMTP client
--------------------------------------------------------------------------------
Update Information:
MSMTP ver. 1.8.14
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 26 2020 Peter Lemenkov <lemenkov(a)gmail.com> - 1.8.14-1
- Ver. 1.8.14 (rhbz#1910357)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1910357 - msmtp-1.8.14 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1910357
--------------------------------------------------------------------------------
================================================================================
opencv-4.2.0-8.fc32 (FEDORA-2020-430178b761)
Collection of algorithms for computer vision
--------------------------------------------------------------------------------
Update Information:
Fix FTBFS with update of jasper
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 24 2020 S��rgio Basto <sergio(a)serjux.com> - 4.2.0-8
- Fix build of grfmt_jpeg2000.cpp
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1910121 - Illegal instruction in libopencv_gapi.so.4.3
https://bugzilla.redhat.com/show_bug.cgi?id=1910121
--------------------------------------------------------------------------------
================================================================================
perl-App-ccdiff-0.30-1.fc32 (FEDORA-2020-aa1474b1d6)
Colored Character diff
--------------------------------------------------------------------------------
Update Information:
Changes since 0.28: * Default changed by `$ENV{CLICOLOR}` - see
https://bixense.com/clicolors/ * Support header colors and header for non-u *
Refuse to diff character and block devices * Warn that `--recurse` and folders
are not yet supported * Prefer `Algorithm::Diff::XS` if installed (raf) * Add
`--swap`/`-s` (swap old/new color indicators)
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 26 2020 Richard Fearn <richardfearn(a)gmail.com> 0.30-1
- Update to new version 0.30 (#1910350)
* Tue Jul 28 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.28-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Tue Jun 23 2020 Jitka Plesnikova <jplesnik(a)redhat.com> - 0.28-3
- Perl 5.32 rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1910350 - perl-App-ccdiff-0.30 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1910350
--------------------------------------------------------------------------------
================================================================================
python-niapy-2.0.0-0.3rc12.fc32 (FEDORA-2020-68b8456b09)
Micro framework for building nature-inspired algorithms
--------------------------------------------------------------------------------
Update Information:
new release of NiaPy package
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 4 2020 Iztok Fister Jr. <iztokf AT fedoraproject DOT org> -
2.0.0-0.3rc12
- New release - 2.0.0rc12
- Remove dependencies - xlwt, xlsxwriter
- New dependency - openpyxl
--------------------------------------------------------------------------------
================================================================================
python3-3.8.7-1.fc32 (FEDORA-2020-66d135ac1f)
Interpreter of the Python programming language
--------------------------------------------------------------------------------
Update Information:
Update Python to [version
3.8.7](https://www.python.org/downloads/release/python-387/).
[
Changelog](https://docs.python.org/release/3.8.7/whatsnew/changelog.html).
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 22 2020 Miro Hron��ok <mhroncok(a)redhat.com> - 3.8.7-1
- Update to 3.8.7
* Tue Dec 8 2020 Tomas Hrnciar <thrnciar(a)redhat.com> - 3.8.7~rc1-1
- Update to 3.8.7rc1
* Mon Oct 5 2020 Miro Hron��ok <mhroncok(a)redhat.com> - 3.8.6-2
- Use upstream architecture names on Fedora 34+
-
https://fedoraproject.org/wiki/Changes/Python_Upstream_Architecture_Names
--------------------------------------------------------------------------------
================================================================================
python3-docs-3.8.7-1.fc32 (FEDORA-2020-66d135ac1f)
Documentation for the Python 3 programming language
--------------------------------------------------------------------------------
Update Information:
Update Python to [version
3.8.7](https://www.python.org/downloads/release/python-387/).
[
Changelog](https://docs.python.org/release/3.8.7/whatsnew/changelog.html).
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 22 2020 Miro Hron��ok <mhroncok(a)redhat.com> - 3.8.7-1
- Update to 3.8.7
--------------------------------------------------------------------------------
================================================================================
ravada-0.10.5-1.fc32 (FEDORA-2020-9f869cc5ce)
Remote Virtual Desktops Manager
--------------------------------------------------------------------------------
Update Information:
Update to 0.10.5
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 26 2020 Robert-Andr�� Mauchin <zebob.m(a)gmail.com> - 0.10.5-1
- Update to 0.10.5
- Close: rhbz#1906242
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1906242 - ravada-0.10.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1906242
--------------------------------------------------------------------------------
================================================================================
shotwell-0.31.3-3.fc32 (FEDORA-2020-7da626bccf)
A photo organizer for the GNOME desktop
--------------------------------------------------------------------------------
Update Information:
#### Shotwell 0.31.3 - 22 Dec 2020 #### * Store publishing secrets using
libsecret * Fix rotation keybinding for viewer * Fix a missing menu item * Many
translation updates
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 26 2020 Thomas Moschny <thomas.moschny(a)gmx.de> - 0.31.3-3
- Fix build option.
* Sat Dec 26 2020 Thomas Moschny <thomas.moschny(a)gmx.de> - 0.31.3-2
- Update BRs from meson.build.
* Thu Dec 24 2020 Thomas Moschny <thomas.moschny(a)gmx.de> - 0.31.3-1
- Update to 0.31.3.
* Wed Jul 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.31.2-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
swtpm-0.5.2-0.20201226gite59c0c1.fc32 (FEDORA-2020-b52830d94c)
TPM Emulator
--------------------------------------------------------------------------------
Update Information:
Bugfixes for stable release
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 26 2020 Stefan Berger <stefanb(a)linux.ibm.com> -
0.5.2-1.20201226gite59c0c1a
- Bugfixes for stable release
--------------------------------------------------------------------------------
================================================================================
tilda-1.5.4-1.fc32 (FEDORA-2020-749dd421c7)
A Gtk based drop down terminal for Linux and Unix
--------------------------------------------------------------------------------
Update Information:
- update to 1.5.4
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 26 2020 Johannes Lips <hannes(a)fedoraproject.org> - 1.5.4-1
- update to upstream version 1.5.4
* Wed Jul 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.5.1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------