The following Fedora 31 Security updates need testing:
Age URL
43 https://bodhi.fedoraproject.org/updates/FEDORA-2020-c5ec22e14f libuv-1.39.0-1.fc31 nodejs-12.18.4-1.fc31
8 https://bodhi.fedoraproject.org/updates/FEDORA-2020-6b35849edd freetype-2.10.0-4.fc31
5 https://bodhi.fedoraproject.org/updates/FEDORA-2020-01dc2bc62c fastd-21-1.fc31
3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-15a1bde727 kata-ksm-throttler-1.11.1-1.fc31.1
3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-61fcf3ffc7 kata-osbuilder-1.11.1-1.fc31.1
3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-193da8cf44 arpwatch-2.1a15-48.fc31
3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-1af9cd8c87 kata-shim-1.11.1-1.fc31.1
2 https://bodhi.fedoraproject.org/updates/FEDORA-2020-d1ce381889 pngcheck-2.3.0-3.fc31
2 https://bodhi.fedoraproject.org/updates/FEDORA-2020-8aca25b5c8 chromium-86.0.4240.111-1.fc31
2 https://bodhi.fedoraproject.org/updates/FEDORA-2020-53df1c05be community-mysql-8.0.22-1.fc31
2 https://bodhi.fedoraproject.org/updates/FEDORA-2020-e083225fa1 blueman-2.1.4-1.fc31
1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-42b44971a1 xen-4.12.3-7.fc31
1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-09e4d062fe kernel-5.8.17-100.fc31
1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-1da8aa9dd3 thunderbird-78.4.0-1.fc31
1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-b0ea9e2d33 mariadb-10.3.25-1.fc31
0 https://bodhi.fedoraproject.org/updates/FEDORA-2020-bf266424ea wordpress-5.5.2-1.fc31
The following Fedora 31 Critical Path updates have yet to be approved:
Age URL
80 https://bodhi.fedoraproject.org/updates/FEDORA-2020-72bc7df001 libunwind-1.3.1-7.fc31
10 https://bodhi.fedoraproject.org/updates/FEDORA-2020-d979670533 pcre-8.44-2.fc31
10 https://bodhi.fedoraproject.org/updates/FEDORA-2020-595197a38d ceph-14.2.12-1.fc31
8 https://bodhi.fedoraproject.org/updates/FEDORA-2020-747b6fb156 linux-firmware-20201022-113.fc31
8 https://bodhi.fedoraproject.org/updates/FEDORA-2020-6b35849edd freetype-2.10.0-4.fc31
8 https://bodhi.fedoraproject.org/updates/FEDORA-2020-517bc29c3f vim-8.2.1885-1.fc31
4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-df2ee7a68b nfs-utils-2.5.2-0.fc31
3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-43eb9f7d6a pcre2-10.35-8.fc31
1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-09e4d062fe kernel-5.8.17-100.fc31
1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-42b44971a1 xen-4.12.3-7.fc31
1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-1da8aa9dd3 thunderbird-78.4.0-1.fc31
1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-eeb0523bd0 mtools-4.0.25-1.fc31
0 https://bodhi.fedoraproject.org/updates/FEDORA-2020-c635688f4e libbluray-1.2.1-2.fc31
0 https://bodhi.fedoraproject.org/updates/FEDORA-2020-871455fdcf firefox-82.0.2-1.fc31
The following builds have been pushed to Fedora 31 updates-testing
R-generics-0.1.0-1.fc31
R-xfun-0.19-1.fc31
bpytop-1.0.47-1.fc31
elementary-planner-2.5.7-1.fc31
gnome-shell-extension-material-shell-9-1.fc31
libntlm-1.6-1.fc31
libtpms-0.7.4-0.20201031git2452a24dab.fc31
nss-3.58.0-3.fc31
preproc-rpmspec-1.1-1.fc31
psi-plus-1.4.1529-1.fc31
python-freeipa-1.0.7-1.fc31
rpkg-macros-1.0-1.fc31
usrsctp-1.0.0-0.1.20201017gitf4925bd.fc31
Details about builds:
================================================================================
R-generics-0.1.0-1.fc31 (FEDORA-2020-191454e73d)
Common S3 Generics not Provided by Base R Methods Related to Model Fitting
--------------------------------------------------------------------------------
Update Information:
Update to latest version; change to MIT license
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 31 2020 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 0.1.0-1
- Update to latest version (#1893416)
* Mon Jul 27 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.0.2-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Sat Jun 6 2020 Tom Callaway <spot(a)fedoraproject.org> - 0.0.2-5
- break loop with tibble
- rebuild for R 4
* Tue Jan 28 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.0.2-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1893416 - R-generics-0.1.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1893416
--------------------------------------------------------------------------------
================================================================================
R-xfun-0.19-1.fc31 (FEDORA-2020-f496341e20)
Miscellaneous Functions by 'Yihui Xie'
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 31 2020 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 0.19-1
- Update to latest version
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1893376 - R-xfun-0.19 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1893376
--------------------------------------------------------------------------------
================================================================================
bpytop-1.0.47-1.fc31 (FEDORA-2020-f3671e01a4)
Linux/OSX/FreeBSD resource monitor
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 31 2020 Artem Polishchuk <ego.cordatus(a)gmail.com> - 1.0.47-1
- build(update): 1.0.47
* Sun Oct 25 2020 Artem Polishchuk <ego.cordatus(a)gmail.com> - 1.0.45-1
- build(update): 1.0.45
* Mon Oct 19 2020 Artem Polishchuk <ego.cordatus(a)gmail.com> - 1.0.44-1
- build(update): 1.0.44
--------------------------------------------------------------------------------
================================================================================
elementary-planner-2.5.7-1.fc31 (FEDORA-2020-5556ac4f0d)
Task manager with Todoist support designed for GNU/Linux
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Tue Oct 27 2020 Artem Polishchuk <ego.cordatus(a)gmail.com> - 2.5.7-1
- build(update): 2.5.7
--------------------------------------------------------------------------------
================================================================================
gnome-shell-extension-material-shell-9-1.fc31 (FEDORA-2020-fe7587c19a)
Modern desktop interface for Linux
--------------------------------------------------------------------------------
Update Information:
Update to 9
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 31 2020 Artem Polishchuk <ego.cordatus(a)gmail.com> - 9-1
- build(update): 9
--------------------------------------------------------------------------------
================================================================================
libntlm-1.6-1.fc31 (FEDORA-2020-bf41fcdeba)
NTLMv1 authentication library
--------------------------------------------------------------------------------
Update Information:
Update to security fix 1.6 version. Fixes CVE-2019-17455
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 31 2020 Kevin Fenzi <kevin(a)scrye.com> - 1.6-1
- Update to 1.6. Fixes CVE-2019-17455
* Sat Aug 1 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.5-4
- Second attempt - Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Tue Jul 28 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.5-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1768464 - CVE-2019-17455 libntlm: stack-based buffer overflow in buildSmbNtlmAuthRequest in smbutil.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1768464
[ 2 ] Bug #1825591 - libntlm-1.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1825591
--------------------------------------------------------------------------------
================================================================================
libtpms-0.7.4-0.20201031git2452a24dab.fc31 (FEDORA-2020-477b00a4d8)
Library providing Trusted Platform Module (TPM) functionality
--------------------------------------------------------------------------------
Update Information:
Follow stable-0.7.0 branch to v0.7.4 with security-related fixes
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 31 2020 Stefan Berger <stefanb(a)linux.ibm.com> - 0.7.4-0.20201031git2452a24dab
- Follow stable-0.7.0 branch to v0.7.4 with security-related fixes
--------------------------------------------------------------------------------
================================================================================
nss-3.58.0-3.fc31 (FEDORA-2020-a857113c7a)
Network Security Services
--------------------------------------------------------------------------------
Update Information:
Updates the nss package to upstream NSS 3.58 respectively. For details about
new functionality and a list of bugs fixed in this release please see the
upstream release notes - https://developer.mozilla.org/en-
US/docs/Mozilla/Projects/NSS/NSS_3.57_release_notes
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 26 2020 Daiki Ueno <dueno(a)redhat.com> - 3.58.0-3
- Revert the last change, always tolerate the first CCS in TLS 1.3
* Thu Oct 22 2020 Daiki Ueno <dueno(a)redhat.com> - 3.58.0-2
- Enable TLS 1.3 middlebox compatibility mode by default
* Tue Oct 20 2020 Daiki Ueno <dueno(a)redhat.com> - 3.58.0-1
- Update to NSS 3.58
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1887319 - CVE-2020-25648 nss: TLS 1.3 CCS flood remote DoS Attack
https://bugzilla.redhat.com/show_bug.cgi?id=1887319
--------------------------------------------------------------------------------
================================================================================
preproc-rpmspec-1.1-1.fc31 (FEDORA-2020-8bb01ea70a)
Minimalistic tool for rpm spec-file preprocessing
--------------------------------------------------------------------------------
Update Information:
New major versions of rpkg-macros (1.0) and preproc-rpmspec (1.1). Update
allowed per https://pagure.io/fesco/issue/2488. preproc-rpmspec was only
changed to require rpkg-macros >= 1.0. More significant changes are in rpkg-
macros: - fix version check in git_pack - rpm-git-tag-sort is also required
during build for tests - add man pages for rpkg-macros, redirect there from
MACRO REFERENCE in man rpkg - fix parameter order for rpm-git-tag-sort in
git_merged_tag_refs - fix version parsing from the latest tag, package name may
contain dashes! - implement support for multiple Sources at once - use rpm-
git-tag-sort for tag sorting & filtering in git_merged_tag_refs submodules -
fix git_head for detached head state - in git_bumped_version, lead must be
numeric and greater than zero to output follow as zero + small code tweak in
git_version_generic - remove now unused git_bumped_release, set "" as default
for lead in git_bumped_version - make lead="" the only special case, otherwise
lead is lead - unify code and params for git_release and git_version - code
cleanup
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 8 2020 Michal Novotn�� <michal.novotny(a)comprimato.com> 1.1-1
- set lead to empty
* Mon Oct 5 2020 Michal Novotn�� <michal.novotny(a)comprimato.com> 1.0-1
- Require rpkg-macros >= 1.0
--------------------------------------------------------------------------------
================================================================================
psi-plus-1.4.1529-1.fc31 (FEDORA-2020-4a4fd39b9e)
Jabber client based on Qt
--------------------------------------------------------------------------------
Update Information:
Updated to version 1.4.1529.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 31 2020 Vitaly Zaitsev <vitaly(a)easycoding.org> - 1:1.4.1529-1
- Updated to version 1.4.1529.
* Sat Oct 31 2020 Vitaly Zaitsev <vitaly(a)easycoding.org> - 1:1.4.1526-1
- Updated to version 1.4.1526.
* Fri Oct 30 2020 Vitaly Zaitsev <vitaly(a)easycoding.org> - 1:1.4.1523-1
- Updated to version 1.4.1523.
--------------------------------------------------------------------------------
================================================================================
python-freeipa-1.0.7-1.fc31 (FEDORA-2020-b7b6d2bb9d)
Lightweight FreeIPA client
--------------------------------------------------------------------------------
Update Information:
Bugfix update to 1.0.7
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 30 2020 Neal Gompa <ngompa13(a)gmail.com> - 1.0.7-1
- Update to 1.0.7 (#1893204)
* Wed Jul 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.0.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1893204 - python-freeipa-1.0.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1893204
--------------------------------------------------------------------------------
================================================================================
rpkg-macros-1.0-1.fc31 (FEDORA-2020-8bb01ea70a)
Set of preproc macros for rpkg utility
--------------------------------------------------------------------------------
Update Information:
New major versions of rpkg-macros (1.0) and preproc-rpmspec (1.1). Update
allowed per https://pagure.io/fesco/issue/2488. preproc-rpmspec was only
changed to require rpkg-macros >= 1.0. More significant changes are in rpkg-
macros: - fix version check in git_pack - rpm-git-tag-sort is also required
during build for tests - add man pages for rpkg-macros, redirect there from
MACRO REFERENCE in man rpkg - fix parameter order for rpm-git-tag-sort in
git_merged_tag_refs - fix version parsing from the latest tag, package name may
contain dashes! - implement support for multiple Sources at once - use rpm-
git-tag-sort for tag sorting & filtering in git_merged_tag_refs submodules -
fix git_head for detached head state - in git_bumped_version, lead must be
numeric and greater than zero to output follow as zero + small code tweak in
git_version_generic - remove now unused git_bumped_release, set "" as default
for lead in git_bumped_version - make lead="" the only special case, otherwise
lead is lead - unify code and params for git_release and git_version - code
cleanup
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 5 2020 clime <clime(a)fedoraproject.org> 1.0-1
- fix version check in git_pack
- rpm-git-tag-sort is also required during build for tests
- add man pages for rpkg-macros, redirect there from MACRO REFERENCE
in man rpkg
- fix parameter order for rpm-git-tag-sort in git_merged_tag_refs
- fix version parsing from the latest tag, package name may contain
dashes!
- implement support for multiple Sources at once
- use rpm-git-tag-sort for tag sorting & filtering in git_merged_tag_refs
submodules
- fix git_head for detached head state
- in git_bumped_version, lead must be numeric and greater than zero to output
follow as zero + small code tweak in git_version_generic
- remove now unused git_bumped_release, set "" as default for lead in
git_bumped_version
- make lead="" the only special case, otherwise lead is lead
- unify code and params for git_release and git_version
- code cleanup
--------------------------------------------------------------------------------
================================================================================
usrsctp-1.0.0-0.1.20201017gitf4925bd.fc31 (FEDORA-2020-4a4fd39b9e)
Portable SCTP userland stack
--------------------------------------------------------------------------------
Update Information:
Updated to version 1.4.1529.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------