The following Fedora 30 Security updates need testing: Age URL 67 https://bodhi.fedoraproject.org/updates/FEDORA-2019-71b2273a9f libarchive-3.3.3-7.fc30 11 https://bodhi.fedoraproject.org/updates/FEDORA-2020-9254bf8b94 nss-3.49.0-1.fc30 11 https://bodhi.fedoraproject.org/updates/FEDORA-2020-d18d24c943 thunderbird-68.4.1-1.fc30 11 https://bodhi.fedoraproject.org/updates/FEDORA-2020-2d9a75fadb xen-4.11.3-3.fc30 8 https://bodhi.fedoraproject.org/updates/FEDORA-2020-01ed02451f e2fsprogs-1.44.6-2.fc30 8 https://bodhi.fedoraproject.org/updates/FEDORA-2020-6c8804daaa mingw-openjpeg2-2.3.1-5.fc30 openjpeg2-2.3.1-4.fc30 5 https://bodhi.fedoraproject.org/updates/FEDORA-2020-2bed89517f ansible-2.9.3-1.fc30 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-c32e4b271c glibc-2.29-28.fc30 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-f9d2203f3b php-7.3.14-1.fc30 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-ebbf986d01 java-latest-openjdk-13.0.2.8-1.rolling.fc30 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-cc26574961 chromium-79.0.3945.130-1.fc30 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-f92cd0e72b samba-4.10.13-0.fc30
The following Fedora 30 Critical Path updates have yet to be approved: Age URL 199 https://bodhi.fedoraproject.org/updates/FEDORA-2019-c05e4425d1 dash-0.5.10.2-3.fc30 67 https://bodhi.fedoraproject.org/updates/FEDORA-2019-71b2273a9f libarchive-3.3.3-7.fc30 12 https://bodhi.fedoraproject.org/updates/FEDORA-2020-211f579cec ethtool-5.4-1.fc30 12 https://bodhi.fedoraproject.org/updates/FEDORA-2020-dc900549bd appstream-data-30-11.fc30 11 https://bodhi.fedoraproject.org/updates/FEDORA-2020-2d9a75fadb xen-4.11.3-3.fc30 11 https://bodhi.fedoraproject.org/updates/FEDORA-2020-d18d24c943 thunderbird-68.4.1-1.fc30 11 https://bodhi.fedoraproject.org/updates/FEDORA-2020-e3adf88ba7 grub2-2.02-88.fc30 11 https://bodhi.fedoraproject.org/updates/FEDORA-2020-1bf28d7626 pcre2-10.34-4.fc30 11 https://bodhi.fedoraproject.org/updates/FEDORA-2020-9254bf8b94 nss-3.49.0-1.fc30 11 https://bodhi.fedoraproject.org/updates/FEDORA-2020-067347e8f7 tigervnc-1.10.1-2.fc30 11 https://bodhi.fedoraproject.org/updates/FEDORA-2020-384545235e selinux-policy-3.14.3-55.fc30 9 https://bodhi.fedoraproject.org/updates/FEDORA-2020-66c974fdb6 dnf-4.2.18-1.fc30 dnf-plugins-core-4.0.13-1.fc30 libdnf-0.43.1-1.fc30 microdnf-3.4.0-1.fc30 8 https://bodhi.fedoraproject.org/updates/FEDORA-2020-6c8804daaa mingw-openjpeg2-2.3.1-5.fc30 openjpeg2-2.3.1-4.fc30 8 https://bodhi.fedoraproject.org/updates/FEDORA-2020-01ed02451f e2fsprogs-1.44.6-2.fc30 5 https://bodhi.fedoraproject.org/updates/FEDORA-2020-aa758fe515 koji-1.20.0-1.fc30 5 https://bodhi.fedoraproject.org/updates/FEDORA-2020-d4917dcba7 perl-Exporter-5.74-1.fc30 5 https://bodhi.fedoraproject.org/updates/FEDORA-2020-eb5b2d1a60 kdelibs-4.14.38-17.fc30 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-c32e4b271c glibc-2.29-28.fc30 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-0daadbc33f kernel-5.4.14-100.fc30 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-f92cd0e72b samba-4.10.13-0.fc30 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-edcabc0f4a ca-certificates-2020.2.40-1.0.fc30 p11-kit-0.23.19-1.fc30 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-ad4c8eba34 libsolv-0.7.11-1.fc30 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-8c1474367d firefox-72.0.2-1.fc30 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-86054a311f linux-firmware-20200122-105.fc30 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-e9b85978d4 qt5-qtbase-5.12.5-2.fc30 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-2c2c47b04e highlight-3.54-1.fc30
The following builds have been pushed to Fedora 30 updates-testing
aime-8.20200125-1.fc30 aiodnsbrute-0.3.2-2.fc30 argparse-manpage-1.4-1.fc30 bubblemail-0.4-1.fc30 cjdns-20.5-1.fc30 clamav-unofficial-sigs-7.0-1.fc30 converseen-0.9.8.0-1.fc30 dgit-9.9-1.fc30 duply-2.2.1-1.fc30 ibus-typing-booster-2.7.7-1.fc30 isomaster-1.3.14-1.fc30 mopidy-3.0.1-1.fc30 nagios-plugins-check-updates-1.7.8-2.fc30 pbzip2-1.1.13-1.fc30 python-AWSIoTPythonSDK-1.4.8-2.fc30 python-check-manifest-0.40-2.fc30 python-django-configurations-2.2-2.fc30 python-ipgetter2-1.1.9-1.fc30 python-msldap-0.2.5-2.fc30 python-regex-2020.1.8-1.fc30 rapid-photo-downloader-0.9.17-1.fc30 upx-3.96-1.fc30 xar-1.8.0.417.1-1.fc30
Details about builds:
================================================================================ aime-8.20200125-1.fc30 (FEDORA-2020-8e553eeb89) An application embeddable programming language interpreter -------------------------------------------------------------------------------- Update Information:
- Updated to 8.20200125 fixes rhbz#1749471 -------------------------------------------------------------------------------- ChangeLog:
* Sat Jan 25 2020 Filipe Rosset rosset.filipe@gmail.com - 8.20200125-1 - Updated to 8.20200125 fixes rhbz#1749471 * Thu Aug 22 2019 Filipe Rosset rosset.filipe@gmail.com - 8.20190821-1 - Updated to 8.20190821 fixes rhbz#1744389 * Wed Jul 24 2019 Fedora Release Engineering releng@fedoraproject.org - 8.20190626-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1749471 - aime-8.20200125 is available https://bugzilla.redhat.com/show_bug.cgi?id=1749471 --------------------------------------------------------------------------------
================================================================================ aiodnsbrute-0.3.2-2.fc30 (FEDORA-2020-6af5c68565) DNS asynchronous brute force utility -------------------------------------------------------------------------------- Update Information:
Fix requirement (rhbz#1762675) -------------------------------------------------------------------------------- ChangeLog:
* Sat Jan 25 2020 Fabian Affolter mail@fabian-affolter.ch - 0.3.2-2 - Fix requirement (rhbz#1762675) * Thu Oct 17 2019 Fabian Affolter mail@fabian-affolter.ch - 0.3.2-1 - Initial package for Fedora -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1762675 - Review Request: aiodnsbrute - DNS asynchronous brute force utility https://bugzilla.redhat.com/show_bug.cgi?id=1762675 --------------------------------------------------------------------------------
================================================================================ argparse-manpage-1.4-1.fc30 (FEDORA-2020-145c04a75a) Build manual page from Python ArgumentParser object -------------------------------------------------------------------------------- Update Information:
new release to fix testsuite against Python 3.9 -------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 24 2020 Pavel Raiskup praiskup@redhat.com - 1.4-1 - new release to fix testsuite against Python 3.9 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1791757 - argparse-manpage fails to build with Python 3.9 https://bugzilla.redhat.com/show_bug.cgi?id=1791757 --------------------------------------------------------------------------------
================================================================================ bubblemail-0.4-1.fc30 (FEDORA-2020-0dd9601f4a) Extensible mail notification service -------------------------------------------------------------------------------- Update Information:
Initial packaging -------------------------------------------------------------------------------- ChangeLog:
* Sat Jan 25 2020 Robert-Andr�� Mauchin zebob.m@gmail.com - 0.4-1 - Initial packaging -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1794882 - Review Request: bubblemail - Extensible mail notification serviceExtensible mail notification service https://bugzilla.redhat.com/show_bug.cgi?id=1794882 --------------------------------------------------------------------------------
================================================================================ cjdns-20.5-1.fc30 (FEDORA-2020-dfbe78872c) The privacy-friendly network without borders -------------------------------------------------------------------------------- Update Information:
New upstream release. -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 22 2020 Stuart Gathman stuart@gathman.org - 20.5-1 - New upstream release * Wed Oct 2 2019 Stuart Gathman stuart@gathman.org - 20.4-2 - Add python3 support for python API -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1793848 - cjdns-20.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1793848 [ 2 ] Bug #1793614 - cjdns fails to build with gcc: multiple definition of `Sockaddr_LOOPBACK_le' and other symbols https://bugzilla.redhat.com/show_bug.cgi?id=1793614 --------------------------------------------------------------------------------
================================================================================ clamav-unofficial-sigs-7.0-1.fc30 (FEDORA-2020-1b1ddf045c) Scripts to download unofficial clamav signatures -------------------------------------------------------------------------------- Update Information:
Update to upstream, fix version warnings (bz#1794506) -------------------------------------------------------------------------------- ChangeLog:
* Sat Jan 25 2020 J��n ONDREJ (SAL) <ondrejj(at)salstar.sk> - 7.0-1 - Update to upstream, fix version warnings (bz#1794506) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1794506 - New version : v6.3.0 https://bugzilla.redhat.com/show_bug.cgi?id=1794506 --------------------------------------------------------------------------------
================================================================================ converseen-0.9.8.0-1.fc30 (FEDORA-2020-cf2006b283) A batch image conversion tool written in C++ with Qt5 and Magick++ -------------------------------------------------------------------------------- Update Information:
- Update to 0.9.8.0 fixes rhbz#1768272 -------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 24 2020 Filipe Rosset rosset.filipe@gmail.com - 0.9.8.0-1 - Update to 0.9.8.0 fixes rhbz#1768272 * Wed Jul 24 2019 Fedora Release Engineering releng@fedoraproject.org - 0.9.7.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1768272 - converseen-0.9.8.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1768272 --------------------------------------------------------------------------------
================================================================================ dgit-9.9-1.fc30 (FEDORA-2020-b9632b6902) Integration between git and Debian-style archives -------------------------------------------------------------------------------- Update Information:
- Update to 9.9 fixes rhbz#1749966 -------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 24 2020 Filipe Rosset rosset.filipe@gmail.com - 9.9-1 - Update to 9.9 fixes rhbz#1749966 * Sun Aug 18 2019 Filipe Rosset rosset.filipe@gmail.com - 9.7-1 - Update to 9.7 fixes rhbz#1742662 * Mon Aug 5 2019 Filipe Rosset rosset.filipe@gmail.com - 9.6-1 - Update to 9.6 * Wed Jul 24 2019 Fedora Release Engineering releng@fedoraproject.org - 9.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Wed Jul 10 2019 Filipe Rosset rosset.filipe@gmail.com - 9.2-1 - new upstream version 9.2, fixes rhbz #1727619 * Tue Jul 9 2019 Filipe Rosset rosset.filipe@gmail.com - 9.1-1 - new upstream version 9.1, fixes rhbz #1727619 * Tue Jul 2 2019 Filipe Rosset rosset.filipe@gmail.com - 9.0-1 - new upstream version 9.0, fixes rhbz #1726367 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1749966 - dgit-9.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1749966 --------------------------------------------------------------------------------
================================================================================ duply-2.2.1-1.fc30 (FEDORA-2020-f0d581d281) Wrapper for duplicity -------------------------------------------------------------------------------- Update Information:
#### 2.2.1 (22.01.2020) #### - featreq 46: Example systemd units & Howto, courtesy of Jozef Riha - featreq 47: Clarify message about keeping the profile, also by Jozef Riha - fix abbreviation spelling of 'e.g.' -------------------------------------------------------------------------------- ChangeLog:
* Sat Jan 25 2020 Thomas Moschny thomas.moschny@gmx.de - 2.2.1-1 - Update to 2.2.1. * Wed Jul 24 2019 Fedora Release Engineering releng@fedoraproject.org - 2.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ ibus-typing-booster-2.7.7-1.fc30 (FEDORA-2020-cf1f1ad13c) A completion input method -------------------------------------------------------------------------------- Update Information:
Update to 2.7.7; Translation updates; si-wijesekera default for si_LK; Fix setting of button label for google application credentials -------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 24 2020 Mike FABIAN mfabian@redhat.com - 2.7.7-1 - Update to 2.7.7 - Translation updates from Weblate for es, de, pl, he, fr, uk, tr, nl - Generate README.html and README from README.md - A thorough upgrade to README.md Resolves: https://github.com/mike-fabian/ibus-typing-booster/pull/74 - Set button label of google application credentials button correctly Resolves: rhbz#1793460 - Make si-wijesekera the default input method for si_LK.UTF-8 locale - Add another test case for libvoikko spellchecking together with en_GB spellchecking -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1793460 - [abrt] ibus-typing-booster: set_google_application_credentials(): main.py:3549:set_google_application_credentials:AttributeError: 'SetupUI' object has no attribute '_google_application_credentials_entry' https://bugzilla.redhat.com/show_bug.cgi?id=1793460 --------------------------------------------------------------------------------
================================================================================ isomaster-1.3.14-1.fc30 (FEDORA-2020-03c18ebc6d) An easy to use GUI CD image editor -------------------------------------------------------------------------------- Update Information:
- Upgraded to isomaster 1.3.14 - Migrated to system-provided iniparser 4.1 -------------------------------------------------------------------------------- ChangeLog:
* Sat Jan 25 2020 Marcin Zajaczkowski <mszpak ATT wp DOTT pl> - 1.3.14-1 - Updated to 1.3.14 - Switched system iniparser 4.1 (instead of bundled version) * Thu Jul 25 2019 Fedora Release Engineering releng@fedoraproject.org - 1.3.13-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1561479 - isomaster-1.3.14 is available https://bugzilla.redhat.com/show_bug.cgi?id=1561479 --------------------------------------------------------------------------------
================================================================================ mopidy-3.0.1-1.fc30 (FEDORA-2020-8ab901eccf) An extensible music server written in Python -------------------------------------------------------------------------------- Update Information:
Initial RPM Release -------------------------------------------------------------------------------- ChangeLog:
* Fri Dec 27 2019 Tobias Girstmair t-rpmfusion@girst.at - 3.0.1-1 - Initial RPM Release --------------------------------------------------------------------------------
================================================================================ nagios-plugins-check-updates-1.7.8-2.fc30 (FEDORA-2020-9357c7fd37) A Nagios plugin to check if Red Hat or Fedora system is up-to-date -------------------------------------------------------------------------------- Update Information:
New upstream version -------------------------------------------------------------------------------- ChangeLog:
* Thu Jan 23 2020 Piotr Popieluch piotr1212@gmail.com - 1.7.8-2 - Remove bundled libraries * Sat Jan 18 2020 Piotr Popieluch piotr1212@gmail.com - 1.7.8-1 - Update to 1.7.8 - Add version to Obsoletes: * Mon Dec 2 2019 Martin Jackson mhjacks@swbell.net - 1.6.23-4 - Conditionalize yum Requires * Thu Jul 25 2019 Fedora Release Engineering releng@fedoraproject.org - 1.6.23-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ pbzip2-1.1.13-1.fc30 (FEDORA-2020-01a57c515a) Parallel implementation of bzip2 -------------------------------------------------------------------------------- Update Information:
- update to 1.1.13 + spec cleanup and modernization fixes rhbz#1297158 -------------------------------------------------------------------------------- ChangeLog:
* Sat Jan 25 2020 Filipe Rosset rosset.filipe@gmail.com - 1.1.13-1 - update to 1.1.13 + spec cleanup and modernization fixes rhbz#1297158 * Fri Jul 26 2019 Fedora Release Engineering releng@fedoraproject.org - 1.1.12-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1749936 - build of pbzip2 for EPEL 8 https://bugzilla.redhat.com/show_bug.cgi?id=1749936 [ 2 ] Bug #1297158 - pbzip2-1.1.13 is available https://bugzilla.redhat.com/show_bug.cgi?id=1297158 --------------------------------------------------------------------------------
================================================================================ python-AWSIoTPythonSDK-1.4.8-2.fc30 (FEDORA-2020-efae90dbd6) SDK for connecting to AWS IoT using Python -------------------------------------------------------------------------------- Update Information:
Update license details -------------------------------------------------------------------------------- ChangeLog:
* Sat Jan 25 2020 Fabian Affolter mail@fabian-affolter.ch - 1.4.8-2 - Update license details * Fri Jan 10 2020 Fabian Affolter mail@fabian-affolter.ch - 1.4.8-1 - Fix prep section - Fix source URL (rhbz#1787304) - Update to latest upstream release 1.4.8 * Thu Jan 2 2020 Fabian Affolter mail@fabian-affolter.ch - 1.4.7-1 - Initial package for Fedora -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1787304 - Review Request: python-AWSIoTPythonSDK - SDK for connecting to AWS IoT using Python https://bugzilla.redhat.com/show_bug.cgi?id=1787304 --------------------------------------------------------------------------------
================================================================================ python-check-manifest-0.40-2.fc30 (FEDORA-2020-9b691385c5) Check MANIFEST.in in a Python source package -------------------------------------------------------------------------------- Update Information:
Adjust BR (rhbz#1790080) -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 21 2020 Fabian Affolter mail@fabian-affolter.ch - 0.40-2 - Adjust BR (rhbz#1790080) * Wed Jan 8 2020 Fabian Affolter mail@fabian-affolter.ch - 0.40-1 - Initial package for Fedora -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1790080 - Review Request: python-check-manifest - Check MANIFEST.in in a Python source package https://bugzilla.redhat.com/show_bug.cgi?id=1790080 --------------------------------------------------------------------------------
================================================================================ python-django-configurations-2.2-2.fc30 (FEDORA-2020-0dc439250e) A helper for organizing Django settings -------------------------------------------------------------------------------- Update Information:
Use var for source URL -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 7 2020 Fabian Affolter mail@fabian-affolter.ch - 2.2-2 - Use var for source URL - Better use of wildcards (rhbz#1786875) * Sat Dec 28 2019 Fabian Affolter mail@fabian-affolter.ch - 2.2-1 - Initial package for Fedora -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1786875 - Review Request: python-django-configurations - A helper for organizing Django settings https://bugzilla.redhat.com/show_bug.cgi?id=1786875 --------------------------------------------------------------------------------
================================================================================ python-ipgetter2-1.1.9-1.fc30 (FEDORA-2020-c030e7bbd4) Python library to fetch your external IP address -------------------------------------------------------------------------------- Update Information:
Initial package for Fedora -------------------------------------------------------------------------------- ChangeLog:
* Sat Jan 11 2020 Fabian Affolter mail@fabian-affolter.ch - 1.1.9-1 - Initial package for Fedora -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1790062 - Review Request: python-ipgetter2 - Python library to fetch your external IP address https://bugzilla.redhat.com/show_bug.cgi?id=1790062 --------------------------------------------------------------------------------
================================================================================ python-msldap-0.2.5-2.fc30 (FEDORA-2020-95b6394057) Python library to play with MS LDAP -------------------------------------------------------------------------------- Update Information:
Fix requirement (rhbz#1790355) -------------------------------------------------------------------------------- ChangeLog:
* Thu Jan 23 2020 Fabian Affolter mail@fabian-affolter.ch - 0.2.5-2 - Fix requirement (rhbz#1790355) * Sun Jan 12 2020 Fabian Affolter mail@fabian-affolter.ch - 0.2.5-1 - Initial package -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1790355 - Review Request: python-msldap - Python library to play with MS LDAP https://bugzilla.redhat.com/show_bug.cgi?id=1790355 --------------------------------------------------------------------------------
================================================================================ python-regex-2020.1.8-1.fc30 (FEDORA-2020-9ec342805d) Alternative regular expression module, to replace re -------------------------------------------------------------------------------- Update Information:
Update regex to the latest released version. -------------------------------------------------------------------------------- ChangeLog:
* Sat Jan 25 2020 Thomas Moschny thomas.moschny@gmx.de - 2020.1.8-1 - Update to 2020.1.8. --------------------------------------------------------------------------------
================================================================================ rapid-photo-downloader-0.9.17-1.fc30 (FEDORA-2020-8098964f95) Images downloader for external devices -------------------------------------------------------------------------------- Update Information:
Update to latest upstream version 0.9.17 (rhbz#1753707) -------------------------------------------------------------------------------- ChangeLog:
* Sat Oct 12 2019 Matthew Kunkel matt@mattkunkel.com - 0.9.17-1 - Update to latest upstream version 0.9.17 (rhbz#1753707) - Fixed missing dependencies (rhbz#1753704) - Fixed License - Fixed Icon and Translations * Thu Oct 3 2019 Miro Hron��ok mhroncok@redhat.com - 0.9.14-4 - Rebuilt for Python 3.8.0rc1 (#1748018) * Mon Aug 19 2019 Miro Hron��ok mhroncok@redhat.com - 0.9.14-3 - Rebuilt for Python 3.8 * Fri Jul 26 2019 Fedora Release Engineering releng@fedoraproject.org - 0.9.14-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1753707 - rapid-photo-downloader 0.9.17 is available https://bugzilla.redhat.com/show_bug.cgi?id=1753707 [ 2 ] Bug #1753704 - Missing dependency on perl-Image-ExifTool https://bugzilla.redhat.com/show_bug.cgi?id=1753704 --------------------------------------------------------------------------------
================================================================================ upx-3.96-1.fc30 (FEDORA-2020-20cf0743f5) Ultimate Packer for eXecutables -------------------------------------------------------------------------------- Update Information:
3.96, multiple security fixes. ---- Patch for CVE-2019-20021 -------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 24 2020 Gwyn Ciesla gwync@protonmail.com - 3.96-1 - 3.96 * Fri Jan 17 2020 Gwyn Ciesla gwync@protonmail.com - 3.95-5 - Upstream patch for CVE-2019-20021 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1792327 - CVE-2019-20021 upx: heap-based buffer overflow in canUnpack in p_mach.cpp [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1792327 [ 2 ] Bug #1581264 - CVE-2018-11243 upx: Double-free in PackLinuxElf64::unpack in p_lx_elf.cpp allows denial of service [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1581264 [ 3 ] Bug #1794720 - CVE-2019-20051 upx: floating point exception in PackLinuxElf::elf_hash in p_lx_elf.cpp [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1794720 [ 4 ] Bug #1794722 - CVE-2019-20051 upx: floating point exception in PackLinuxElf::elf_hash in p_lx_elf.cpp [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=1794722 [ 5 ] Bug #1794721 - CVE-2019-20051 upx: floating point exception in PackLinuxElf::elf_hash in p_lx_elf.cpp [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1794721 [ 6 ] Bug #1792328 - CVE-2019-20021 upx: heap-based buffer overflow in canUnpack in p_mach.cpp [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1792328 [ 7 ] Bug #1581263 - CVE-2018-11243 upx: Double-free in PackLinuxElf64::unpack in p_lx_elf.cpp allows denial of service [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1581263 [ 8 ] Bug #1792329 - CVE-2019-20021 upx: heap-based buffer overflow in canUnpack in p_mach.cpp [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=1792329 --------------------------------------------------------------------------------
================================================================================ xar-1.8.0.417.1-1.fc30 (FEDORA-2020-bbd24dd0cf) The eXtensible ARchiver -------------------------------------------------------------------------------- Update Information:
- Use Apple upstream instead of non-fresh Github one - New upstream in 1.8 dev branch with 417.1 subversion - Close CVE-2018-17093 - Close CVE-2018-17094 - Close CVE-2017-11124 - Close CVE-2017-11125 - Close CVE-2010-3798 - Use license macro - Add OpenSSL To Configuration -------------------------------------------------------------------------------- ChangeLog:
* Sat Jan 25 2020 Mosaab Alzoubi <moceap[AT]hotmail[DOT]com> - 1.8.0.417.1-1 - Use Apple upstream instead of non-fresh Github one - New upstream in 1.8 dev branch with 417.1 subversion - Close CVE-2018-17093 - Close CVE-2018-17094 - Close CVE-2017-11124 - Close CVE-2017-11125 - Close CVE-2010-3798 - Use license macro - Add OpenSSL To Configuration -------------------------------------------------------------------------------- References:
[ 1 ] Bug #654486 - CVE-2010-3798 xar: arbitrary code execution via crafted xar archive [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=654486 [ 2 ] Bug #1470073 - CVE-2017-11124 CVE-2017-11125 xar: Multiple vulnerabilities [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1470073 [ 3 ] Bug #1629651 - CVE-2018-17093 CVE-2018-17094 xar: Two NULL pointer dereference issues [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1629651 --------------------------------------------------------------------------------