The following Fedora 30 Security updates need testing: Age URL 18 https://bodhi.fedoraproject.org/updates/FEDORA-2020-c870aa8378 tomcat-9.0.31-2.fc30 5 https://bodhi.fedoraproject.org/updates/FEDORA-2020-ab8e7463ab squid-4.10-3.fc30 5 https://bodhi.fedoraproject.org/updates/FEDORA-2020-7f625c5ea8 glibc-2.29-29.fc30 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-9c05b223cf kernel-5.5.13-100.fc30 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-6b07ff2526 telnet-0.17-77.fc30
The following Fedora 30 Critical Path updates have yet to be approved: Age URL 265 https://bodhi.fedoraproject.org/updates/FEDORA-2019-c05e4425d1 dash-0.5.10.2-3.fc30 28 https://bodhi.fedoraproject.org/updates/FEDORA-2020-f13060e7a5 vim-8.2.348-1.fc30 27 https://bodhi.fedoraproject.org/updates/FEDORA-2020-36282d2a6d cups-2.2.12-6.fc30 18 https://bodhi.fedoraproject.org/updates/FEDORA-2020-fffba1c2dd python3-3.7.7-1.fc30 python3-docs-3.7.7-1.fc30 13 https://bodhi.fedoraproject.org/updates/FEDORA-2020-036fae08b5 gcc-9.3.1-1.fc30 11 https://bodhi.fedoraproject.org/updates/FEDORA-2020-cde9529d3d selinux-policy-3.14.3-57.fc30 9 https://bodhi.fedoraproject.org/updates/FEDORA-2020-c345af20c3 gdisk-1.0.5-1.fc30 7 https://bodhi.fedoraproject.org/updates/FEDORA-2020-057d9bbb8a fedora-repos-30-3 7 https://bodhi.fedoraproject.org/updates/FEDORA-2020-6c16509e84 python-productmd-1.25-1.fc30 7 https://bodhi.fedoraproject.org/updates/FEDORA-2020-b6287eafe3 dnsmasq-2.80-13.fc30 5 https://bodhi.fedoraproject.org/updates/FEDORA-2020-7f625c5ea8 glibc-2.29-29.fc30 5 https://bodhi.fedoraproject.org/updates/FEDORA-2020-e0b52ac07d osinfo-db-20200325-1.fc30 5 https://bodhi.fedoraproject.org/updates/FEDORA-2020-b35b5c6e48 breeze-icon-theme-5.68.0-1.fc30 extra-cmake-modules-5.68.0-1.fc30 kf5-5.68.0-1.fc30 kf5-attica-5.68.0-1.fc30 kf5-baloo-5.68.0-1.fc30 kf5-bluez-qt-5.68.0-1.fc30 kf5-frameworkintegration-5.68.0-1.fc30 kf5-kactivities-5.68.0-1.fc30 kf5-kactivities-stats-5.68.0-1.fc30 kf5-kapidox-5.68.0-1.fc30 kf5-karchive-5.68.0-1.fc30 kf5-kauth-5.68.0-1.fc30 kf5-kbookmarks-5.68.0-1.fc30 kf5-kcmutils-5.68.0-1.fc30 kf5-kcodecs-5.68.0-1.fc30 kf5-kcompletion-5.68.0-1.fc30 kf5-kconfig-5.68.0-1.fc30 kf5-kconfigwidgets-5.68.0-1.fc30 kf5-kcoreaddons-5.68.0-1.fc30 kf5-kcrash-5.68.0-1.fc30 kf5-kdbusaddons-5.68.0-1.fc30 kf5-kdeclarative-5.68.0-1.fc30 kf5-kded-5.68.0-1.fc30 kf5-kdelibs4support-5.68.0-1.fc30 kf5-kdesignerplugin-5.68.0-1.fc30 kf5-kdesu-5.68.0-1.fc30 kf5-kdewebkit-5.68.0-1.fc30 kf5-kdnssd-5.68.0-1.fc30 kf5-kdoctools-5.68.0-1.fc30 kf5-kemoticons-5.68.0-1.fc30 kf5-kfilemetadata-5.68.0-1.fc30 kf5-kglobalaccel-5.68.0-1.fc30 kf5-kguiad dons-5.68.0-1.fc30 kf5-kholidays-5.68.0-1.fc30 kf5-khtml-5.68.0-1.fc30 kf5-ki18n-5.68.0-1.fc30 kf5-kiconthemes-5.68.0-1.fc30 kf5-kidletime-5.68.0-1.fc30 kf5-kimageformats-5.68.0-1.fc30 kf5-kinit-5.68.0-1.fc30 kf5-kio-5.68.0-1.fc30 kf5-kirigami2-5.68.0-1.fc30 kf5-kitemmodels-5.68.0-1.fc30 kf5-kitemviews-5.68.0-1.fc30 kf5-kjobwidgets-5.68.0-1.fc30 kf5-kjs-5.68.0-1.fc30 kf5-kjsembed-5.68.0-1.fc30 kf5-kmediaplayer-5.68.0-1.fc30 kf5-knewstuff-5.68.0-1.fc30 kf5-knotifications-5.68.0-1.fc30 kf5-knotifyconfig-5.68.0-1.fc30 kf5-kpackage-5.68.0-1.fc30 kf5-kparts-5.68.0-1.fc30 kf5-kpeople-5.68.0-1.fc30 kf5-kplotting-5.68.0-1.fc30 kf5-kpty-5.68.0-2.fc30 kf5-kquickcharts-5.68.0-1.fc30 kf5-kross-5.68.0-1.fc30 kf5-krunner-5.68.0-1.fc30 kf5-kservice-5.68.0-1.fc30 kf5-ktexteditor-5.68.0-1.fc30 kf5-ktextwidgets-5.68.0-1.fc30 kf5-kunitconversion-5.68.0-1.fc30 kf5-kwallet-5.68.0-1.fc30 kf5-kwayland-5.68.0-1.fc30 kf5-kwidgetsaddons-5.68.0-1.fc30 kf5-kwindowsystem-5.68.0-1.fc30 kf5-kxmlgui-5.68.0-1.fc30 kf5-kxmlrpcclient-5.68.0-1.fc30 kf5-modemmanager-qt-5.68.0-1.fc30 kf5-networkmanager-qt-5.68.0-1.fc30 kf5-plasma-5.68.0-1.fc30 kf5-prison-5.68.0-1.fc30 kf5-purpose-5.68.0-1.fc30 kf5-solid-5.68.0-1.fc30 kf5-sonnet-5.68.0-1.fc30 kf5-syndication-5.68.0-1.fc30 kf5-syntax-highlighting-5.68.0-1.fc30 kf5-threadweaver-5.68.0-1.fc30 oxygen-icon-theme-5.68.0-1.fc30 qqc2-desktop-style-5.68.0-1.fc30 5 https://bodhi.fedoraproject.org/updates/FEDORA-2020-81515be78b mtools-4.0.24-1.fc30 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-1a094b4f91 perl-Encode-3.05-14.fc30 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-b3edb41afd sudo-1.8.31p1-1.fc30 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-9c05b223cf kernel-5.5.13-100.fc30 4 https://bodhi.fedoraproject.org/updates/FEDORA-2020-a1eacf6355 samba-4.10.14-0.fc30 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-e9c132ec6a boost-1.69.0-9.fc30 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-a405066061 libreport-2.12.0-2.fc30
The following builds have been pushed to Fedora 30 updates-testing
arch-install-scripts-23-1.fc30 archlinux-keyring-20200108-1.fc30 cros-guest-tools-1.0-0.30.20200330git61d9c12.fc30 csdiff-1.7.1-1.fc30 easy-rsa-3.0.7-1.fc30 gpxsee-7.27-1.fc30 gsequencer-3.2.4-0.fc30 ibus-typing-booster-2.8.2-1.fc30 pacman-5.2.1-1.fc30 phpunit8-8.5.3-1.fc30 python-luftdaten-0.6.4-1.fc30 python-rpm-macros-3-47.fc30 python-tree-format-0.1.2-9.fc30 python34-3.4.10-4.fc30 rubygem-puma-3.12.4-1.fc30 vertica-python-0.10.3-1.fc30
Details about builds:
================================================================================ arch-install-scripts-23-1.fc30 (FEDORA-2020-8ff878157a) Scripts to bootstrap Arch Linux distribution -------------------------------------------------------------------------------- Update Information:
Latest upstream release. No need to log out or reboot. -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 31 2020 Zbigniew J��drzejewski-Szmek zbyszek@in.waw.pl - 23-1 - Update to latest version (#1717676) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1717676 - arch-install-scripts-23 is available https://bugzilla.redhat.com/show_bug.cgi?id=1717676 --------------------------------------------------------------------------------
================================================================================ archlinux-keyring-20200108-1.fc30 (FEDORA-2020-46bb65fa00) GPG keys used by Arch distribution to sign packages -------------------------------------------------------------------------------- Update Information:
Update to latest version. No need to log out or reboot. -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 31 2020 Zbigniew J��drzejewski-Szmek zbyszek@in.waw.pl - 20200108-1 - New upstream release (#1785315). --------------------------------------------------------------------------------
================================================================================ cros-guest-tools-1.0-0.30.20200330git61d9c12.fc30 (FEDORA-2020-a0ca27238f) Chromium OS integration meta package -------------------------------------------------------------------------------- Update Information:
Update to master git61d9c12 -------------------------------------------------------------------------------- ChangeLog:
--------------------------------------------------------------------------------
================================================================================ csdiff-1.7.1-1.fc30 (FEDORA-2020-aecd37c5cb) Non-interactive tools for processing code scan results in plain-text -------------------------------------------------------------------------------- Update Information:
- update to latest upstream release -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 31 2020 Kamil Dudka kdudka@redhat.com 1.7.1-1 - update to latest upstream release --------------------------------------------------------------------------------
================================================================================ easy-rsa-3.0.7-1.fc30 (FEDORA-2020-2f73b33cdb) Simple shell based CA utility -------------------------------------------------------------------------------- Update Information:
3.0.7 -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 31 2020 Gwyn Ciesla gwync@protonmail.com - 3.0.7-1 - 3.0.7 * Tue Jan 28 2020 Fedora Release Engineering releng@fedoraproject.org - 3.0.6-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Wed Jul 24 2019 Fedora Release Engineering releng@fedoraproject.org - 3.0.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ gpxsee-7.27-1.fc30 (FEDORA-2020-95603ac3d3) GPS log file viewer and analyzer -------------------------------------------------------------------------------- Update Information:
**News in version 7.26 (and 7.27):** - Enable simultaneous display of GPS and DEM data - Asynchronous WMS/WMTS map loading (fixes crash on OS X) - Various minor bug fixes -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 30 2020 Nikola Forr�� nforro@redhat.com - 7.27-1 - Update to version 7.27 resolves: #1818511 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1818511 - gpxsee-7.27 is available https://bugzilla.redhat.com/show_bug.cgi?id=1818511 --------------------------------------------------------------------------------
================================================================================ gsequencer-3.2.4-0.fc30 (FEDORA-2020-23cf186f6b) Audio processing engine -------------------------------------------------------------------------------- Update Information:
updated Source to point to new minor version directory -------------------------------------------------------------------------------- ChangeLog:
--------------------------------------------------------------------------------
================================================================================ ibus-typing-booster-2.8.2-1.fc30 (FEDORA-2020-d615f6bca8) A completion input method -------------------------------------------------------------------------------- Update Information:
Update to 2.8.2; translation updates for ar and tr -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 31 2020 Mike FABIAN mfabian@redhat.com - 2.8.2-1 - Update to 2.8.2 - Translation updates from Weblate for ar, tr - Update emoji annotations from CLDR --------------------------------------------------------------------------------
================================================================================ pacman-5.2.1-1.fc30 (FEDORA-2020-096fbcc91f) Package manager for the Arch distribution -------------------------------------------------------------------------------- Update Information:
Update to latest version. -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 31 2020 Zbigniew J��drzejewski-Szmek zbyszek@in.waw.pl - 5.2.1-1 - Update to latest upstream version (#1582967) - Fix arbitrary command injection in download URLs (#1809299, #1809301) * Wed Jan 29 2020 Fedora Release Engineering releng@fedoraproject.org - 5.0.2-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Thu Jul 25 2019 Fedora Release Engineering releng@fedoraproject.org - 5.0.2-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1582967 - pacman-5.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1582967 [ 2 ] Bug #1809299 - CVE-2019-18182 pacman: allows arbitrary command injection in conf.c in download_with_xfercommand function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1809299 [ 3 ] Bug #1809301 - CVE-2019-18183 pacman: allows arbitrary command injection in lib/libalpm/sync.c in apply_deltas function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1809301 --------------------------------------------------------------------------------
================================================================================ phpunit8-8.5.3-1.fc30 (FEDORA-2020-7fe9fa8949) The PHP Unit Testing framework version 8 -------------------------------------------------------------------------------- Update Information:
**Version 8.5.3** - 2020-03-31 **Fixed** * [#4017](https://github.com/sebastianbergmann/phpunit/issues/4017): Do not suggest refactoring to something that is also deprecated * [#4133](https://github.com/sebastianbergmann/phpunit/issues/4133): `expectExceptionMessageRegExp()` has been removed in PHPUnit 9 without a deprecation warning being given in PHPUnit 8 * [#4139](https://github.com/sebastianbergmann/phpunit/issues/4139): Cannot double interfaces that declare a constructor with PHP 8 * [#4144](https://github.com/sebastianbergmann/phpunit/issues/4144): Empty objects are converted to empty arrays in JSON comparison failure diff -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 31 2020 Remi Collet remi@remirepo.net - 8.5.3-1 - update to 8.5.3 - own /usr/share/php/PHPUnit8/Extensions --------------------------------------------------------------------------------
================================================================================ python-luftdaten-0.6.4-1.fc30 (FEDORA-2020-a9e37f9e05) A Python API wrapper for interacting with luftdaten.info -------------------------------------------------------------------------------- Update Information:
Update to latest upstream release 0.6.4 -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 31 2020 Fabian Affolter mail@fabian-affolter.ch - 0.6.4.-1 - Update to latest upstream release 0.6.4 * Thu Jan 30 2020 Fedora Release Engineering releng@fedoraproject.org - 0.6.3-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Thu Oct 3 2019 Miro Hron��ok mhroncok@redhat.com - 0.6.3-3 - Rebuilt for Python 3.8.0rc1 (#1748018) * Mon Aug 19 2019 Miro Hron��ok mhroncok@redhat.com - 0.6.3-2 - Rebuilt for Python 3.8 --------------------------------------------------------------------------------
================================================================================ python-rpm-macros-3-47.fc30 (FEDORA-2020-947b5f96ac) The unversioned Python RPM macros -------------------------------------------------------------------------------- Update Information:
Update compileall2 module to 0.7.1 (bugfix release) -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 31 2020 Lum��r Balhar lbalhar@redhat.com - 3-47 - Update of bundled compileall2 module to 0.7.1 (bugfix release) --------------------------------------------------------------------------------
================================================================================ python-tree-format-0.1.2-9.fc30 (FEDORA-2020-f7c663695d) Python library to generate nicely formatted trees, like the UNIX tree command -------------------------------------------------------------------------------- Update Information:
Bugfix package version -------------------------------------------------------------------------------- ChangeLog:
* Thu Jan 30 2020 Fedora Release Engineering releng@fedoraproject.org - 0.1.2-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Sat Aug 31 2019 Chedi Toueiti chedi.toueiti@gmail.com - 0.1.2-8 - Fixing the package version * Mon Aug 19 2019 Miro Hron��ok mhroncok@redhat.com - 0.1.2-7 - Rebuilt for Python 3.8 * Fri Jul 26 2019 Fedora Release Engineering releng@fedoraproject.org - 0.1.2-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ python34-3.4.10-4.fc30 (FEDORA-2020-0b19858dbb) Version 3.4 of the Python programming language -------------------------------------------------------------------------------- Update Information:
Add missing provides for packages bundled in bundled pip/setuptools -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 30 2020 Tomas Hrnciar thrnciar@redhat.com - 3.4.10-4 - Add missing provides for packages bundled in bundled pip/setuptools (rhbz#1775574) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1775574 - python34: Track all levels of bundled provides https://bugzilla.redhat.com/show_bug.cgi?id=1775574 --------------------------------------------------------------------------------
================================================================================ rubygem-puma-3.12.4-1.fc30 (FEDORA-2020-08092b4c97) A simple, fast, threaded, and highly concurrent HTTP 1.1 server -------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2020-5247, CVE-2020-5249 -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 31 2020 Jun Aruga jaruga@redhat.com - 3.12.4-1 - Update to Puma 3.12.4. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1816182 - CVE-2020-5249 rubygem-puma: attacker is able to use carriage return character to insert malicious content (HTTP Response Splitting), this could lead to XSS [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1816182 [ 2 ] Bug #1816189 - CVE-2020-5247 rubygem-puma: attacker is able to use newline characters to insert malicious content (HTTP Response Splitting), this could lead to XSS [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1816189 --------------------------------------------------------------------------------
================================================================================ vertica-python-0.10.3-1.fc30 (FEDORA-2020-0ac197b2af) A native Python adapter for the Vertica database -------------------------------------------------------------------------------- Update Information:
Update to version 0.10.3 -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 31 2020 Jakub Jedelsky jakub.jedelsky@gmail.com - 0.10.3-1 - Update to version 0.10.3 * Fri Jan 31 2020 Fedora Release Engineering releng@fedoraproject.org - 0.10.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1794393 - vertica-python-0.10.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1794393 --------------------------------------------------------------------------------