The following Fedora 35 Security updates need testing:
Age URL
52
https://bodhi.fedoraproject.org/updates/FEDORA-2022-2e85e6cfc9
libdxfrw-1.0.1-3.fc35 librecad-2.2.0-0.13.rc3.fc35
44
https://bodhi.fedoraproject.org/updates/FEDORA-2022-dfc6924a11
mysql-connector-java-8.0.28-1.fc35
13
https://bodhi.fedoraproject.org/updates/FEDORA-2022-011c2a9ba8 xen-4.15.2-2.fc35
10
https://bodhi.fedoraproject.org/updates/FEDORA-2022-e2996202a0
libtiff-4.3.0-6.fc35
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-82a6236ac7 rsh-0.17-100.fc35
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-a9349c1299
unrealircd-6.0.2-1.fc35
5
https://bodhi.fedoraproject.org/updates/FEDORA-2022-445ec90e7c
cobbler-3.2.2-9.fc35
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-40544b5314
389-ds-base-2.0.15-1.fc35
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-eda0e65b01
skopeo-1.7.0-1.fc35
2
https://bodhi.fedoraproject.org/updates/FEDORA-2022-cce05f0e5e
phoronix-test-suite-10.8.2-1.fc35
2
https://bodhi.fedoraproject.org/updates/FEDORA-2022-d0fe2a444a
libkiwix-10.1.0-1.fc35
The following Fedora 35 Critical Path updates have yet to be approved:
Age URL
13
https://bodhi.fedoraproject.org/updates/FEDORA-2022-011c2a9ba8 xen-4.15.2-2.fc35
10
https://bodhi.fedoraproject.org/updates/FEDORA-2022-e2996202a0
libtiff-4.3.0-6.fc35
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-dce04a5adf
libretls-3.5.1-1.fc35
6
https://bodhi.fedoraproject.org/updates/FEDORA-2022-925ac7bfff
gnome-shell-41.5-1.fc35 mutter-41.5-1.fc35
5
https://bodhi.fedoraproject.org/updates/FEDORA-2022-c1b7acba94
web-assets-5-15.fc35
5
https://bodhi.fedoraproject.org/updates/FEDORA-2022-cbd7f6ead4
annobin-10.58-1.fc35
4
https://bodhi.fedoraproject.org/updates/FEDORA-2022-86964650b4
tzdata-2022a-1.fc35
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-f6fbdd0d82
python3-docs-3.10.4-1.fc35 python3.10-3.10.4-1.fc35
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-e4bdc8e27f
squashfs-tools-4.5.1-1.fc35
3
https://bodhi.fedoraproject.org/updates/FEDORA-2022-832155a719
xorg-x11-xinit-1.4.0-14.fc35
2
https://bodhi.fedoraproject.org/updates/FEDORA-2022-7ee3f6ed74 gdb-11.2-2.fc35
The following builds have been pushed to Fedora 35 updates-testing
bacula-11.0.6-2.fc35
baresip-2.0.1-1.fc35
container-selinux-2.181.0-1.fc35
cups-filters-1.28.13-1.fc35
evolution-data-server-3.42.4-2.fc35
gdal-3.3.3-1.fc35
ginac-1.8.3-1.fc35
gutenprint-5.3.4-8.fc35
hwinfo-21.80-1.fc35
igt-gpu-tools-1.26-1.20220328git37ec3b8.fc35
jacktrip-1.5.3-1.fc35
kernel-5.16.18-200.fc35
koji-osbuild-5-0.fc35
libre-2.2.0-1.fc35
librem-2.0.0-2.fc35
libx86emu-3.5-1.fc35
mingw-fribidi-1.0.10-5.fc35
mingw-gdal-3.3.3-3.fc35
mingw-openexr-3.1.4-1.fc35
mingw-openjpeg2-2.4.0-5.fc35
mingw-python-pillow-8.3.2-3.fc35
mingw-python3-3.10.4-1.fc35
moolticute-0.55.0-1.fc35
netatalk-3.1.13-1.fc35
openjpeg2-2.4.0-5.fc35
php-twig2-2.14.12-1.fc35
php-twig3-3.3.9-1.fc35
plasma-wallpapers-dynamic-4.0.0~git20220328.d37f412-1.fc35
python-ast-monitor-0.1.2-1.fc35
python-kiwisolver-1.4.1-1.fc35
python-myrepos-utils-0.0.1.1-1.fc35
python-pillow-8.3.2-3.fc35
remmina-1.4.25-2.fc35
rust-1.59.0-4.fc35
rust-zram-generator-1.1.2-1.fc35
salt-3004.1-1.fc35
sdl-telnet-1.0.0-5.20220328gite0e2a91.fc35
solaar-1.1.2-1.fc35
twinkle-1.10.3-1.git15ece11.fc35
wayland-1.20.0-4.fc35
Details about builds:
================================================================================
bacula-11.0.6-2.fc35 (FEDORA-2022-710742d988)
Cross platform network backup for Linux, Unix, Mac and Windows
--------------------------------------------------------------------------------
Update Information:
Bacula 11.0.6 bugfix release.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 26 2022 Simone Caronni <negativo17(a)gmail.com> - 11.0.6-2
- Update/reorganize patches.
* Fri Mar 25 2022 Simone Caronni <negativo17(a)gmail.com> - 11.0.6-1
- Update to 11.0.6.
* Wed Jan 19 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 11.0.5-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Tue Sep 14 2021 Sahana Prasad <sahana(a)redhat.com> - 11.0.5-3
- Rebuilt with OpenSSL 3.0.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1999436 - [F36FTBFS]: bacula fails to build from source in Fedora Rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1999436
[ 2 ] Bug #2018891 - bacula: FTBFS with OpenSSL 3.0.0
https://bugzilla.redhat.com/show_bug.cgi?id=2018891
[ 3 ] Bug #2045215 - bacula: FTBFS in Fedora rawhide/f36
https://bugzilla.redhat.com/show_bug.cgi?id=2045215
--------------------------------------------------------------------------------
================================================================================
baresip-2.0.1-1.fc35 (FEDORA-2022-f5e7b32c4f)
Modular SIP user-agent with audio and video support
--------------------------------------------------------------------------------
Update Information:
# Baresip 2.0.1 (2022-03-27) - audio: fix `rx_thread` (adaptive jitter
buffer) - test: init fixture - test: refactoring of
`test_account_uri_complete` - mk: check also if `extensions/XShm.h` is present
- menu: support custom SIP headers - menu: use new `sdp_dir_decode` - menu:
avoid multiple hash entries with same key - menu: support audio file config
value "none" - intercom: add video preview call # libre v2.2.0 (2022-03-28)
- tls: fix coverity defect - http/client: `read_file` check `ftell` return
value - udp: fix coverity defect - cmake: add detection of `HAVE_ARC4RANDOM`
- Fix coverity issues - Support adding CRLs - json/decode: fix possible out
of bound access, if code changes - tls/tls_add_crlpem: use `const` - udp:
fix coverity defect - dns: fix Coverity Defect - tls: use `const` pointer
for `tls_add_capem()` - srtp/srtcp: add sanity check for `rtcp->tag_len` -
shim: new module from rew - Trice module - retest trice - Add `try_into`
conversion helper and drop gcc 4.8 support - rtp: fix signed/unsigned warning
on WIN32 - fix build error on openbsd arm64 (raspberry pi) - cmake: disable
C extensions (like `make`) - fmt: add bool decode from `struct pl` - sdp: a
utility function for decoding SDP direction - sa/sa_ntop: check `inet_ntop()`
return value - sa_pton: use `sa_addrinfo` for interface suffix
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 28 2022 Robert Scheck <robert(a)fedoraproject.org> 2.0.1-1
- Upgrade to 2.0.1 (#2068919)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2068919 - baresip-2.0.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2068919
[ 2 ] Bug #2069304 - libre-2.2.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2069304
[ 3 ] Bug #2069437 - F35FailsToInstall: Multiple packages built from baresip
https://bugzilla.redhat.com/show_bug.cgi?id=2069437
--------------------------------------------------------------------------------
================================================================================
container-selinux-2.181.0-1.fc35 (FEDORA-2022-32eea4f938)
SELinux policies for container runtimes
--------------------------------------------------------------------------------
Update Information:
auto bump to v2.181.0
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 25 2022 RH Container Bot <rhcontainerbot(a)fedoraproject.org> 2:2.181.0-1
- auto bump to v2.181.0
--------------------------------------------------------------------------------
================================================================================
cups-filters-1.28.13-1.fc35 (FEDORA-2022-fdbc7b9be7)
OpenPrinting CUPS filters and backends
--------------------------------------------------------------------------------
Update Information:
1.28.13
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 28 2022 Zdenek Dohnal <zdohnal(a)redhat.com> - 1.28.13-1
- 1.28.13
--------------------------------------------------------------------------------
================================================================================
evolution-data-server-3.42.4-2.fc35 (FEDORA-2022-a03f1ef4d7)
Backend data server for Evolution
--------------------------------------------------------------------------------
Update Information:
Add an upstream patch to fix a href extraction from a Location header in the
EWebDAVSession object.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 28 2022 Milan Crha <mcrha(a)redhat.com> - 3.42.4-2
- Resolves: #2068395 (EWebDAVSession: Correct extract of href from Location header)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2068395 - Backport "EWebDAVSession: Correct extract of href from
Location header"
https://bugzilla.redhat.com/show_bug.cgi?id=2068395
--------------------------------------------------------------------------------
================================================================================
gdal-3.3.3-1.fc35 (FEDORA-2022-e85e37206b)
GIS file format library
--------------------------------------------------------------------------------
Update Information:
Update to gdal-3.3.3 and python-3.10.4.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 4 2022 Sandro Mani <manisandro(a)gmail.com> - 3.3.3-1
- Update to 3.3.3
* Fri Feb 4 2022 Sandro Mani <manisandro(a)gmail.com> - 3.3.2-2
- Backport patch for CVE-2021-45943
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2049069 - CVE-2021-45943 gdal: heap-based buffer overflow in
PCIDSK::CPCIDSKFile::ReadFromFile [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2049069
[ 2 ] Bug #2049070 - CVE-2021-45943 mingw-gdal: gdal: heap-based buffer overflow in
PCIDSK::CPCIDSKFile::ReadFromFile [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2049070
--------------------------------------------------------------------------------
================================================================================
ginac-1.8.3-1.fc35 (FEDORA-2022-789cd6b73b)
C++ library for symbolic calculations
--------------------------------------------------------------------------------
Update Information:
Latest upstream minor release.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 28 2022 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> 1.8.3-1
- Version 1.8.3 (rhbz#2036442)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2036442 - ginac-1.8.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2036442
--------------------------------------------------------------------------------
================================================================================
gutenprint-5.3.4-8.fc35 (FEDORA-2022-b1570f0952)
Printer Drivers Package
--------------------------------------------------------------------------------
Update Information:
2055504 - Set gutenprint53+usb backend to use the default USB context
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 28 2022 Zdenek Dohnal <zdohnal(a)redhat.com> - 5.3.4-8
- 2055504 - Set gutenprint53+usb backend to use the default USB context
* Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 5.3.4-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2055504 - Set gutenprint53+usb backend to use the default USB context
https://bugzilla.redhat.com/show_bug.cgi?id=2055504
--------------------------------------------------------------------------------
================================================================================
hwinfo-21.80-1.fc35 (FEDORA-2022-310ea098ab)
Hardware information tool
--------------------------------------------------------------------------------
Update Information:
Update to 21.80
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 28 2022 Andrey Ponomarenko <andrewponomarenko(a)yandex.ru> - 21.80-1
- Update to 21.80
--------------------------------------------------------------------------------
================================================================================
igt-gpu-tools-1.26-1.20220328git37ec3b8.fc35 (FEDORA-2022-89fdeaccd6)
Test suite and tools for DRM drivers
--------------------------------------------------------------------------------
Update Information:
New git snapshot
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 28 2022 Lyude Paul <lyude(a)redhat.com> - 1.26-1.20220328git37ec3b8
- New git snapshot
--------------------------------------------------------------------------------
================================================================================
jacktrip-1.5.3-1.fc35 (FEDORA-2022-74cfb5b3d9)
A system for high-quality audio network performance over the Internet
--------------------------------------------------------------------------------
Update Information:
Update to 1.5.3 (#2069182)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 28 2022 I��aki ��car <iucar(a)fedoraproject.org> - 1.5.3-1
- Update to 1.5.3 (#2069182)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2069182 - jacktrip-1.5.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2069182
--------------------------------------------------------------------------------
================================================================================
kernel-5.16.18-200.fc35 (FEDORA-2022-eb323bcd80)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
The 5.16.18 stable kernel update contains a number of important fixes across the
tree.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 28 2022 Justin M. Forbes <jforbes(a)fedoraproject.org> [5.16.18-0]
- Revert "swiotlb: rework "fix info leak with DMA_FROM_DEVICE"" (Linus
Torvalds)
- Fix RHDISTGIT for Fedora (Justin M. Forbes)
- Fix up changelog (Justin M. Forbes)
* Wed Mar 23 2022 Justin M. Forbes <jforbes(a)fedoraproject.org> [5.16.17-0]
- Linux v5.16.17
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2066706 - CVE-2022-1048 kernel: race condition in snd_pcm_hw_free leading to
use-after-free
https://bugzilla.redhat.com/show_bug.cgi?id=2066706
--------------------------------------------------------------------------------
================================================================================
koji-osbuild-5-0.fc35 (FEDORA-2022-4fd0112d73)
Koji integration for osbuild composer
--------------------------------------------------------------------------------
Update Information:
Update koji-osbuild to the latest version
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 28 2022 Packit Service <user-cont-team+packit-service(a)redhat.com> - 5-0
CHANGES WITH 5:
----------------
* builder: rename gpg_key field to gpgkey for repos (#91)
* builder: fix type annotations (#92)
* Add GitHub Action to create upstream tag (#90)
* docs: fix error in hacking.md (#85)
* build(deps): bump actions/checkout from 2 to 3 (#86)
* spec: don't push tests into Fedora (#89)
* test/builder: drop misleading quotes from config (#88)
* builder: use correct secret when fetching token (#87)
* packit: Push directly to dist-git (#84)
Contributions from: Christian Kellner, Ond��ej Budai, Simon Steinbeiss, Stephen Coady,
dependabot[bot]
��� Somewhere on the Internet, 2022-03-28
--------------------------------------------------------------------------------
================================================================================
libre-2.2.0-1.fc35 (FEDORA-2022-f5e7b32c4f)
Library for real-time communications and SIP stack
--------------------------------------------------------------------------------
Update Information:
# Baresip 2.0.1 (2022-03-27) - audio: fix `rx_thread` (adaptive jitter
buffer) - test: init fixture - test: refactoring of
`test_account_uri_complete` - mk: check also if `extensions/XShm.h` is present
- menu: support custom SIP headers - menu: use new `sdp_dir_decode` - menu:
avoid multiple hash entries with same key - menu: support audio file config
value "none" - intercom: add video preview call # libre v2.2.0 (2022-03-28)
- tls: fix coverity defect - http/client: `read_file` check `ftell` return
value - udp: fix coverity defect - cmake: add detection of `HAVE_ARC4RANDOM`
- Fix coverity issues - Support adding CRLs - json/decode: fix possible out
of bound access, if code changes - tls/tls_add_crlpem: use `const` - udp:
fix coverity defect - dns: fix Coverity Defect - tls: use `const` pointer
for `tls_add_capem()` - srtp/srtcp: add sanity check for `rtcp->tag_len` -
shim: new module from rew - Trice module - retest trice - Add `try_into`
conversion helper and drop gcc 4.8 support - rtp: fix signed/unsigned warning
on WIN32 - fix build error on openbsd arm64 (raspberry pi) - cmake: disable
C extensions (like `make`) - fmt: add bool decode from `struct pl` - sdp: a
utility function for decoding SDP direction - sa/sa_ntop: check `inet_ntop()`
return value - sa_pton: use `sa_addrinfo` for interface suffix
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 28 2022 Robert Scheck <robert(a)fedoraproject.org> 2.2.0-1
- Upgrade to 2.2.0 (#2069304)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2068919 - baresip-2.0.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2068919
[ 2 ] Bug #2069304 - libre-2.2.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2069304
[ 3 ] Bug #2069437 - F35FailsToInstall: Multiple packages built from baresip
https://bugzilla.redhat.com/show_bug.cgi?id=2069437
--------------------------------------------------------------------------------
================================================================================
librem-2.0.0-2.fc35 (FEDORA-2022-f5e7b32c4f)
Library for real-time audio and video processing
--------------------------------------------------------------------------------
Update Information:
# Baresip 2.0.1 (2022-03-27) - audio: fix `rx_thread` (adaptive jitter
buffer) - test: init fixture - test: refactoring of
`test_account_uri_complete` - mk: check also if `extensions/XShm.h` is present
- menu: support custom SIP headers - menu: use new `sdp_dir_decode` - menu:
avoid multiple hash entries with same key - menu: support audio file config
value "none" - intercom: add video preview call # libre v2.2.0 (2022-03-28)
- tls: fix coverity defect - http/client: `read_file` check `ftell` return
value - udp: fix coverity defect - cmake: add detection of `HAVE_ARC4RANDOM`
- Fix coverity issues - Support adding CRLs - json/decode: fix possible out
of bound access, if code changes - tls/tls_add_crlpem: use `const` - udp:
fix coverity defect - dns: fix Coverity Defect - tls: use `const` pointer
for `tls_add_capem()` - srtp/srtcp: add sanity check for `rtcp->tag_len` -
shim: new module from rew - Trice module - retest trice - Add `try_into`
conversion helper and drop gcc 4.8 support - rtp: fix signed/unsigned warning
on WIN32 - fix build error on openbsd arm64 (raspberry pi) - cmake: disable
C extensions (like `make`) - fmt: add bool decode from `struct pl` - sdp: a
utility function for decoding SDP direction - sa/sa_ntop: check `inet_ntop()`
return value - sa_pton: use `sa_addrinfo` for interface suffix
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 28 2022 Robert Scheck <robert(a)fedoraproject.org> 2.0.0-2
- Rebuilt for libre 2.2.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2068919 - baresip-2.0.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2068919
[ 2 ] Bug #2069304 - libre-2.2.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2069304
[ 3 ] Bug #2069437 - F35FailsToInstall: Multiple packages built from baresip
https://bugzilla.redhat.com/show_bug.cgi?id=2069437
--------------------------------------------------------------------------------
================================================================================
libx86emu-3.5-1.fc35 (FEDORA-2022-958a6ebeba)
x86 emulation library
--------------------------------------------------------------------------------
Update Information:
Update to 3.5
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 28 2022 Andrey Ponomarenko <andrewponomarenko(a)yandex.ru> - 3.5-1
- Update to 3.5
--------------------------------------------------------------------------------
================================================================================
mingw-fribidi-1.0.10-5.fc35 (FEDORA-2022-8c2af4ba24)
MinGW Windows fribidi library
--------------------------------------------------------------------------------
Update Information:
Backport patches for CVE-2022-{25308,25309,25310}.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 28 2022 Sandro Mani <manisandro(a)gmail.com> - 1.0.10-5
- Backport patches for CVE-2022-25310, CVE-2022-25309, CVE-2022-25308
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2067040 - CVE-2022-25308 mingw-fribidi: fribidi: Stack based buffer overflow
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2067040
[ 2 ] Bug #2067042 - CVE-2022-25309 mingw-fribidi: fribidi: Heap-buffer-overflow in
fribidi_cap_rtl_to_unicode [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2067042
[ 3 ] Bug #2067046 - CVE-2022-25310 mingw-fribidi: fribidi: SEGV in
fribidi_remove_bidi_marks [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2067046
--------------------------------------------------------------------------------
================================================================================
mingw-gdal-3.3.3-3.fc35 (FEDORA-2022-e85e37206b)
MinGW Windows GDAL library
--------------------------------------------------------------------------------
Update Information:
Update to gdal-3.3.3 and python-3.10.4.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 4 2022 Sandro Mani <manisandro(a)gmail.com> - 3.3.3-4
- Backport patch for CVE-2021-45943
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2049069 - CVE-2021-45943 gdal: heap-based buffer overflow in
PCIDSK::CPCIDSKFile::ReadFromFile [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2049069
[ 2 ] Bug #2049070 - CVE-2021-45943 mingw-gdal: gdal: heap-based buffer overflow in
PCIDSK::CPCIDSKFile::ReadFromFile [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2049070
--------------------------------------------------------------------------------
================================================================================
mingw-openexr-3.1.4-1.fc35 (FEDORA-2022-f2e0d16c90)
MinGW Windows openexr library
--------------------------------------------------------------------------------
Update Information:
Fix CVE-2021-45942.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 14 2022 Sandro Mani <manisandro(a)gmail.com> - 3.1.4-1
- Update to 3.1.4
* Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.1.3-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2051598 - CVE-2021-45942 mingw-openexr: OpenEXR: heap-based buffer overflow
in Imf_3_1:LineCompositeTask:execute [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2051598
--------------------------------------------------------------------------------
================================================================================
mingw-openjpeg2-2.4.0-5.fc35 (FEDORA-2022-9515529c96)
MinGW Windows openjpeg2 library
--------------------------------------------------------------------------------
Update Information:
Fix CVE-2022-1122.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 28 2022 Sandro Mani <manisandro(a)gmail.com> - 2.4.0-5
- Backport fix for CVE-2022-1122
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2069370 - CVE-2022-1122 mingw-openjpeg2: openjpeg: segmentation fault in
opj2_decompress due to uninitialized pointer [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2069370
[ 2 ] Bug #2069371 - CVE-2022-1122 openjpeg2: openjpeg: segmentation fault in
opj2_decompress due to uninitialized pointer [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2069371
--------------------------------------------------------------------------------
================================================================================
mingw-python-pillow-8.3.2-3.fc35 (FEDORA-2022-64332f2a7c)
MinGW Windows Python pillow library
--------------------------------------------------------------------------------
Update Information:
Backport fix for CVE-2022-24303.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 28 2022 Sandro Mani <manisandro(a)gmail.com> - 8.3.2-3
- Backport fix for CVE-2022-24303
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2052683 - CVE-2022-24303 mingw-python-pillow: python-pillow: temporary
directory with a space character allows removal of unrelated file after im.show() and
related actions [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2052683
--------------------------------------------------------------------------------
================================================================================
mingw-python3-3.10.4-1.fc35 (FEDORA-2022-e85e37206b)
MinGW Windows python3
--------------------------------------------------------------------------------
Update Information:
Update to gdal-3.3.3 and python-3.10.4.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 28 2022 Sandro Mani <manisandro(a)gmail.com> - 3.10.4-1
- Update to 3.10.4
* Fri Mar 25 2022 Sandro Mani <manisandro(a)gmail.com> - 3.10.3-2
- Rebuild with mingw-gcc-12
* Sun Mar 20 2022 Sandro Mani <manisandro(a)gmail.com> - 3.10.3-1
- Update to 3.10.3
* Mon Feb 28 2022 Sandro Mani <manisandro(a)gmail.com> - 3.10.2-14
- Re-add wrapper scripts under mingw host bin dir
* Sun Feb 27 2022 Sandro Mani <manisandro(a)gmail.com> - 3.10.2-13
- Require python%{py_ver} rather than python(abi) = %{py_ver}
* Wed Feb 23 2022 Sandro Mani <manisandro(a)gmail.com> - 3.10.2-12
- Rework macros
* Thu Feb 17 2022 Sandro Mani <manisandro(a)gmail.com> - 3.10.2-11
- Rebuild (openssl)
* Fri Feb 11 2022 Sandro Mani <manisandro(a)gmail.com> - 3.10.2-10
- Override runtime_library_dir_option in distutils Mingw32Compiler to prevent
unsupported -Wl,--enable-new-dtags getting added to ldflags
* Thu Feb 10 2022 Sandro Mani <manisandro(a)gmail.com> - 3.10.2-9
- Rebuild for new python dependency generator (take two)
* Thu Feb 10 2022 Sandro Mani <manisandro(a)gmail.com> - 3.10.2-8
- Bump release
* Thu Feb 10 2022 Sandro Mani <manisandro(a)gmail.com> - 3.10.2-7
- Add missing dependency generator namespace for provides
* Thu Feb 10 2022 Sandro Mani <manisandro(a)gmail.com> - 3.10.2-6
- Rebuild for new python dependency generator
* Thu Feb 10 2022 Sandro Mani <manisandro(a)gmail.com> - 3.10.2-5
- Install dependency generators
* Sat Jan 22 2022 Sandro Mani <manisandro(a)gmail.com> - 3.10.2-4
- Also set CFLAGS/CXX/CXXFLAGS/LDFLAGS in mingw-python wrappers
* Fri Jan 21 2022 Tom Stellard <tstellar(a)redhat.com> - 3.10.2-3
- Build fix for
https://fedoraproject.org/wiki/Changes/SetBuildFlagsBuildCheck
* Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.10.2-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Tue Jan 18 2022 Sandro Mani <manisandro(a)gmail.com> - 3.10.2-1
- Update to 3.10.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2049069 - CVE-2021-45943 gdal: heap-based buffer overflow in
PCIDSK::CPCIDSKFile::ReadFromFile [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2049069
[ 2 ] Bug #2049070 - CVE-2021-45943 mingw-gdal: gdal: heap-based buffer overflow in
PCIDSK::CPCIDSKFile::ReadFromFile [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2049070
--------------------------------------------------------------------------------
================================================================================
moolticute-0.55.0-1.fc35 (FEDORA-2022-0ae7ce75f7)
Companion GUI application for Mooltipass password manager devices
--------------------------------------------------------------------------------
Update Information:
**Changelog** All: * fix gnome on wayland crash * smaller window
for small resolution screens * bug fix: mc-agent executable correct path
* bug fix: Fix crash during service name change * better focus assist
detection * simpler key combination for secret tabs on mac (ctrl+f1/f2/f3)
* bug fix: Fix delete and rename account to the same name in MMM * Enable to
rename login to empty string in MMM * Prevent changing login name to an
existing one in MMM * Disable export db prompt when there is no monitored
file * Do not save not confirmed changes when exiting MMM * bug fix:
integrity check with orphan children nodes * duplicate service check in MMM
BLE: * automatic bundle file parsing & password recognition * correct
error message when not approving prompts after MMM * prompts for bundle
version for v7
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 27 2022 Arthur Bols <arthur(a)bols.dev> - 0.55.0-1
- Upstream release 0.55.0
* Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.53.2-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
netatalk-3.1.13-1.fc35 (FEDORA-2022-6ce2e9d7e9)
Open Source Apple Filing Protocol(AFP) File Server
--------------------------------------------------------------------------------
Update Information:
3.1.13 release
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 22 2022 Andrew Bauer <zonexpertconsulting(a)outlook.com> - 5:3.1.13-1
- 3.1.13 release
* Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
5:3.1.12-28
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Tue Sep 14 2021 Sahana Prasad <sahana(a)redhat.com> - 5:3.1.12-27
- Rebuilt with OpenSSL 3.0.0
--------------------------------------------------------------------------------
================================================================================
openjpeg2-2.4.0-5.fc35 (FEDORA-2022-9515529c96)
C-Library for JPEG 2000
--------------------------------------------------------------------------------
Update Information:
Fix CVE-2022-1122.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 28 2022 Sandro Mani <manisandro(a)gmail.com> - 2.4.0-10
- Backport fix for CVE-2022-1122
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2069370 - CVE-2022-1122 mingw-openjpeg2: openjpeg: segmentation fault in
opj2_decompress due to uninitialized pointer [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2069370
[ 2 ] Bug #2069371 - CVE-2022-1122 openjpeg2: openjpeg: segmentation fault in
opj2_decompress due to uninitialized pointer [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2069371
--------------------------------------------------------------------------------
================================================================================
php-twig2-2.14.12-1.fc35 (FEDORA-2022-c4b7e8d632)
The flexible, fast, and secure template engine for PHP
--------------------------------------------------------------------------------
Update Information:
**Version 2.14.12** (2022-03-25) * Fix custom escapers when using multiple
Twig environments * Do not reuse internally generated variable names during
parsing
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 28 2022 Remi Collet <remi(a)remirepo.net> - 2.14.12-1
- update to 2.14.12
--------------------------------------------------------------------------------
================================================================================
php-twig3-3.3.9-1.fc35 (FEDORA-2022-08e5338549)
The flexible, fast, and secure template engine for PHP
--------------------------------------------------------------------------------
Update Information:
**Version 3.3.9** (2022-03-25) * Fix custom escapers when using multiple Twig
environments * Add support for "constant('class', object)" * Do not
reuse
internally generated variable names during parsing
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 28 2022 Remi Collet <remi(a)remirepo.net> - 3.3.9-1
- update to 3.3.9
--------------------------------------------------------------------------------
================================================================================
plasma-wallpapers-dynamic-4.0.0~git20220328.d37f412-1.fc35 (FEDORA-2022-9d156dfa0b)
Dynamic wallpaper plugin for KDE Plasma
--------------------------------------------------------------------------------
Update Information:
Bump snapshot, fixes a crash when creating a preview ---- Initial package for
Fedora
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 28 2022 I��aki ��car <iucar(a)fedoraproject.org> -
4.0.0~git20220328.d37f412-1
- Bump snapshot, fixes a crash when creating a preview
* Sun Mar 27 2022 Neal Gompa <ngompa(a)fedoraproject.org> -
4.0.0~git20220327.ca7b129-1
- Bump to snapshot version using AVIF instead HEIF
- Modernize spec
- Add checks for appstream metainfo and desktop files
* Wed Feb 9 2022 RPM Fusion Release Engineering <sergiomb(a)rpmfusion.org> - 3.3.9-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Tue Aug 3 2021 RPM Fusion Release Engineering <leigh123linux(a)gmail.com> -
3.3.9-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Sat Jun 5 2021 I��aki ��car <iucar(a)fedoraproject.org> - 3.3.9-1
- Update to v3.3.9
* Sat Nov 14 2020 I��aki ��car <iucar(a)fedoraproject.org> - 3.3.5-1
- Initial packaging for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2068907 - Review Request: plasma-wallpapers-dynamic - Dynamic wallpaper
plugin for KDE Plasma
https://bugzilla.redhat.com/show_bug.cgi?id=2068907
--------------------------------------------------------------------------------
================================================================================
python-ast-monitor-0.1.2-1.fc35 (FEDORA-2022-44cee83c3f)
AST-Monitor is a wearable Raspberry Pi computer for cyclists
--------------------------------------------------------------------------------
Update Information:
New package
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 1 2022 Iztok Fister Jr. <iztokf AT fedoraproject DOT org> - 0.1.2-1
- Initial package
--------------------------------------------------------------------------------
================================================================================
python-kiwisolver-1.4.1-1.fc35 (FEDORA-2022-07ae69445e)
A fast implementation of the Cassowary constraint solver
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 28 2022 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> 1.4.1-1
- Update to latest version (#2068926)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2068926 - python-kiwisolver-1.4.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2068926
--------------------------------------------------------------------------------
================================================================================
python-myrepos-utils-0.0.1.1-1.fc35 (FEDORA-2022-2459a2dbb6)
Additional utilities for myrepos
--------------------------------------------------------------------------------
Update Information:
Initial Fedora release of myrepos-utils
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 28 2022 Michel Alexandre Salim <salimma(a)fedoraproject.org> 0.0.1.1-1
- Initial Fedora package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2068623 - Review Request: python-myrepos-utils - Additional utilities for
myrepos
https://bugzilla.redhat.com/show_bug.cgi?id=2068623
--------------------------------------------------------------------------------
================================================================================
python-pillow-8.3.2-3.fc35 (FEDORA-2022-64332f2a7c)
Python image processing library
--------------------------------------------------------------------------------
Update Information:
Backport fix for CVE-2022-24303.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 28 2022 Sandro Mani <manisandro(a)gmail.com> - 8.3.2-3
- Backport patch for CVE-2022-24303
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2052683 - CVE-2022-24303 mingw-python-pillow: python-pillow: temporary
directory with a space character allows removal of unrelated file after im.show() and
related actions [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2052683
--------------------------------------------------------------------------------
================================================================================
remmina-1.4.25-2.fc35 (FEDORA-2022-91a639cd39)
Remote Desktop Client
--------------------------------------------------------------------------------
Update Information:
Bugfix release. - Add patch: 0001_vnc_close_all_close_git_55e2324a.patch - Add
patch: 0002_rdp_possible_segv_git_3620efda.patch
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 28 2022 Phil Wyett <philip.wyett(a)kathenas.org> - 1.4.25-2
- Add patch: 0001_vnc_close_all_close_git_55e2324a.patch
- Add patch: 0002_rdp_possible_segv_git_3620efda.patch
--------------------------------------------------------------------------------
================================================================================
rust-1.59.0-4.fc35 (FEDORA-2022-3d2814b672)
The Rust Programming Language
--------------------------------------------------------------------------------
Update Information:
Fix wasm32-wasi's static archives.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 25 2022 Josh Stone <jistone(a)redhat.com> - 1.59.0-4
- Fix the archive index for wasm32-wasi's libc.a
* Fri Mar 4 2022 Stephen Gallagher <sgallagh(a)redhat.com> - 1.59.0-3
- Rebuild against the bootstrapped build
* Fri Mar 4 2022 Stephen Gallagher <sgallagh(a)redhat.com> - 1.59.0-2.1
- Bootstrapping for Fedora ELN
--------------------------------------------------------------------------------
================================================================================
rust-zram-generator-1.1.2-1.fc35 (FEDORA-2022-95003a8fd5)
Systemd unit generator for zram swap devices
--------------------------------------------------------------------------------
Update Information:
Minor bugfix update for the linked bug.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 28 2022 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> 1.1.2-1
- Version 1.1.2
* Mon Mar 28 2022 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> 1.1.1-4
- Use correct path in Recommends (rhbz#2068983)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2037392 - zram generaor with writeback device - permission denied
https://bugzilla.redhat.com/show_bug.cgi?id=2037392
[ 2 ] Bug #2069090 - rust-zram-generator-1.1.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2069090
--------------------------------------------------------------------------------
================================================================================
salt-3004.1-1.fc35 (FEDORA-2022-cdb12b5027)
A parallel remote execution system
--------------------------------------------------------------------------------
Update Information:
Update to CVE release 3004.1-1 for Python 3
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 28 2022 Salt Project Packaging <saltproject-packaging(a)vmware.com> -
3004.1-1
- Update to CVE release 3004.1-1 for Python 3
* Tue Oct 19 2021 Salt Project Packaging <saltproject-packaging(a)vmware.com> -
3004-1
- Update to feature release 3004-1 for Python 3
--------------------------------------------------------------------------------
================================================================================
sdl-telnet-1.0.0-5.20220328gite0e2a91.fc35 (FEDORA-2022-e27536ed81)
Simple RFC-compliant TELNET implementation for SDL-Hercules-390
--------------------------------------------------------------------------------
Update Information:
Update summary and description to make it clear this is a fork
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 28 2022 Davide Cavalca <dcavalca(a)fedoraproject.org> -
1.0.0-5.20220328gite0e2a91
- Update summary and description to make it clear this is a fork
- Update to e0e2a91 git snapshot
- Drop f32 logic and tidy up the specfile
* Sat Jan 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
1.0.0-4.20210321git2aca101
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
solaar-1.1.2-1.fc35 (FEDORA-2022-4f397f8544)
Device manager for a wide range of Logitech devices
--------------------------------------------------------------------------------
Update Information:
# 1.1.2 * Update documentation on supported devices and translations * Include
evdev as a dependency * Try to use uinput for fake input if XTest extension not
available * Add Nano receiver C542 for M190 mice * Broaden range of HID++
Bluetooth devices * Add setting to divert gestures * Rule editor can edit all
rule components * Configuation via solaar config takes effect in Solaar UI if it
is running * Add setting to disable Onboard Profiles and decouple from Polling
Rate setting * Add setting for PERSISTENT_REMAPPABLE_ACTION, common keyboard and
mouse cases only * Split Test rule condition into Test and TestBytes and support
in rule editor * Fix bug in speed-change setting * Support Backlight3 feature *
Ensure that settings are pushed in resume * Update German, Polish, and zh_CN
translations * Determine device number for direct-connected devices from
protocol * fix bug in add and delete button actions in rule editor * dispose of
no-op notifications quickly * add rule condition for checking device settings *
use local file for conversion from key names to keysyms * get keyboard group and
use to get correct keycodes (X11 only) * improve how rules work under Wayland *
add settings for M-Key LEDs and MR-Key LED * fix bug in unpacking M and MR key
notification * add G815 keyboard and MX518 mouse * add new special keys for
recent keyboards * track M and MR keys for use in rules * make sure that device
is online when searching for devices in solaar show * don't check for device
kind in dpi sliding setting * fix problem with devices that report 0 DPI *
handle missing divert-setting in action RW for settings * add id property
(unitId or serial) and don't use ? for unknown serial * fix contains for
NamedInts and eliminate use of has_element * check for xtest and disable
modifier checking if not available * improve determination of gesture
information * add Set rules to rule GUI * add gesture params to Set rules * hide
system tray when there are no devices to control * add G733 headset, G9 mouse,
G502 Hero mouse * Use greyscale solaar icon in tray when using symbolic icons *
Fix bugs in solaar config * Use classes for settings to hep with modularity *
Accept '~' and Toggle for toggling boolean settings in cli and rules * handle
errors when writing to devices * refactor config_panel.py to use classes for
widgets * add rules action to set Solaar settings * decrease amount of logging
at each debug level * don't stretch toggles in settings * use key structure for
key remapping setting * optimize ReprogrammableKey implementation * keep track
of settings that are absent from device * add G512 keyboard and G402 mouse *
reformat descriptors.py * use feature numbers for reprogrammable key versions *
don't use new_from_icon_set in menu as it is deprecated
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 27 2022 Dominik Mierzejewski <rpm(a)greysector.net> - 1.1.2-1
- update to 1.1.2 (#2068769)
- patch to lower evdev version requirement
- add explicit build dependency on setuptools
- sort build dependencies
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2068769 - solaar-1.1.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2068769
--------------------------------------------------------------------------------
================================================================================
twinkle-1.10.3-1.git15ece11.fc35 (FEDORA-2022-37c6c361b2)
SIP-based VoIP client
--------------------------------------------------------------------------------
Update Information:
Update to latest snapshot.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 15 2022 Sandro Mani <manisandro(a)gmail.com> - 1.10.3-1.git15ece11
- Update to git 15ece11
* Sat Jan 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> -
1.10.2-12.git2301b66
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
wayland-1.20.0-4.fc35 (FEDORA-2022-ca717e6f35)
Wayland Compositor Infrastructure
--------------------------------------------------------------------------------
Update Information:
Close file descriptors not needed
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 21 2022 Olivier Fourdan <ofourdan(a)redhat.com> - 1.20.0-4
- Close file descriptors not needed
rhbz#2062030
* Sat Jan 22 2022 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.20.0-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Sat Jan 8 2022 Miro Hron��ok <mhroncok(a)redhat.com> - 1.20.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Changes/LIBFFI34
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2062030 - Xwayland fails with "wl_display@1: error 1: invalid arguments
for wl_shm(a)6.create_pool"
https://bugzilla.redhat.com/show_bug.cgi?id=2062030
--------------------------------------------------------------------------------