The following Fedora 30 Security updates need testing: Age URL 28 https://bodhi.fedoraproject.org/updates/FEDORA-2019-71b2273a9f libarchive-3.3.3-7.fc30 10 https://bodhi.fedoraproject.org/updates/FEDORA-2019-69da274284 grub2-2.02-87.fc30 7 https://bodhi.fedoraproject.org/updates/FEDORA-2019-11dddb785b samba-4.10.11-0.fc30 7 https://bodhi.fedoraproject.org/updates/FEDORA-2019-1cec196e20 git-2.21.1-1.fc30 6 https://bodhi.fedoraproject.org/updates/FEDORA-2019-533a72fec5 fribidi-1.0.5-5.fc30 6 https://bodhi.fedoraproject.org/updates/FEDORA-2019-46b6bd2459 libssh-0.9.3-1.fc30 6 https://bodhi.fedoraproject.org/updates/FEDORA-2019-6bf27b45b3 cacti-1.2.8-1.fc30 cacti-spine-1.2.8-1.fc30 4 https://bodhi.fedoraproject.org/updates/FEDORA-2019-8f27a14efa chromium-79.0.3945.79-1.fc30 4 https://bodhi.fedoraproject.org/updates/FEDORA-2019-2e12bd3a9a xen-4.11.3-2.fc30 4 https://bodhi.fedoraproject.org/updates/FEDORA-2019-1051e10c1e wordpress-5.3.1-1.fc30 4 https://bodhi.fedoraproject.org/updates/FEDORA-2019-3230b2aae9 spamassassin-3.4.3-1.fc30 4 https://bodhi.fedoraproject.org/updates/FEDORA-2019-c7b5103d2a unbound-1.9.6-1.fc30 2 https://bodhi.fedoraproject.org/updates/FEDORA-2019-c4177f74f5 drupal7-l10n_update-2.3-1.fc30 2 https://bodhi.fedoraproject.org/updates/FEDORA-2019-6abe00cae1 drupal7-webform-4.21-1.fc30 1 https://bodhi.fedoraproject.org/updates/FEDORA-2019-7938c21723 cyrus-imapd-3.0.13-1.fc30
The following Fedora 30 Critical Path updates have yet to be approved: Age URL 160 https://bodhi.fedoraproject.org/updates/FEDORA-2019-c05e4425d1 dash-0.5.10.2-3.fc30 28 https://bodhi.fedoraproject.org/updates/FEDORA-2019-71b2273a9f libarchive-3.3.3-7.fc30 21 https://bodhi.fedoraproject.org/updates/FEDORA-2019-ed226e6112 xorg-x11-server-1.20.6-1.fc30 13 https://bodhi.fedoraproject.org/updates/FEDORA-2019-1c4b3119a7 passwd-0.80-7.fc30 13 https://bodhi.fedoraproject.org/updates/FEDORA-2019-0d122cc67a dnf-4.2.17-1.fc30 dnf-plugins-core-4.0.12-1.fc30 libcomps-0.1.14-1.fc30 libdnf-0.39.1-1.fc30 microdnf-3.3.0-1.fc30 10 https://bodhi.fedoraproject.org/updates/FEDORA-2019-decb570505 python-jsonschema-3.2.0-1.fc30 10 https://bodhi.fedoraproject.org/updates/FEDORA-2019-32a8da0e3a bash-5.0.11-1.fc30 10 https://bodhi.fedoraproject.org/updates/FEDORA-2019-69da274284 grub2-2.02-87.fc30 10 https://bodhi.fedoraproject.org/updates/FEDORA-2019-b436a3156c gnupg2-2.2.18-2.fc30 10 https://bodhi.fedoraproject.org/updates/FEDORA-2019-df017ddeb7 pungi-4.1.41-3.fc30 7 https://bodhi.fedoraproject.org/updates/FEDORA-2019-bd81ed62bf make-4.2.1-14.fc30 7 https://bodhi.fedoraproject.org/updates/FEDORA-2019-1cec196e20 git-2.21.1-1.fc30 7 https://bodhi.fedoraproject.org/updates/FEDORA-2019-3454e38e8c supermin-5.1.20-11.fc30 7 https://bodhi.fedoraproject.org/updates/FEDORA-2019-212afebfaf emacs-26.3-1.fc30 7 https://bodhi.fedoraproject.org/updates/FEDORA-2019-11dddb785b samba-4.10.11-0.fc30 7 https://bodhi.fedoraproject.org/updates/FEDORA-2019-8bcab526a8 tigervnc-1.10.0-2.fc30 7 https://bodhi.fedoraproject.org/updates/FEDORA-2019-395944db07 glib-networking-2.60.4-1.fc30 7 https://bodhi.fedoraproject.org/updates/FEDORA-2019-11d1e41933 librepo-1.11.1-1.fc30 6 https://bodhi.fedoraproject.org/updates/FEDORA-2019-6a84b238e6 libedit-3.1-30.20191211cvs.fc30 6 https://bodhi.fedoraproject.org/updates/FEDORA-2019-46b6bd2459 libssh-0.9.3-1.fc30 4 https://bodhi.fedoraproject.org/updates/FEDORA-2019-2e12bd3a9a xen-4.11.3-2.fc30 4 https://bodhi.fedoraproject.org/updates/FEDORA-2019-daed517e5f vim-8.1.2424-1.fc30 1 https://bodhi.fedoraproject.org/updates/FEDORA-2019-888f4b53e8 python3-3.7.5-2.fc30
The following builds have been pushed to Fedora 30 updates-testing
Coin4-4.0.0-4.fc30 cockpit-composer-11-1.fc30 cros-guest-tools-1.0-0.23.20191217gitce9fd9f.fc30 dino-0.0-0.15.20191216.git.11c18cd.fc30 ensmallen-2.10.5-1.fc30 freecad-0.18.4-3.fc30 fusioninventory-agent-2.5.2-1.fc30 gsequencer-2.4.4-0.fc30 htmldoc-1.9.7-1.fc30 ibus-table-1.9.22-1.fc30 libseccomp-2.4.2-2.fc30 libsolv-0.7.10-1.fc30 php-7.3.13-1.fc30 prunerepo-1.17-1.fc30 python-google-auth-1.9.0-2.fc30 python-openshift-0.10.1-3.fc30 ravada-0.5.0-1.fc30 skopeo-0.1.40-2.fc30 xournalpp-1.0.16-7.fc30 xrootd-4.11.1-1.fc30
Details about builds:
================================================================================ Coin4-4.0.0-4.fc30 (FEDORA-2019-3d88bddf00) High-level 3D visualization library -------------------------------------------------------------------------------- Update Information:
Rebuilt freecad back with Coin4 which has GLX removed to hopefully fix running FreeCAD on Wayland. -------------------------------------------------------------------------------- ChangeLog:
* Mon Dec 2 2019 Richard Shaw hobbes1069@gmail.com - 4.0.0-4 - Disable building with glx as it causes crashes in FreeCAD on wayland. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1779034 - None https://bugzilla.redhat.com/show_bug.cgi?id=1779034 [ 2 ] Bug #1774705 - None https://bugzilla.redhat.com/show_bug.cgi?id=1774705 [ 3 ] Bug #1773366 - None https://bugzilla.redhat.com/show_bug.cgi?id=1773366 [ 4 ] Bug #1775688 - None https://bugzilla.redhat.com/show_bug.cgi?id=1775688 [ 5 ] Bug #1768480 - [abrt] freecad: cc_glglue_instance(): FreeCAD killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1768480 --------------------------------------------------------------------------------
================================================================================ cockpit-composer-11-1.fc30 (FEDORA-2019-0231e68903) Composer GUI for use with Cockpit -------------------------------------------------------------------------------- Update Information:
- Update translations - Fix tests to work against current Cockpit as non-root ---- - Show depsolve errors on the blueprints page - Add labels for additional output types - Convert more components to PF4 -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 17 2019 Martin Pitt martin@piware.de - 11-1 - Update translations - Fix tests to work against current Cockpit as non-root * Tue Dec 17 2019 Lars Karlitski lars@karlitski.net - 10-1 - Show depsolve errors on the blueprints page - Add labels for additional output types - Convert more components to PF4 --------------------------------------------------------------------------------
================================================================================ cros-guest-tools-1.0-0.23.20191217gitce9fd9f.fc30 (FEDORA-2019-bf19f64e84) Chromium OS integration meta package -------------------------------------------------------------------------------- Update Information:
Update to lastest upstream -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 17 2019 Jason Montleon jmontleo@redhat.com 1.0-0.23.20191217gitce9fd9f - Update to master ce9fd9f --------------------------------------------------------------------------------
================================================================================ dino-0.0-0.15.20191216.git.11c18cd.fc30 (FEDORA-2019-4a80efc6ff) Modern XMPP ("Jabber") Chat Client using GTK+/Vala -------------------------------------------------------------------------------- Update Information:
Update to [11c18cdf](https://github.com/dino/dino/compare/d194eae6...11c18cdf). -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 17 2019 Randy Barlow bowlofeggs@fedoraproject.org - 0.0-0.15.20191216.git.11c18cdf - Update to 11c18cdf. - https://github.com/dino/dino/compare/d194eae6...11c18cdf --------------------------------------------------------------------------------
================================================================================ ensmallen-2.10.5-1.fc30 (FEDORA-2019-ba3a8f9c79) Header-only C++ library for efficient mathematical optimization -------------------------------------------------------------------------------- Update Information:
Update to latest stable version. -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 17 2019 Ryan Curtin ryan@ratml.org - 2.10.5-1 - Update to latest stable version. --------------------------------------------------------------------------------
================================================================================ freecad-0.18.4-3.fc30 (FEDORA-2019-3d88bddf00) A general purpose 3D CAD modeler -------------------------------------------------------------------------------- Update Information:
Rebuilt freecad back with Coin4 which has GLX removed to hopefully fix running FreeCAD on Wayland. -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 17 2019 Richard Shaw hobbes1069@gmail.com - 1:0.18.4-3 - Rebuilt with Coin4 again which no longer provides a dummy GLX path which causes problems in Wayland. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1779034 - None https://bugzilla.redhat.com/show_bug.cgi?id=1779034 [ 2 ] Bug #1774705 - None https://bugzilla.redhat.com/show_bug.cgi?id=1774705 [ 3 ] Bug #1773366 - None https://bugzilla.redhat.com/show_bug.cgi?id=1773366 [ 4 ] Bug #1775688 - None https://bugzilla.redhat.com/show_bug.cgi?id=1775688 [ 5 ] Bug #1768480 - [abrt] freecad: cc_glglue_instance(): FreeCAD killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1768480 --------------------------------------------------------------------------------
================================================================================ fusioninventory-agent-2.5.2-1.fc30 (FEDORA-2019-8cc2f9f4a0) FusionInventory agent -------------------------------------------------------------------------------- Update Information:
Last upstream release http://fusioninventory.org/2019/12/16/fusioninventory- agent-2.5.2.html -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 17 2019 Johan Cwiklinski <jcwiklinski AT teclib DOT com> - 2.5.2-1 - Last upstream release - Add missing configuration files -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1783984 - fusioninventory-agent-2.5.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1783984 --------------------------------------------------------------------------------
================================================================================ gsequencer-2.4.4-0.fc30 (FEDORA-2019-75b602a034) Audio processing engine -------------------------------------------------------------------------------- Update Information:
updated Source to point to new minor version directory -------------------------------------------------------------------------------- ChangeLog:
--------------------------------------------------------------------------------
================================================================================ htmldoc-1.9.7-1.fc30 (FEDORA-2019-e039dfaa30) Converter from HTML into indexed HTML, PostScript, or PDF -------------------------------------------------------------------------------- Update Information:
Update to latest release and include fix for CVE-2019-19630 -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 17 2019 Rex Dieter rdieter@fedoraproject.org - 1.9.7-1 - 1.9.7 - fix for CVE-2019-19630 (#1783940) * Thu Jul 25 2019 Fedora Release Engineering releng@fedoraproject.org - 1.9.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ ibus-table-1.9.22-1.fc30 (FEDORA-2019-e88cd0dcb3) The Table engine for IBus platform -------------------------------------------------------------------------------- Update Information:
update to 1.9.22; Add Turkish translation from Weblate, 100% translated -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 17 2019 Mike FABIAN mfabian@redhat.com - 1.9.22-1 - update to 1.9.22 - Add Turkish translation from Weblate, 100% translated - Minor translation fixes in some other languages (Punctuation fixes) --------------------------------------------------------------------------------
================================================================================ libseccomp-2.4.2-2.fc30 (FEDORA-2019-e531f61d41) Enhanced seccomp library -------------------------------------------------------------------------------- Update Information:
Update to 2.4.2 to add support `io_uring_*` syscall functions and fix support for `__SNR_ppol`. -------------------------------------------------------------------------------- ChangeLog:
* Mon Dec 16 2019 Neal Gompa ngompa13@gmail.com - 2.4.2-2 - Modernize spec - Backport fix for missing __SNR_ppoll symbol (#1777889) - Refresh patch to build on aarch64 with upstream version * Wed Nov 20 2019 Zbigniew J��drzejewski-Szmek zbyszek@in.waw.pl - 2.4.2-1 - New upstream version (#1765314) * Thu Jul 25 2019 Fedora Release Engineering releng@fedoraproject.org - 2.4.1-1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1777889 - error: ���__SNR_ppoll��� undeclared here https://bugzilla.redhat.com/show_bug.cgi?id=1777889 [ 2 ] Bug #1765314 - libseccomp failing due to lack of io_uring_* syscall definitions https://bugzilla.redhat.com/show_bug.cgi?id=1765314 --------------------------------------------------------------------------------
================================================================================ libsolv-0.7.10-1.fc30 (FEDORA-2019-2c34f36434) Package dependency solver -------------------------------------------------------------------------------- Update Information:
Update to 0.7.10 -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 17 2019 Igor Gnatenko ignatenkobrain@fedoraproject.org - 0.7.10-1 - Update to 0.7.10 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1775376 - libsolv-0.7.10 is available https://bugzilla.redhat.com/show_bug.cgi?id=1775376 --------------------------------------------------------------------------------
================================================================================ php-7.3.13-1.fc30 (FEDORA-2019-437d94e271) PHP scripting language for creating dynamic web sites -------------------------------------------------------------------------------- Update Information:
**PHP version 7.3.13** (19 Dec 2019) **Bcmath:** * Fixed bug php#78878 (Buffer underflow in bc_shift_addsub). (**CVE-2019-11046**). (cmb) **Core:** * Fixed bug php#78862 (link() silently truncates after a null byte on Windows). (**CVE-2019-11044**). (cmb) * Fixed bug php#78863 (DirectoryIterator class silently truncates after a null byte). (**CVE-2019-11045**). (cmb) * Fixed bug php#78943 (mail() may release string with refcount==1 twice). (**CVE-2019-11049**). (cmb) * Fixed bug php#78787 (Segfault with trait overriding inherited private shadow property). (Nikita) * Fixed bug php#78868 (Calling __autoload() with incorrect EG(fake_scope) value). (Antony Dovgal, Dmitry) * Fixed bug php#78296 (is_file fails to detect file). (cmb) **EXIF:** * Fixed bug php#78793 (Use-after-free in exif parsing under memory sanitizer). (**CVE-2019-11050**). (Nikita) * Fixed bug php#78910 (Heap-buffer-overflow READ in exif). (**CVE-2019-11047**). (Nikita) **GD:** * Fixed bug php#78849 (GD build broken with -D SIGNED_COMPARE_SLOW). (cmb) **MBString:** * Upgraded bundled Oniguruma to 6.9.4. (cmb) **OPcache:** * Fixed potential ASLR related invalid opline handler issues. (cmb) * Fixed $x = (bool)$x; with opcache (should emit undeclared variable notice). (Tyson Andre) **PCRE:** * Fixed bug php#78853 (preg_match() may return integer > 1). (cmb) **Standard:** * Fixed bug php#78759 (array_search in $GLOBALS). (Nikita) * Fixed bug php#77638 (var_export'ing certain class instances segfaults). (cmb) * Fixed bug php#78840 (imploding $GLOBALS crashes). (cmb) * Fixed bug php#78833 (Integer overflow in pack causes out-of-bound access). (cmb) * Fixed bug php#78814 (strip_tags allows / in tag name => whitelist bypass). (cmb) -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 17 2019 Remi Collet remi@remirepo.net - 7.3.13-1 - Update to 7.3.13 - http://www.php.net/releases/7_3_13.php --------------------------------------------------------------------------------
================================================================================ prunerepo-1.17-1.fc30 (FEDORA-2019-1bded5f3eb) Remove old packages from rpm-md repository -------------------------------------------------------------------------------- Update Information:
- do not recreate repo if there was no change in data unless --alwayscreaterepo is specified - add builddep on createrepo_c as well - add Builddep on dnf that is no longer present in Builddep chain - optimize createrepo_c - run tests during build - use just --repo instead of --disablerepo= --enablerepo= - Spelling fixes -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 17 2019 clime michal.novotny@comprimato.com 1.17-1 - fix changelog * Mon Dec 16 2019 clime clime@fedoraproject.org 1.16-1 - deprecate --copr - avoid additional newlines in stderr - skip prunerepo if set(latest_rpms) is empty - Use splitlines instead of split for repoquery parsing - Set skip_if_unavailable=False to not loose the data - Always dump stderr of repoquery (not only in error case) - Drop useless double-quote in --queryformat --------------------------------------------------------------------------------
================================================================================ python-google-auth-1.9.0-2.fc30 (FEDORA-2019-f7bc119576) Google Auth Python Library -------------------------------------------------------------------------------- Update Information:
Upadte to upstream 1.9.0 ---- Update to upstream 1.9.0 ---- Update to upstream 1.8.2 -------------------------------------------------------------------------------- ChangeLog:
* Wed Dec 11 2019 Jason Montleon jmontleo@redhat.com - 1:1.9.0-2 - Allow newer cachetools * Wed Dec 11 2019 Jason Montleon jmontleo@redhat.com - 1:1.9.0-1 - Update to 1.9.0 * Wed Dec 11 2019 Fedora Release Monitoring release-monitoring@fedoraproject.org - 1:1.8.2-1 - Update to 1.8.2 (#1779733) --------------------------------------------------------------------------------
================================================================================ python-openshift-0.10.1-3.fc30 (FEDORA-2019-3212ce2354) Python client for the OpenShift API -------------------------------------------------------------------------------- Update Information:
Update to upstream 0.10.1 -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 17 2019 Jason Montleon jmontleo@redhat.com 0.10.1-3 - work around BZ 1759100 * Tue Dec 17 2019 Jason Montleon jmontleo@redhat.com 0.10.1-2 - remove exclude possibly causing problems * Tue Dec 17 2019 Jason Montleon jmontleo@redhat.com 0.10.1-1 - Update to upstream 0.10.1 --------------------------------------------------------------------------------
================================================================================ ravada-0.5.0-1.fc30 (FEDORA-2019-aec8e78183) Remote Virtual Desktops Manager -------------------------------------------------------------------------------- Update Information:
Release 0.5.0 (#1784421) -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 17 2019 Robert-Andr�� Mauchin zebob.m@gmail.com - 0.5.0-1 - Release 0.5.0 (#1784421) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1784421 - None https://bugzilla.redhat.com/show_bug.cgi?id=1784421 --------------------------------------------------------------------------------
================================================================================ skopeo-0.1.40-2.fc30 (FEDORA-2019-c7b3af7794) Inspect Docker images and repositories on registries -------------------------------------------------------------------------------- Update Information:
bump to v0.1.40 -------------------------------------------------------------------------------- ChangeLog:
* Tue Oct 29 2019 RH Container Bot rhcontainerbot@fedoraproject.org - 1:0.1.40-2 - bump to v0.1.40 - autobuilt be6146b * Tue Aug 6 2019 Lokesh Mandvekar (Bot) lsm5+bot@fedoraproject.org - 1:0.1.39-2.git1cf1e06 - bump to v0.1.39 - autobuilt 1cf1e06 * Fri Aug 2 2019 Lokesh Mandvekar (Bot) lsm5+bot@fedoraproject.org - 1:0.1.38-2.git37f616e - bump to v0.1.38 - autobuilt 37f616e --------------------------------------------------------------------------------
================================================================================ xournalpp-1.0.16-7.fc30 (FEDORA-2019-cb6a443378) Handwriting note-taking software with PDF annotation support -------------------------------------------------------------------------------- Update Information:
New packaged application ---- New packaged application ---- New packaged application -------------------------------------------------------------------------------- ChangeLog:
* Mon Dec 16 2019 Luya Tshimbalanga luya@fedoraproject.org - 1.0.16-7 - Remove architecture requirement for plugins and ui * Mon Dec 16 2019 Luya Tshimbalanga luya@fedoraproject.org - 1.0.16-6 - Fix typos * Mon Dec 16 2019 Luya Tshimbalanga luya@fedoraproject.org - 1.0.16-5 - Fix architecture requirement for ui * Wed Dec 11 2019 Luya Tshimbalanga luya@fedoraproject.org - 1.0.16-4 - Review fixes * Wed Dec 11 2019 Luya Tshimbalanga luya@fedoraproject.org - 1.0.16-3 - Add hicolor-icon-theme to requirement - Use desktop file validation - Split xournal data share into subpackages - Review fixes * Sun Nov 17 2019 Luya Tshimbalanga luya@fedoraproject.org 1.0.16-2 - Remove scripts from ui icons directory - Relocate tlh locale directory * Sun Nov 17 2019 Luya Tshimbalanga luya@fedoraproject.org 1.0.16-1 - Release 1.0.16 - Enable cppunit * Sun Nov 10 2019 Luya Tshimbalanga luya@fedoraproject.org 1.0.15-2 - Update spec file based on review - Include appstream data * Sun Nov 10 2019 Luya Tshimbalanga luya@fedoraproject.org 1.0.15-1 - Release 1.0.15 * Tue Aug 13 2019 dfas d.dfas@moens.cc - 1.0.13-2.git7349762 - Release 1.0.13-current * Tue Jun 25 2019 dfas d.dfas@moens.cc - 1.0.13-1.gita7f0275 - Release 1.0.13-current * Fri May 3 2019 Francisco Gonzalez gzmorell@gmail.com - 1.0.10-1 - First attempt at packaging xournalpp. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1771173 - Review Request: xournalpp - Handwriting note-taking software with PDF annotation support https://bugzilla.redhat.com/show_bug.cgi?id=1771173 --------------------------------------------------------------------------------
================================================================================ xrootd-4.11.1-1.fc30 (FEDORA-2019-0e14b1b1be) Extended ROOT file server -------------------------------------------------------------------------------- Update Information:
xrootd 4.11.1 -------------------------------------------------------------------------------- ChangeLog:
* Tue Dec 17 2019 Mattias Ellert mattias.ellert@physics.uu.se - 1:4.11.1-1 - Update to version 4.11.1 --------------------------------------------------------------------------------