The following Fedora 34 Security updates need testing:
Age URL
61
https://bodhi.fedoraproject.org/updates/FEDORA-2022-6aba96e1b8
radare2-5.6.4-1.fc34
13
https://bodhi.fedoraproject.org/updates/FEDORA-2022-fef374d46f
zchunk-1.2.2-1.fc34
13
https://bodhi.fedoraproject.org/updates/FEDORA-2022-2fec5f30be git-2.34.3-1.fc34
13
https://bodhi.fedoraproject.org/updates/FEDORA-2022-63de6726ce
libinput-1.19.4-1.fc34
12
https://bodhi.fedoraproject.org/updates/FEDORA-2022-5e637f6cc6
podman-3.4.7-1.fc34
8
https://bodhi.fedoraproject.org/updates/FEDORA-2022-b0a47f8060
freerdp-2.7.0-1.fc34
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-82a9edac27
ruby-3.0.4-153.fc34
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-a0a4c7eb31 redis-6.2.7-1.fc34
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-5d6aaab56e
maven-shared-utils-3.2.1-0.9.fc34
5
https://bodhi.fedoraproject.org/updates/FEDORA-2022-5cfe372ab7
mariadb-10.5.15-1.fc34
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-9cc421562b
java-1.8.0-openjdk-1.8.0.332.b09-1.fc34 java-11-openjdk-11.0.15.0.10-1.fc34
java-17-openjdk-17.0.3.0.7-1.fc34 java-latest-openjdk-18.0.1.0.10-1.rolling.fc34
2
https://bodhi.fedoraproject.org/updates/FEDORA-2022-34de4f833d
cifs-utils-6.15-1.fc34
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-fc5776b142
curl-7.76.1-15.fc34
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-d9d630891d
blender-2.93.8-2.fc34
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-f624aad735
libxml2-2.9.14-1.fc34
The following Fedora 34 Critical Path updates have yet to be approved:
Age URL
391
https://bodhi.fedoraproject.org/updates/FEDORA-2021-1300e131b6 ddpt-0.96-4.fc34
ledmon-0.95-4.fc34 libgpod-0.8.3-38.fc34 libzfcphbaapi-2.2.0-12.fc34 lsvpd-1.7.11-6.fc34
sg3_utils-1.46-1.fc34 udisks-1.0.5-18.fc34
113
https://bodhi.fedoraproject.org/updates/FEDORA-2022-e3b891fe11 gdb-11.1-7.fc34
61
https://bodhi.fedoraproject.org/updates/FEDORA-2022-8f3103b973
hwdata-0.357-1.fc34
43
https://bodhi.fedoraproject.org/updates/FEDORA-2022-dab75a01b8
gnome-shell-40.10-1.fc34 gnome-shell-extensions-40.7-1.fc34 mutter-40.10-1.fc34
29
https://bodhi.fedoraproject.org/updates/FEDORA-2022-eb1d10aba3 libldb-2.3.3-1.fc34
samba-4.14.13-0.fc34
13
https://bodhi.fedoraproject.org/updates/FEDORA-2022-63de6726ce
libinput-1.19.4-1.fc34
13
https://bodhi.fedoraproject.org/updates/FEDORA-2022-2fec5f30be git-2.34.3-1.fc34
13
https://bodhi.fedoraproject.org/updates/FEDORA-2022-fef374d46f
zchunk-1.2.2-1.fc34
12
https://bodhi.fedoraproject.org/updates/FEDORA-2022-86a5792181
webkit2gtk3-2.36.1-1.fc34
12
https://bodhi.fedoraproject.org/updates/FEDORA-2022-13c91c9fef
langtable-0.0.58-1.fc34
10
https://bodhi.fedoraproject.org/updates/FEDORA-2022-41e16c6c1e annobin-9.79-5.fc34
gcc-11.3.1-2.fc34
10
https://bodhi.fedoraproject.org/updates/FEDORA-2022-681d2ee7ea rtkit-0.11-28.fc34
9
https://bodhi.fedoraproject.org/updates/FEDORA-2022-c17b776b17 inih-55-1.fc34
8
https://bodhi.fedoraproject.org/updates/FEDORA-2022-b0a47f8060
freerdp-2.7.0-1.fc34
7
https://bodhi.fedoraproject.org/updates/FEDORA-2022-095ac0abfb
livecd-tools-30.0-1.fc34
7
https://bodhi.fedoraproject.org/updates/FEDORA-2022-47554f7728
gnutls-3.7.4-1.fc34
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-f624aad735
libxml2-2.9.14-1.fc34
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-fc5776b142
curl-7.76.1-15.fc34
The following builds have been pushed to Fedora 34 updates-testing
NetworkManager-l2tp-1.20.4-1.fc34
fedora-chromium-config-1.2-4.fc34
firefox-100.0-2.fc34
glibmm24-2.66.3-1.fc34
gtkmm30-3.24.6-1.fc34
kicad-6.0.5-1.fc34
mame-0.243-2.fc34
mingw-SDL2_ttf-2.0.18-2.fc34
mozilla-noscript-11.4.5-1.fc34
myproxy-6.2.9-8.fc34
netdata-1.34.1-1.fc34
perl-Parse-Distname-0.05-2.fc34
polybar-3.6.3-1.fc34
python-aws-sam-translator-1.42.0-5.fc34
python-stripe-2.74.0-1.fc34
python3.11-3.11.0~a7-3.fc34
resalloc-4.3-1.fc34
seamonkey-2.53.12-1.fc34
spamassassin-dqs-1.2.2-1.fc34
Details about builds:
================================================================================
NetworkManager-l2tp-1.20.4-1.fc34 (FEDORA-2022-ca2d4e06b4)
NetworkManager VPN plugin for L2TP and L2TP/IPsec
--------------------------------------------------------------------------------
Update Information:
Updated to 1.20.4 release
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 3 2022 Douglas Kosovic <doug(a)uq.edu.au> - 1.20.4-1
- Updated to 1.20.4 release
* Mon Apr 18 2022 Douglas Kosovic <doug(a)uq.edu.au> - 1.20.2-1
- Updated to 1.20.2 release
- Conditional gtk4 support added
* Wed Jan 19 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.20.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
fedora-chromium-config-1.2-4.fc34 (FEDORA-2022-68f4b32633)
Fedora customizations for Chromium/Chrome
--------------------------------------------------------------------------------
Update Information:
Drop the Fedora user-agent and change the GSSAPI policy from "managed" to
"recommended"
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 27 2022 Stephen Gallagher <sgallagh(a)redhat.com> 1.2-3
- Drop user-agent extension
* Tue Apr 26 2022 Stephen Gallagher <sgallagh(a)redhat.com> 1.2-2
- Install changes to the "recommended" policy, rather than "managed"
* Tue Apr 26 2022 Stephen Gallagher <sgallagh(a)redhat.com> 1.2-1
- Convert to rpmautospec
* Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.1-13
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Wed Jul 21 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.1-12
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
firefox-100.0-2.fc34 (FEDORA-2022-0f15da474c)
Mozilla Firefox Web browser
--------------------------------------------------------------------------------
Update Information:
- Fixed h.264 video playback over va-api
(
https://bugzilla.mozilla.org/show_bug.cgi?id=1762725) ---- - New upstream
version (100.0)
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 3 2022 Martin Stransky <stransky(a)redhat.com>- 100.0-2
- Added fix for mozbz#1759137
* Mon May 2 2022 Martin Stransky <stransky(a)redhat.com>- 100.0-1
- Updated to 100.0
* Thu Apr 28 2022 Jan Horak <jhorak(a)redhat.com> - 99.0.1-2
- Fixing bookmark install location - rhbz#2054953
* Wed Apr 13 2022 Martin Stransky <stransky(a)redhat.com> - 99.0.1-1
- Updated to 99.0.1
--------------------------------------------------------------------------------
================================================================================
glibmm24-2.66.3-1.fc34 (FEDORA-2022-ce42d27317)
C++ interface for the GLib library
--------------------------------------------------------------------------------
Update Information:
Update to 2.66.3 and 3.24.6
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 3 2022 David King <amigadave(a)amigadave.com> - 2.66.3-1
- Update to 2.66.3
--------------------------------------------------------------------------------
================================================================================
gtkmm30-3.24.6-1.fc34 (FEDORA-2022-ce42d27317)
C++ interface for the GTK+ library
--------------------------------------------------------------------------------
Update Information:
Update to 2.66.3 and 3.24.6
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 4 2022 David King <amigadave(a)amigadave.com> - 3.24.6-1
- Update to 3.24.6
--------------------------------------------------------------------------------
================================================================================
kicad-6.0.5-1.fc34 (FEDORA-2022-37dbecef18)
EDA software suite for creation of schematic diagrams and PCBs
--------------------------------------------------------------------------------
Update Information:
Update to 6.0.5
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 3 2022 Steven A. Falco <stevenfalco(a)gmail.com> - 1:6.0.5-1
- Update to 6.0.5
--------------------------------------------------------------------------------
================================================================================
mame-0.243-2.fc34 (FEDORA-2022-d7be26f27b)
Multiple Arcade Machine Emulator
--------------------------------------------------------------------------------
Update Information:
Work around crash when combining bgfx video with wayland SDL2 video driver ----
Update to the latest upstream release: *
https://www.mamedev.org/?p=512
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 3 2022 Julian Sikorski <belegdol(a)fedoraproject.org> 0.243-2
- Workaround crashes caused by SDL2 defaulting to wayland since 2.0.22-2
* Fri Apr 29 2022 Julian Sikorski <belegdol(a)fedoraproject.org> 0.243-1
- Update to 0.243
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2081093 - Defaulting to wayland causes mame to crash
https://bugzilla.redhat.com/show_bug.cgi?id=2081093
--------------------------------------------------------------------------------
================================================================================
mingw-SDL2_ttf-2.0.18-2.fc34 (FEDORA-2022-857d1f7050)
MinGW Windows port of the TrueType font handling library for SDL2
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2022-27470
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 4 2022 Artur Frenszek-Iwicki <fedora(a)svgames.pl> - 2.0.18-2
- Add a patch for CVE-2022-27470
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2081599 - CVE-2022-27470 sdf_ttf: Arbitrary memory overwrite occurs when
loading glyphs and rendering text with a malformed TTF file
https://bugzilla.redhat.com/show_bug.cgi?id=2081599
--------------------------------------------------------------------------------
================================================================================
mozilla-noscript-11.4.5-1.fc34 (FEDORA-2022-75ed5a8c04)
JavaScript white list extension for Mozilla Firefox
--------------------------------------------------------------------------------
Update Information:
Latest upstream release, full [
changelog](https://noscript.net/changelog/).
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 3 2022 Dominik Mierzejewski <dominik(a)greysector.net> - 11.4.5-1
- update to 11.4.5 (#2068417)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2068417 - mozilla-noscript-11.4.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2068417
--------------------------------------------------------------------------------
================================================================================
myproxy-6.2.9-8.fc34 (FEDORA-2022-23a4f67be8)
Manage X.509 Public Key Infrastructure (PKI) security credentials
--------------------------------------------------------------------------------
Update Information:
Partially revert the sha256 change that broke backward compatibility.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 3 2022 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 6.2.9-8
- Partially revert the sha256 patch to restore backward compatibility
--------------------------------------------------------------------------------
================================================================================
netdata-1.34.1-1.fc34 (FEDORA-2022-954d6c44ba)
Real-time performance monitoring
--------------------------------------------------------------------------------
Update Information:
Update from upstream
--------------------------------------------------------------------------------
ChangeLog:
* Sat Apr 30 2022 Didier Fabert <didier.fabert(a)gmail.com> 1.34.1-1
- Update from upstream
- Move stock config files in /usr/lib/netdata/conf.d
- Use embedded protobuf-cpp for el7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2075773 - netdata-1.34.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2075773
--------------------------------------------------------------------------------
================================================================================
perl-Parse-Distname-0.05-2.fc34 (FEDORA-2022-419c129c95)
Parse a distribution name
--------------------------------------------------------------------------------
Update Information:
This is the first build of perl-Parse-Distname.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 28 2022 Paul Howarth <paul(a)city-fan.org> - 0.05-2
- Incorporate feedback from package review (#2073377)
- perl(strict) is a run-time dependency, not just a test dependency
- Don't package the tests as documentation
* Fri Apr 8 2022 Paul Howarth <paul(a)city-fan.org> - 0.05-1
- Initial RPM version
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2073377 - Review Request: perl-Parse-Distname - Parse a distribution name
https://bugzilla.redhat.com/show_bug.cgi?id=2073377
--------------------------------------------------------------------------------
================================================================================
polybar-3.6.3-1.fc34 (FEDORA-2022-adb7b04524)
Fast and easy-to-use status bar
--------------------------------------------------------------------------------
Update Information:
Update to 3.6.3
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 4 2022 Artem Polishchuk <ego.cordatus(a)gmail.com> - 3.6.3-1
- chore(update): 3.6.3
--------------------------------------------------------------------------------
================================================================================
python-aws-sam-translator-1.42.0-5.fc34 (FEDORA-2022-db089fb213)
Transform SAM templates into AWS CloudFormation templates
--------------------------------------------------------------------------------
Update Information:
Work around a failing test on 32-bit builders
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 3 2022 Benjamin A. Beasley <code(a)musicinmybrain.net> 1.42.0-5
- Work around a failing test on 32-bit builders
--------------------------------------------------------------------------------
================================================================================
python-stripe-2.74.0-1.fc34 (FEDORA-2022-1965c80cb4)
Python library for the Stripe API
--------------------------------------------------------------------------------
Update Information:
API extensions
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 3 2022 Paul Wouters <paul.wouters(a)aiven.io> - 2.74.0-1
- Resolves rhbz#2070208 python-stripe-2.74.0 is available
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2070208 - python-stripe-2.74.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2070208
--------------------------------------------------------------------------------
================================================================================
python3.11-3.11.0~a7-3.fc34 (FEDORA-2022-be990fe88f)
Version 3.11 of the Python interpreter
--------------------------------------------------------------------------------
Update Information:
Provide multiple subpackages, including the debug build, for Python 3.11.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 20 2022 Tomas Orsava <torsava(a)redhat.com> - 3.11.0~a7-3
- Build Python 3.11 with subpackages
- `python(abi)` is still not Provided for alternative Python versions
- Drop old no-longer-needed Obsoletes of python311 and python3-tools
- Move _sysconfigdata_d_linux*.py to the debug subpackage
- Resolves: rhbz#2063227
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2063227 - Lots of depencies compared to system python
https://bugzilla.redhat.com/show_bug.cgi?id=2063227
--------------------------------------------------------------------------------
================================================================================
resalloc-4.3-1.fc34 (FEDORA-2022-871aa8f688)
Resource allocator for expensive resources - client tooling
--------------------------------------------------------------------------------
Update Information:
new upstream release:
https://github.com/praiskup/resalloc/releases/tag/v4.3
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
seamonkey-2.53.12-1.fc34 (FEDORA-2022-abbb9d5575)
Web browser, e-mail, news, IRC client, HTML editor
--------------------------------------------------------------------------------
Update Information:
Update to 2.53.12 For compatibility with modern sites the default version of
Firefox for the User-Agent string has now been set to 78.0 . The value can be
changed in Preferences-->Advanced-->HTTP Networking . Note that besides the
ordinary builds for the current Fedora and EPEL branches, there is an additional
distro-independed build available at
https://buc.fedorapeople.org/seamonkey . So
if you have friends who use other Linux distro, but that distro does not provide
SeaMonkey yet, you can recommend it for them.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 3 2022 Dmitry Butskoy <Dmitry(a)Butskoy.name> 2.53.12-1
- update to 2.53.12
--------------------------------------------------------------------------------
================================================================================
spamassassin-dqs-1.2.2-1.fc34 (FEDORA-2022-ed3bc94cc7)
SpamAssassin plugin for Spamhaus Data Query Service (DQS)
--------------------------------------------------------------------------------
Update Information:
# SpamAssassin DQS Plugin 1.2.2 - Removed useless syslog functions and made
the plugin compatible with MDaemon - Minor fixes
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 3 2022 Robert Scheck <robert(a)fedoraproject.org> 1.2.2-1
- Upgrade to 1.2.2 (#2077302)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2077302 - spamassassin-dqs-1.2.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2077302
--------------------------------------------------------------------------------