--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-b605768c94
2022-04-30 18:40:14.826096
--------------------------------------------------------------------------------
Name : vim
Product : Fedora 34
Version : 8.2.4804
Release : 1.fc34
URL : http://www.vim.org/
Summary : The VIM editor
Description :
VIM (VIsual editor iMproved) is an updated and improved version of the
vi editor. Vi was the first real screen-based editor for UNIX, and is
still very popular. VIM improves on vi by adding new features:
multiple windows, multi-level undo, block highlighting and more.
--------------------------------------------------------------------------------
Update Information:
The newest upstream commit Security fixes for CVE-2022-1381, CVE-2022-1420
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 22 2022 Zdenek Dohnal <zdohnal(a)redhat.com> - 2:8.2.4804-1
- patchlevel 4804
* Fri Apr 8 2022 Zdenek Dohnal <zdohnal(a)redhat.com> - 2:8.2.4701-2
- fix the upstream testsuite failure due downstream patch
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2076170 - CVE-2022-1381 vim: global heap buffer overflow in skip_range
https://bugzilla.redhat.com/show_bug.cgi?id=2076170
[ 2 ] Bug #2077734 - CVE-2022-1420 vim: Out-of-range Pointer Offset
https://bugzilla.redhat.com/show_bug.cgi?id=2077734
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-b605768c94' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-e4d2af45bc
2022-04-30 18:40:14.826086
--------------------------------------------------------------------------------
Name : python-numexpr
Product : Fedora 34
Version : 2.8.1
Release : 1.fc34
URL : https://github.com/pydata/numexpr
Summary : Fast numerical array expression evaluator for Python and NumPy
Description :
The numexpr package evaluates multiple-operator array expressions many times
faster than NumPy can. It accepts the expression as a string, analyzes it,
rewrites it more efficiently, and compiles it to faster Python code on the
fly. It���s the next best thing to writing the expression in C and compiling it
with a specialized just-in-time (JIT) compiler, i.e. it does not require a
compiler at runtime.
--------------------------------------------------------------------------------
Update Information:
Update to latest stable version. Seems to be mostly changes to packaging and
testing integration, with some minor feature additions.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 22 2022 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> 2.8.1-1
- Version 2.8.1 (rhbz#1869949, rhbz#2061435)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1869949 - python-numexpr-3.0.1a5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1869949
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-e4d2af45bc' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-a821df49a4
2022-04-30 18:40:14.826075
--------------------------------------------------------------------------------
Name : cups-filters
Product : Fedora 34
Version : 1.28.15
Release : 1.fc34
URL : http://www.linuxfoundation.org/collaborate/workgroups/openprinting/cups-fil…
Summary : OpenPrinting CUPS filters and backends
Description :
Contains backends, filters, and other software that was
once part of the core CUPS distribution but is no longer maintained by
Apple Inc. In addition it contains additional filters developed
independently of Apple, especially filters for the PDF-centric printing
workflow introduced by OpenPrinting.
--------------------------------------------------------------------------------
Update Information:
1.28.15
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 20 2022 Zdenek Dohnal <zdohnal(a)redhat.com> - 1.28.15-1
- 1.28.15
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-a821df49a4' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-e83d990541
2022-04-30 18:40:14.826049
--------------------------------------------------------------------------------
Name : nanovna-saver
Product : Fedora 34
Version : 0.4.0
Release : 3.fc34
URL : https://github.com/mihtjel/nanovna-saver
Summary : Tool for reading, displaying and saving data from the NanoVNA
Description :
A multiplatform tool to save Touchstone files from the NanoVNA, sweep
frequency spans in segments to gain more than 101 data points, and
generally display and analyze the resulting data.
--------------------------------------------------------------------------------
Update Information:
This is an update relaxing dependencies.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 21 2022 Jaroslav ��karvada <jskarvad(a)redhat.com> - 0.4.0-3
- More relaxed dependencies
Resolves: rhbz#2075865
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2075865 - F34FailsToInstall: nanovna-saver
https://bugzilla.redhat.com/show_bug.cgi?id=2075865
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-e83d990541' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-22b85a45cb
2022-04-30 18:40:14.826063
--------------------------------------------------------------------------------
Name : epiphany
Product : Fedora 34
Version : 40.6
Release : 2.fc34
URL : https://wiki.gnome.org/Apps/Web
Summary : Web browser for GNOME
Description :
Epiphany is the web browser for the GNOME desktop. Its goal is to be
simple and easy to use. Epiphany ties together many GNOME components
in order to let you focus on the Web content, instead of the browser
application.
--------------------------------------------------------------------------------
Update Information:
Fix CVE-2022-29536
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 21 2022 Michael Catanzaro <mcatanzaro(a)redhat.com> - 1:40.6-2
- Add patch for CVE-2022-29536
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2077324 - CVE-2022-29536 epiphany: a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2077324
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-22b85a45cb' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-6b512ae9e5
2022-04-30 18:40:14.825912
--------------------------------------------------------------------------------
Name : gzip
Product : Fedora 34
Version : 1.10
Release : 5.fc34
URL : http://www.gzip.org/
Summary : The GNU data compression program
Description :
The gzip package contains the popular GNU gzip data compression
program. Gzipped files have a .gz extension.
Gzip should be installed on your system, because it is a
very commonly used data compression program.
--------------------------------------------------------------------------------
Update Information:
zgrep applied to a crafted file name with two or more newlines can no longer
overwrite an arbitrary, attacker-selected file. reproducer: $ touch
foo.gz $ echo foo | gzip > "$(printf '|\n;e touch pwned\n#.gz')" $
zgrep foo *.gz (the unfixed version of zgrep creates the file called pwned)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 13 2022 Jakub Martisko <jamartis(a)redhat.com> - 1.10-5
- fix an arbitrary-file-write vulnerability in zgrep
Resolves: CVE-2022-1271
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-6b512ae9e5' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-4ef0c377ef
2022-04-30 18:07:28.207610
--------------------------------------------------------------------------------
Name : glibc
Product : Fedora 35
Version : 2.34
Release : 32.fc35
URL : http://www.gnu.org/software/glibc/
Summary : The GNU libc libraries
Description :
The glibc package contains standard libraries which are used by
multiple programs on the system. In order to save disk space and
memory, as well as to make upgrading easier, common system code is
kept in one place and shared between programs. This particular package
contains the most important sets of shared libraries: the standard C
library and the standard math library. Without these two libraries, a
Linux system will not function.
--------------------------------------------------------------------------------
Update Information:
This update contains various fixes from the upstream glibc 2.34 release branch.
- misc: Fix rare fortify crash on wchar funcs (BZ #29030) - dlfcn: Do not use
rtld_active () to determine ld.so state (BZ #29078) - x86-64: Optimize load of
all bits set into ZMM register (BZ #28252) - x86-64: Use notl in EVEX strcmp (BZ
#28646) - posix/glob.c: update from gnulib (BZ #25659) - linux: Fix fchmodat
with AT_SYMLINK_NOFOLLOW for 64 bit time_t (BZ #29097)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 28 2022 Carlos O'Donell <carlos(a)redhat.com> - 2.34-32
- Sync with upstream branch release/2.34/master,
commit c66c92181ddbd82306537a608e8c0282587131de:
- posix/glob.c: update from gnulib (BZ#25659)
- linux: Fix fchmodat with AT_SYMLINK_NOFOLLOW for 64 bit time_t (BZ#29097)
* Wed Apr 27 2022 Carlos O'Donell <carlos(a)redhat.com> - 2.34-31
- Sync with upstream branch release/2.34/master,
commit 55640ed3fde48360a8e8083be4843bd2dc7cecfe:
- i386: Regenerate ulps
- linux: Fix missing internal 64 bit time_t stat usage
- x86: Optimize L(less_vec) case in memcmp-evex-movbe.S
- x86: Don't set Prefer_No_AVX512 for processors with AVX512 and AVX-VNNI
- x86-64: Use notl in EVEX strcmp [BZ #28646]
- x86: Shrink memcmp-sse4.S code size
- x86: Double size of ERMS rep_movsb_threshold in dl-cacheinfo.h
- x86: Optimize memmove-vec-unaligned-erms.S
- x86-64: Replace movzx with movzbl
- x86-64: Remove Prefer_AVX2_STRCMP
- x86-64: Improve EVEX strcmp with masked load
- x86: Replace sse2 instructions with avx in memcmp-evex-movbe.S
- x86: Optimize memset-vec-unaligned-erms.S
- x86: Optimize memcmp-evex-movbe.S for frontend behavior and size
- x86: Modify ENTRY in sysdep.h so that p2align can be specified
- x86-64: Optimize load of all bits set into ZMM register [BZ #28252]
- scripts/glibcelf.py: Mark as UNSUPPORTED on Python 3.5 and earlier
- dlfcn: Do not use rtld_active () to determine ld.so state (bug 29078)
- INSTALL: Rephrase -with-default-link documentation
- misc: Fix rare fortify crash on wchar funcs. [BZ 29030]
- Default to --with-default-link=no (bug 25812)
- scripts: Add glibcelf.py module
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-4ef0c377ef' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-c97f809fb2
2022-04-30 18:07:28.207601
--------------------------------------------------------------------------------
Name : pipewire
Product : Fedora 35
Version : 0.3.51
Release : 1.fc35
URL : https://pipewire.org/
Summary : Media Sharing Server
Description :
PipeWire is a multimedia server for Linux and other Unix like operating
systems.
--------------------------------------------------------------------------------
Update Information:
Update version to 0.3.51
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 28 2022 Wim Taymans <wtaymans(a)redhat.com> - 0.3.51-1
- Update version to 0.3.51
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-c97f809fb2' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-aec66d228c
2022-04-30 18:07:28.207581
--------------------------------------------------------------------------------
Name : python-numexpr
Product : Fedora 35
Version : 2.8.1
Release : 1.fc35
URL : https://github.com/pydata/numexpr
Summary : Fast numerical array expression evaluator for Python and NumPy
Description :
The numexpr package evaluates multiple-operator array expressions many times
faster than NumPy can. It accepts the expression as a string, analyzes it,
rewrites it more efficiently, and compiles it to faster Python code on the
fly. It���s the next best thing to writing the expression in C and compiling it
with a specialized just-in-time (JIT) compiler, i.e. it does not require a
compiler at runtime.
--------------------------------------------------------------------------------
Update Information:
Update to latest stable version. Seems to be mostly changes to packaging and
testing integration, with some minor feature additions.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 22 2022 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> 2.8.1-1
- Version 2.8.1 (rhbz#1869949, rhbz#2061435)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1869949 - python-numexpr-3.0.1a5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1869949
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-aec66d228c' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-5c64120636
2022-04-30 18:07:28.207591
--------------------------------------------------------------------------------
Name : samba
Product : Fedora 35
Version : 4.15.7
Release : 0.fc35
URL : https://www.samba.org
Summary : Server and Client software to interoperate with Windows machines
Description :
Samba is the standard Windows interoperability suite of programs for Linux and
Unix.
--------------------------------------------------------------------------------
Update Information:
Update to Samba 4.15.7
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 26 2022 Guenther Deschner <gdeschner(a)redhat.com> - 4.15.7-0
- Update to Samba 4.15.7
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-5c64120636' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------