The following Fedora 32 Security updates need testing:
Age URL
103
https://bodhi.fedoraproject.org/updates/FEDORA-2021-4c8458e373
containernetworking-plugins-0.9.1-1.fc32
99
https://bodhi.fedoraproject.org/updates/FEDORA-2021-16d1596c42
buildah-1.19.4-1.fc32
15
https://bodhi.fedoraproject.org/updates/FEDORA-2021-158a237d4a bind-9.11.31-1.fc32
bind-dyndb-ldap-11.3-6.fc32 dnsperf-2.3.4-6.fc32
7
https://bodhi.fedoraproject.org/updates/FEDORA-2021-0fa36519bb
kernel-5.11.20-100.fc32 kernel-headers-5.11.20-100.fc32 kernel-tools-5.11.20-100.fc32
5
https://bodhi.fedoraproject.org/updates/FEDORA-2021-498be8f560
prosody-0.11.9-1.fc32
5
https://bodhi.fedoraproject.org/updates/FEDORA-2021-6e540b85b9
ceph-14.2.21-1.fc32
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-7aa58932f5
composer-1.10.22-1.fc32
2
https://bodhi.fedoraproject.org/updates/FEDORA-2021-5b1dd085c7
wordpress-5.7.2-1.fc32
0
https://bodhi.fedoraproject.org/updates/FEDORA-2021-09b10922eb upx-3.96-9.fc32
0
https://bodhi.fedoraproject.org/updates/FEDORA-2021-f6cbdada86
slapi-nis-0.56.7-1.fc32
The following Fedora 32 Critical Path updates have yet to be approved:
Age URL
12
https://bodhi.fedoraproject.org/updates/FEDORA-2021-276b0013e8
gnome-terminal-3.36.3-1.fc32
12
https://bodhi.fedoraproject.org/updates/FEDORA-2021-151dc7fd1b
vte291-0.60.4-1.fc32
12
https://bodhi.fedoraproject.org/updates/FEDORA-2021-a2ee549bcb
xorg-x11-drv-nouveau-1.0.17-1.fc32
9
https://bodhi.fedoraproject.org/updates/FEDORA-2021-f438908573
btrfs-progs-5.11.1-1.fc32
7
https://bodhi.fedoraproject.org/updates/FEDORA-2021-14d0195ff8
linux-firmware-20210511-120.fc32
7
https://bodhi.fedoraproject.org/updates/FEDORA-2021-0fa36519bb
kernel-5.11.20-100.fc32 kernel-headers-5.11.20-100.fc32 kernel-tools-5.11.20-100.fc32
5
https://bodhi.fedoraproject.org/updates/FEDORA-2021-4d58314a3e
libidn2-2.3.1-1.fc32
3
https://bodhi.fedoraproject.org/updates/FEDORA-2021-816eecc358 zstd-1.5.0-1.fc32
0
https://bodhi.fedoraproject.org/updates/FEDORA-2021-53ea50793d
libtirpc-1.2.6-4.rc4.fc32
0
https://bodhi.fedoraproject.org/updates/FEDORA-2021-4fa5160678
rpcbind-1.2.6-0.fc32
The following builds have been pushed to Fedora 32 updates-testing
ghostscript-9.54.0-1.fc32
kernel-5.11.22-100.fc32
php-symfony3-3.4.49-1.fc32
realtime-setup-2.2-1.fc32
Details about builds:
================================================================================
ghostscript-9.54.0-1.fc32 (FEDORA-2021-b627b74d6f)
Interpreter for PostScript language & PDF
--------------------------------------------------------------------------------
Update Information:
Update to version 9.54.0 (#1944755)
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 14 2021 Richard Lescak rlescak(a)redhat.com - 9.54.0-1
- Update to version 9.54.0 (#1944755)
* Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 9.53.3-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
kernel-5.11.22-100.fc32 (FEDORA-2021-0722515c0a)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
The 5.11.22 stable kernel update contains a number of important fixes across the
tree.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 19 2021 Justin M. Forbes <jforbes(a)fedoraproject.org> [5.11.22-0]
- Fedora 33 and 34 are being rebased to 5.12 (Justin M. Forbes)
--------------------------------------------------------------------------------
================================================================================
php-symfony3-3.4.49-1.fc32 (FEDORA-2021-40e9f8bca8)
Symfony PHP framework (version 3)
--------------------------------------------------------------------------------
Update Information:
**Version 3.4.49** (2021-05-19) * security **CVE-2021-21424** [Security\Core]
Fix user enumeration via response body on invalid credentials (chalasr) ----
**Version 3.4.48** (2021-05-12) * security **CVE-2021-21424**
[Security][Guard] Prevent user enumeration (chalasr)
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 19 2021 Remi Collet <remi(a)remirepo.net> - 3.4.49-1
- update to 3.4.49
* Mon May 17 2021 Remi Collet <remi(a)remirepo.net> - 3.4.48-1
- update to 3.4.48
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.4.47-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1960631 - CVE-2021-21424 php-symfony: user enumeration in authentication
mechanisms [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1960631
--------------------------------------------------------------------------------
================================================================================
realtime-setup-2.2-1.fc32 (FEDORA-2021-cecc0ab757)
Setup RT/low-latency environment details
--------------------------------------------------------------------------------
Update Information:
Fix service file using wrong filename for realtime-entsk task
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 19 2021 Clark Williams <williams(a)redhat.com> - 2.2-1
- Fix realtime-entsk.service using wrong image. Resolves rhbz#1891048
* Fri May 14 2021 Clark Williams <williams(a)redhat.com> - 2.1-4
- Sync RHEL 9 and Fedora versions
* Fri Apr 16 2021 Mohan Boddu <mboddu(a)redhat.com> - 2.1-3
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------