The following Fedora 34 Security updates need testing:
Age URL
52
https://bodhi.fedoraproject.org/updates/FEDORA-2022-6aba96e1b8
radare2-5.6.4-1.fc34
11
https://bodhi.fedoraproject.org/updates/FEDORA-2022-585661c82c
thunderbird-91.8.0-1.fc34
10
https://bodhi.fedoraproject.org/updates/FEDORA-2022-dbd2935e44 rsync-3.2.3-6.fc34
10
https://bodhi.fedoraproject.org/updates/FEDORA-2022-05918f0838
dhcp-4.4.2-12.b1.fc34
9
https://bodhi.fedoraproject.org/updates/FEDORA-2022-6b512ae9e5 gzip-1.10-5.fc34
7
https://bodhi.fedoraproject.org/updates/FEDORA-2022-64b2c02d29 xen-4.14.5-1.fc34
7
https://bodhi.fedoraproject.org/updates/FEDORA-2022-ec66ee6b59 xz-5.2.5-9.fc34
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-39533c087f
htmldoc-1.9.15-1.fc34
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-cac2323802
moby-engine-20.10.14-1.fc34
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-fef374d46f
zchunk-1.2.2-1.fc34
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-5cbd6de569
bettercap-2.28-9.fc34 chisel-1.7.7-2.fc34 commit-stream-0.1.2-6.fc34
containerd-1.6.2-3.fc34 gobuster-3.1.0-2.fc34
golang-contrib-opencensus-resource-0.1.2-6.fc34 golang-gioui-0-7.20201225git18d4dbf.fc34
golang-github-appc-docker2aci-0.17.2-8.fc34 golang-github-appc-goaci-0.1.1-10.fc34
golang-github-appc-spec-0.8.11-13.fc34 golang-github-containerd-continuity-0.2.2-2.fc34
golang-github-containerd-stargz-snapshotter-0.7.0-4.fc34
golang-github-coredns-corefile-migration-1.0.11-5.fc34
golang-github-envoyproxy-protoc-gen-validate-0.4.1-5.fc34
golang-github-francoispqt-gojay-1.2.13-6.fc34 golang-github-gogo-googleapis-1.4.1-3.fc34
golang-github-gohugoio-testmodbuilder-0-0.9.20201030git72e1e0c.fc34
golang-github-google-containerregistry-0.5.1-4.fc34
golang-github-google-slothfs-0-0.10.20200727git59c1163.fc34
golang-github-googleapis-gnostic-0.5.3-5.fc34
golang-github-googlecloudplatform-cloudsql-proxy-1.19.1-5.fc34 gola
ng-github-instrumenta-kubeval-0.15.0-7.fc34 golang-github-intel-goresctrl-0.2.0-4.fc34
golang-github-oklog-0.3.2-9.20190701gitca7cdf5.fc34
golang-github-pact-foundation-1.5.1-5.fc34 golang-github-prometheus-2.32.1-4.fc34
golang-github-prometheus-alertmanager-0.23.0-8.fc34
golang-github-prometheus-node-exporter-1.3.1-7.fc34
golang-github-prometheus-tsdb-0.10.0-6.fc34
golang-github-redteampentesting-monsoon-0.6.0-5.fc34
golang-github-spf13-cobra-1.4.0-2.fc34
golang-github-theupdateframework-notary-0.7.0-4.fc34
golang-github-xordataexchange-crypt-0.0.2-11.20190412gitb2862e3.fc34
golang-gopkg-src-d-git-4-4.13.1-7.fc34 golang-k8s-apiextensions-apiserver-1.22.0-5.fc34
golang-k8s-code-generator-1.22.0-3.fc34 golang-k8s-kube-aggregator-1.22.0-3.fc34
golang-k8s-sample-apiserver-1.22.0-4.fc34 golang-k8s-sample-controller-1.22.0-3.fc34
golang-mongodb-mongo-driver-1.4.5-5.fc34 golang-storj-drpc-0.0.16-5.fc34
golang-x-perf-0-0.14.20210123gitbdcc622.fc34 grpcurl-1.8.6-2.fc34 onionscan-0.2-6.fc34
shellz-1.5.0-6.fc34 shhgit-0.2-6.fc34 snowcrash-0-0.6.20201119git49b99ad.fc34
xq-0.0.7-3.fc34
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-2fec5f30be git-2.34.3-1.fc34
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-63de6726ce
libinput-1.19.4-1.fc34
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-29327a4b98
stb-0^20210910gitaf1a5bc-0.2.fc34
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-832689aa6b usd-21.08-19.fc34
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-82a9edac27
ruby-3.0.4-152.fc34
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-5e637f6cc6
podman-3.4.7-1.fc34
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-22b85a45cb
epiphany-40.6-2.fc34
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-b605768c94
vim-8.2.4804-1.fc34
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-bc5c8ee61e esh-0.3.2-1.fc34
0
https://bodhi.fedoraproject.org/updates/FEDORA-2022-cc64b21327
CuraEngine-4.13.1-2.fc34
The following Fedora 34 Critical Path updates have yet to be approved:
Age URL
382
https://bodhi.fedoraproject.org/updates/FEDORA-2021-1300e131b6 ddpt-0.96-4.fc34
ledmon-0.95-4.fc34 libgpod-0.8.3-38.fc34 libzfcphbaapi-2.2.0-12.fc34 lsvpd-1.7.11-6.fc34
sg3_utils-1.46-1.fc34 udisks-1.0.5-18.fc34
104
https://bodhi.fedoraproject.org/updates/FEDORA-2022-e3b891fe11 gdb-11.1-7.fc34
52
https://bodhi.fedoraproject.org/updates/FEDORA-2022-8f3103b973
hwdata-0.357-1.fc34
34
https://bodhi.fedoraproject.org/updates/FEDORA-2022-dab75a01b8
gnome-shell-40.10-1.fc34 gnome-shell-extensions-40.7-1.fc34 mutter-40.10-1.fc34
19
https://bodhi.fedoraproject.org/updates/FEDORA-2022-eb1d10aba3 libldb-2.3.3-1.fc34
samba-4.14.13-0.fc34
11
https://bodhi.fedoraproject.org/updates/FEDORA-2022-585661c82c
thunderbird-91.8.0-1.fc34
10
https://bodhi.fedoraproject.org/updates/FEDORA-2022-05918f0838
dhcp-4.4.2-12.b1.fc34
10
https://bodhi.fedoraproject.org/updates/FEDORA-2022-dbd2935e44 rsync-3.2.3-6.fc34
10
https://bodhi.fedoraproject.org/updates/FEDORA-2022-18e43296f0
linux-firmware-20220411-131.fc34
9
https://bodhi.fedoraproject.org/updates/FEDORA-2022-6b512ae9e5 gzip-1.10-5.fc34
7
https://bodhi.fedoraproject.org/updates/FEDORA-2022-ec66ee6b59 xz-5.2.5-9.fc34
7
https://bodhi.fedoraproject.org/updates/FEDORA-2022-14b4ccfa1f gdisk-1.0.9-1.fc34
7
https://bodhi.fedoraproject.org/updates/FEDORA-2022-64b2c02d29 xen-4.14.5-1.fc34
7
https://bodhi.fedoraproject.org/updates/FEDORA-2022-eaef082697
container-selinux-2.173.1-2.fc34 flatpak-1.10.7-2.fc34 osbuild-54-2.fc34
selinux-policy-34.27-1.fc34 snapd-2.55.3-2.fc34
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-63de6726ce
libinput-1.19.4-1.fc34
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-2fec5f30be git-2.34.3-1.fc34
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-fef374d46f
zchunk-1.2.2-1.fc34
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-86a5792181
webkit2gtk3-2.36.1-1.fc34
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-13c91c9fef
langtable-0.0.58-1.fc34
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-41e16c6c1e annobin-9.79-5.fc34
gcc-11.3.1-2.fc34
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-681d2ee7ea rtkit-0.11-28.fc34
1
https://bodhi.fedoraproject.org/updates/FEDORA-2022-b605768c94
vim-8.2.4804-1.fc34
0
https://bodhi.fedoraproject.org/updates/FEDORA-2022-d515f28d09
livecd-tools-29.0-1.fc34
0
https://bodhi.fedoraproject.org/updates/FEDORA-2022-c17b776b17 inih-55-1.fc34
The following builds have been pushed to Fedora 34 updates-testing
chromium-100.0.4896.127-1.fc34
claws-mail-3.19.0-1.fc34
dotnet3.1-3.1.418-1.fc34
rust-nix0.22-0.22.3-1.fc34
Details about builds:
================================================================================
chromium-100.0.4896.127-1.fc34 (FEDORA-2022-17aa1c62da)
A WebKit (Blink) powered web browser that Google doesn't want you to use
--------------------------------------------------------------------------------
Update Information:
100 Chromium releases! Of course, at the rate they release now, we'll probably
be at 150 before the end of the year. Anyway, here's the update. Fixes:
CVE-2022-1232 CVE-2022-1305 CVE-2022-1306 CVE-2022-1307 CVE-2022-1308
CVE-2022-1309 CVE-2022-1310 CVE-2022-1311 CVE-2022-1312 CVE-2022-1313
CVE-2022-1314 CVE-2022-1364
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 21 2022 Tom Callaway <spot(a)fedoraproject.org> - 100.0.4896.127-1
- update to 100.0.4896.127
* Tue Apr 5 2022 Tom Callaway <spot(a)fedoraproject.org> - 100.0.4896.75-1
- update to 100.0.4896.75
* Sat Apr 2 2022 Tom Callaway <spot(a)fedoraproject.org> - 100.0.4896.60-1
- update to 100.0.4896.60
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2071876 - CVE-2022-1232 chromium-browser: Type Confusion in V8
https://bugzilla.redhat.com/show_bug.cgi?id=2071876
[ 2 ] Bug #2074371 - CVE-2022-1305 chromium-browser: Use after free in storage
https://bugzilla.redhat.com/show_bug.cgi?id=2074371
[ 3 ] Bug #2074372 - CVE-2022-1306 chromium-browser: Inappropriate implementation in
compositing
https://bugzilla.redhat.com/show_bug.cgi?id=2074372
[ 4 ] Bug #2074373 - CVE-2022-1307 chromium-browser: Inappropriate implementation in
full screen
https://bugzilla.redhat.com/show_bug.cgi?id=2074373
[ 5 ] Bug #2074374 - CVE-2022-1308 chromium-browser: Use after free in BFCache
https://bugzilla.redhat.com/show_bug.cgi?id=2074374
[ 6 ] Bug #2074375 - CVE-2022-1309 chromium-browser: Insufficient policy enforcement in
developer tools
https://bugzilla.redhat.com/show_bug.cgi?id=2074375
[ 7 ] Bug #2074376 - CVE-2022-1310 chromium-browser: Use after free in regular
expressions
https://bugzilla.redhat.com/show_bug.cgi?id=2074376
[ 8 ] Bug #2074377 - CVE-2022-1311 chromium-browser: Use after free in Chrome OS shell
https://bugzilla.redhat.com/show_bug.cgi?id=2074377
[ 9 ] Bug #2074378 - CVE-2022-1312 chromium-browser: Use after free in storage
https://bugzilla.redhat.com/show_bug.cgi?id=2074378
[ 10 ] Bug #2074379 - CVE-2022-1313 chromium-browser: Use after free in tab groups
https://bugzilla.redhat.com/show_bug.cgi?id=2074379
[ 11 ] Bug #2074380 - CVE-2022-1314 chromium-browser: Type Confusion in V8
https://bugzilla.redhat.com/show_bug.cgi?id=2074380
[ 12 ] Bug #2076274 - CVE-2022-1364 Chromium-browser: Type Confusion in V8.
https://bugzilla.redhat.com/show_bug.cgi?id=2076274
--------------------------------------------------------------------------------
================================================================================
claws-mail-3.19.0-1.fc34 (FEDORA-2022-a4b251b131)
Email client and news reader based on GTK+
--------------------------------------------------------------------------------
Update Information:
Update from 3.18.0 to 3.19.0 for Fedora 34. Update from 4.0.0 to 4.1.0 for
Fedora 35/36.
https://www.claws-mail.org/news.php
--------------------------------------------------------------------------------
ChangeLog:
* Sun Apr 24 2022 Michael Schwendt <mschwendt(a)fedoraproject.org> - 3.19.0-1
- Update to 3.19.0.
- New keyword_warner plugin.
- pdf_viewer patch not needed anymore.
--------------------------------------------------------------------------------
================================================================================
dotnet3.1-3.1.418-1.fc34 (FEDORA-2022-c9860d36be)
.NET Core Runtime and SDK
--------------------------------------------------------------------------------
Update Information:
# Update to .NET Core SDK 3.1.418 and Runtime 3.1.24 .NET Core SDK 3.1.418 and
Runtime 3.1.24 were recently released by Microsoft:
https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.24/3.1.24.md
This is a bugfix release that updates the version in Fedora to the upstream
release.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 21 2022 Omair Majid <omajid(a)redhat.com> - 3.1.418-1
- Update to .NET SDK 3.1.418 and Runtime 3.1.24
--------------------------------------------------------------------------------
================================================================================
rust-nix0.22-0.22.3-1.fc34 (FEDORA-2022-aa7b8dff8b)
Rust friendly bindings to *nix APIs
--------------------------------------------------------------------------------
Update Information:
Update the package for nix crate versions 0.22.x to version 0.22.3.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Apr 24 2022 Fabio Valentini <decathorpe(a)gmail.com> 0.22.3-1
- Update to version 0.22.3
* Fri Jan 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org> 0.22.2-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------