The following Fedora 31 Security updates need testing: Age URL 8 https://bodhi.fedoraproject.org/updates/FEDORA-2020-81b9c6cddc ceph-14.2.9-1.fc31 6 https://bodhi.fedoraproject.org/updates/FEDORA-2020-d7b29838f6 openssl-1.1.1g-1.fc31 6 https://bodhi.fedoraproject.org/updates/FEDORA-2020-26df92331a rubygem-json-2.2.0-202.fc31 6 https://bodhi.fedoraproject.org/updates/FEDORA-2020-86c77554e9 chromium-81.0.4044.122-1.fc31 5 https://bodhi.fedoraproject.org/updates/FEDORA-2020-7f34d2cfd8 webkit2gtk3-2.28.2-1.fc31 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-36298e20f7 java-latest-openjdk-14.0.1.7-2.rolling.fc31 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-372eeb28f3 java-11-openjdk-11.0.7.10-0.fc31 2 https://bodhi.fedoraproject.org/updates/FEDORA-2020-9cf0b1c8f1 libldb-2.0.10-1.fc31 samba-4.11.8-0.fc31 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-d14280a6e8 mingw-gnutls-3.6.13-1.fc31 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-b453269c4e kernel-5.6.8-200.fc31
The following Fedora 31 Critical Path updates have yet to be approved: Age URL 35 https://bodhi.fedoraproject.org/updates/FEDORA-2020-99ad68918d osinfo-db-20200325-1.fc31 28 https://bodhi.fedoraproject.org/updates/FEDORA-2020-d1092ecf15 man-pages-de-1.22-9.fc31 perl-Compress-Raw-Lzma-2.087-2.fc31 xz-5.2.5-1.fc31 15 https://bodhi.fedoraproject.org/updates/FEDORA-2020-5603c3bae4 nfs-utils-2.4.3-1.rc2.fc31 13 https://bodhi.fedoraproject.org/updates/FEDORA-2020-f265f98566 ostree-2020.3-3.fc31 11 https://bodhi.fedoraproject.org/updates/FEDORA-2020-14a2333cb9 tigervnc-1.10.1-5.fc31 8 https://bodhi.fedoraproject.org/updates/FEDORA-2020-81b9c6cddc ceph-14.2.9-1.fc31 8 https://bodhi.fedoraproject.org/updates/FEDORA-2020-967dc60afd python2-2.7.18-1.fc31 python2-docs-2.7.18-1.fc31 8 https://bodhi.fedoraproject.org/updates/FEDORA-2020-4a34b5a10b linux-firmware-20200421-107.fc31 8 https://bodhi.fedoraproject.org/updates/FEDORA-2020-51b4a870cf libsolv-0.7.12-1.fc31 6 https://bodhi.fedoraproject.org/updates/FEDORA-2020-8386117468 pyproject-rpm-macros-0-14.fc31 python-pip-19.1.1-8.fc31 6 https://bodhi.fedoraproject.org/updates/FEDORA-2020-ee0bd69573 cairo-1.16.0-7.fc31 6 https://bodhi.fedoraproject.org/updates/FEDORA-2020-b1c7f64b0b coreutils-8.31-10.fc31 findutils-4.6.0-25.fc31 6 https://bodhi.fedoraproject.org/updates/FEDORA-2020-d7b29838f6 openssl-1.1.1g-1.fc31 3 https://bodhi.fedoraproject.org/updates/FEDORA-2020-66004c60af corosync-3.0.4-1.fc31 2 https://bodhi.fedoraproject.org/updates/FEDORA-2020-9cf0b1c8f1 libldb-2.0.10-1.fc31 samba-4.11.8-0.fc31 1 https://bodhi.fedoraproject.org/updates/FEDORA-2020-b453269c4e kernel-5.6.8-200.fc31
The following builds have been pushed to Fedora 31 updates-testing
ansible-freeipa-0.1.10-1.fc31 bashtop-0.8.17-1.fc31 calendar-1.37-1.20200430cvs.fc31 console-login-helper-messages-0.18.1-1.fc31 crawl-0.24.1-2.fc31 cros-guest-tools-1.0-0.31.20200427git6968d7b.fc31 elementary-planner-2.3.5-1.fc31 elfutils-0.179-2.fc31 fedora-business-cards-2.2.1-1.fc31 gnupg2-2.2.20-2.fc31 gpgme-1.13.1-7.fc31 granite-5.4.0-1.fc31 koji-1.21.0-2.fc31 libslirp-4.1.0-2.fc31 lua-luv-1.36.0.0-0.fc31 mutter-3.34.6-1.fc31 nodejs-12.16.3-1.fc31 nordugrid-arc-6.6.0-1.fc31 nrpe-4.0.3-1.fc31 ocrmypdf-9.8.0-1.fc31 openqa-4.6-49.20200429git46234f9.fc31 openscap-1.3.3-1.fc31 os-autoinst-4.6-12.20200430git85fa4f1.fc31 perl-Minion-10.04-1.fc31 perl-YAML-PP-0.021-1.fc31 php-sebastian-code-unit-1.0.2-1.fc31 phpunit9-9.1.4-1.fc31 pungi-4.2.2-1.fc31 python-google-auth-1.14.1-1.fc31 python-kubernetes-11.0.0-2.fc31 python-mercantile-1.1.4-1.fc31 python-openshift-0.11.0-3.fc31 python-pymediainfo-4.2.1-1.fc31 roundcubemail-1.4.4-1.fc31 rstudio-1.2.5042-1.fc31 tinygo-0.13.1-1.fc31 wordpress-5.4.1-1.fc31
Details about builds:
================================================================================ ansible-freeipa-0.1.10-1.fc31 (FEDORA-2020-c9d2147243) Roles and playbooks to deploy FreeIPA servers, replicas and clients -------------------------------------------------------------------------------- Update Information:
- Update to version 0.1.10 with fixes and additional modules https://github.com/freeipa/ansible-freeipa/releases/tag/v0.1.10 -------------------------------------------------------------------------------- ChangeLog:
* Mon Apr 27 2020 Thomas Woerner twoerner@redhat.com - 0.1.10-1 - Update to version 0.1.10 with fixes and additional modules https://github.com/freeipa/ansible-freeipa/releases/tag/v0.1.10 --------------------------------------------------------------------------------
================================================================================ bashtop-0.8.17-1.fc31 (FEDORA-2020-d82d4b5325) Linux resource monitor -------------------------------------------------------------------------------- Update Information:
Update to 0.8.17 ---- Initial package -------------------------------------------------------------------------------- ChangeLog:
-------------------------------------------------------------------------------- References:
[ 1 ] Bug #1828813 - Review Request: bashtop - Resource monitor written in bash that shows usage and stats for processor, memory, disks, network and processes https://bugzilla.redhat.com/show_bug.cgi?id=1828813 [ 2 ] Bug #1829710 - bashtop-0.8.17 is available https://bugzilla.redhat.com/show_bug.cgi?id=1829710 --------------------------------------------------------------------------------
================================================================================ calendar-1.37-1.20200430cvs.fc31 (FEDORA-2020-cd9d3b3f07) Reminder utility -------------------------------------------------------------------------------- Update Information:
Upgrade to calendar(1) from OpenBSD 6.6 -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 30 2020 David Cantrell dcantrell@redhat.com - 1.37-1.20200430cvs - Upgrade to calendar(1) from OpenBSD 6.6 - Include missing calendar data files (#1809218) * Tue Jan 28 2020 Fedora Release Engineering releng@fedoraproject.org - 1.37-2.20190827cvs - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Tue Aug 27 2019 David Cantrell dcantrell@redhat.com - 1.37-1.20190827cvs - Upgrade to calendar(1) from OpenBSD 6.5 - Correct translation filenames in Makefile.linux -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1809218 - French, Croatian and Russian files are missing https://bugzilla.redhat.com/show_bug.cgi?id=1809218 --------------------------------------------------------------------------------
================================================================================ console-login-helper-messages-0.18.1-1.fc31 (FEDORA-2020-0e86148796) Combines motd, issue, profile features to show system information to the user before/on login -------------------------------------------------------------------------------- Update Information:
Update to 0.18.1 - upstream changes noted: https://github.com/coreos/console- login-helper-messages/releases/tag/v0.18.1 ---- Update to upstream source 0.18, with changes described: https://github.com/coreos/console-login-helper- messages/releases/tag/v0.18 -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 30 2020 Robert Fairley rfairley@redhat.com - 0.18.1-1 - Update to 0.18.1 * Tue Apr 28 2020 Robert Fairley rfairley@redhat.com - 0.18-1 - Update to 0.18 - Change github_owner to coreos --------------------------------------------------------------------------------
================================================================================ crawl-0.24.1-2.fc31 (FEDORA-2020-de88782eaa) Roguelike dungeon exploration game -------------------------------------------------------------------------------- Update Information:
- Release 0.24.1 -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 30 2020 Antonio Trande sagitter@fedoraproject.org - 0.24.1-2 - Tested with lua-5.3 (incompatible) * Wed Apr 22 2020 Antonio Trande sagitter@fedoraproject.org - 0.24.1-1 - Release 0.24.1 * Sun Apr 19 2020 Antonio Trande sagitter@fedoraproject.org - 0.24.0-3 - Fix rhbz#1825629 * Tue Jan 28 2020 Fedora Release Engineering releng@fedoraproject.org - 0.24.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1829270 - CVE-2020-11722 crawl: a remote attacker may execute arbitrary code via Lua bytecode [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1829270 --------------------------------------------------------------------------------
================================================================================ cros-guest-tools-1.0-0.31.20200427git6968d7b.fc31 (FEDORA-2020-2cff072f57) Chromium OS integration meta package -------------------------------------------------------------------------------- Update Information:
Update to latest master commit. -------------------------------------------------------------------------------- ChangeLog:
* Mon Apr 27 2020 Jason Montleon jmontleo@redhat.com - 1.0-0.31.20200427git6968d7b - Update to master 6968d7b --------------------------------------------------------------------------------
================================================================================ elementary-planner-2.3.5-1.fc31 (FEDORA-2020-a622460e2c) Task manager with Todoist support designed for GNU/Linux -------------------------------------------------------------------------------- Update Information:
Update to latest version ---- Update to latest version -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 30 2020 Artem Polishchuk ego.cordatus@gmail.com - 2.3.5-1 - Update 2.3.5 * Thu Apr 30 2020 Artem Polishchuk ego.cordatus@gmail.com - 2.3.4-1 - Update 2.3.4 * Tue Apr 21 2020 Artem Polishchuk ego.cordatus@gmail.com - 2.3.3-1 - Update 2.3.3 * Sun Apr 19 2020 Artem Polishchuk ego.cordatus@gmail.com - 2.3.2-1 - Update 2.3.2 --------------------------------------------------------------------------------
================================================================================ elfutils-0.179-2.fc31 (FEDORA-2020-c867628939) A collection of utilities and DSOs to handle ELF files and DWARF data -------------------------------------------------------------------------------- Update Information:
Fix fetching of debug alt file when using debuginfod client. -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 30 2020 Mark Wielaard mjw@fedoraproject.org - 0.179-2 - Add elfutils-0.179-debug-client-alt-link.patch --------------------------------------------------------------------------------
================================================================================ fedora-business-cards-2.2.1-1.fc31 (FEDORA-2020-a2158cae7e) The Fedora business card generator -------------------------------------------------------------------------------- Update Information:
Bugfix for Inkscape CLI usage ---- New layouts and now works with inkscape 1.0's CLI -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 30 2020 Brian Exelbierd bexelbie@redhat.com - 2.1.1-1 - Bugfix for Inkscape CLI usage * Wed Apr 29 2020 Brian Exelbierd bexelbie@redhat.com - 2.2-1 - Works with inkscape 1.0's CLI * Tue Jan 28 2020 Fedora Release Engineering releng@fedoraproject.org - 2.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Thu Sep 26 2019 Brian Exelbierd bexelbie@redhat.com - 2.1-1 - New Business Card Designs --------------------------------------------------------------------------------
================================================================================ gnupg2-2.2.20-2.fc31 (FEDORA-2020-a3361156cd) Utility for secure communication and data storage -------------------------------------------------------------------------------- Update Information:
Update to the current upstream version 2.2.20. -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 30 2020 Tom���� Mr��z tmraz@redhat.com - 2.2.20-2 - move systemd user units to _userunitdir (no activation by default) * Tue Apr 14 2020 Tom���� Mr��z tmraz@redhat.com - 2.2.20-1 - upgrade to 2.2.20 * Wed Jan 29 2020 Tom���� Mr��z tmraz@redhat.com - 2.2.19-1 - upgrade to 2.2.19 * Tue Jan 28 2020 Fedora Release Engineering releng@fedoraproject.org - 2.2.18-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Sat Jan 4 2020 Marcel H��rry mh+fedora@scrit.ch - 2.2.18-3 - Add patches to be able to deal with keys without uids (#1787708) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1542353 - please install the systemd units shipped in doc/examples https://bugzilla.redhat.com/show_bug.cgi?id=1542353 [ 2 ] Bug #1782289 - gnupg2-2.2.20 is available https://bugzilla.redhat.com/show_bug.cgi?id=1782289 [ 3 ] Bug #1787708 - Accept keys without uid if key is already present https://bugzilla.redhat.com/show_bug.cgi?id=1787708 --------------------------------------------------------------------------------
================================================================================ gpgme-1.13.1-7.fc31 (FEDORA-2020-b0063c2197) GnuPG Made Easy - high level crypto API -------------------------------------------------------------------------------- Update Information:
Update to accommodate minor changes in recent gnupg versions (2.2.19 and above). -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 30 2020 Tom���� Mr��z tmraz@redhat.com - 1.13.1-7 - Fix FTBFS with gnupg-2.2.19 and above * Wed Jan 29 2020 Fedora Release Engineering releng@fedoraproject.org - 1.13.1-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Thu Oct 3 2019 Miro Hron��ok mhroncok@redhat.com - 1.13.1-5 - Rebuilt for Python 3.8.0rc1 (#1748018) * Thu Aug 15 2019 Miro Hron��ok mhroncok@redhat.com - 1.13.1-4 - Rebuilt for Python 3.8 --------------------------------------------------------------------------------
================================================================================ granite-5.4.0-1.fc31 (FEDORA-2020-416560f966) elementary companion library for GTK+ and GLib -------------------------------------------------------------------------------- Update Information:
Update to version 5.4.0. Release notes: https://github.com/elementary/granite/releases/tag/5.4.0 -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 30 2020 Fabio Valentini decathorpe@gmail.com - 5.4.0-1 - Update to version 5.4.0. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1829712 - granite-5.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1829712 --------------------------------------------------------------------------------
================================================================================ koji-1.21.0-2.fc31 (FEDORA-2020-edd79688a9) Build system tools -------------------------------------------------------------------------------- Update Information:
Add patch to fix admin --force tagging. ---- Update to bugfix and feature upstream 1.21.0 version. See https://docs.pagure.org/koji/release_notes/release_notes_1.21 for detailed changes. -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 30 2020 Kevin Fenzi kevin@scrye.com - 1.21.0-2 - Add patch to fix issue with admins not being able to force tagging. - Fixes https://pagure.io/koji/issue/2202 upstream. * Tue Apr 21 2020 Kevin Fenzi kevin@scrye.com - 1.21.0-1 - Update to 1.21.1. Fixes bug #1826406 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1497923 - koji-web requires mod_auth_gssapi but that is not available in RHEL6 or EPEL6 https://bugzilla.redhat.com/show_bug.cgi?id=1497923 [ 2 ] Bug #1806193 - koji-1.17 is not compatibile with python 2.6.6 https://bugzilla.redhat.com/show_bug.cgi?id=1806193 [ 3 ] Bug #1826343 - koji-1.21.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1826343 [ 4 ] Bug #1826406 - update to koji 1.21.0 https://bugzilla.redhat.com/show_bug.cgi?id=1826406 --------------------------------------------------------------------------------
================================================================================ libslirp-4.1.0-2.fc31 (FEDORA-2020-1608d52724) A general purpose TCP-IP emulator -------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2020-1983 -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 30 2020 Marc-Andr�� Lureau marcandre.lureau@redhat.com - 4.1.0-2 - CVE-2020-1983 fix -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1829825 - CVE-2020-1983 libslirp: use-after-free in ip_reass function in ip_input.c https://bugzilla.redhat.com/show_bug.cgi?id=1829825 --------------------------------------------------------------------------------
================================================================================ lua-luv-1.36.0.0-0.fc31 (FEDORA-2020-da9620a104) Bare libuv bindings for lua -------------------------------------------------------------------------------- Update Information:
Update to version 1.36.0-0 -------------------------------------------------------------------------------- ChangeLog:
* Tue Apr 28 2020 Michel Alexandre Salim salimma@fedoraproject.org - 1.36.0.0-1 - Update to version 1.36.0-0 - Support building on EPEL 8 --------------------------------------------------------------------------------
================================================================================ mutter-3.34.6-1.fc31 (FEDORA-2020-d29c22c817) Window and compositing manager based on Clutter -------------------------------------------------------------------------------- Update Information:
Update to 3.34.6 -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 30 2020 Florian M��llner fmuellner@redhat.com - 3.34.6-1 - Update to 3.34.6 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1770296 - GNOME on F31: Switching Workspace results in "Ctrl+Alt+Up" key press getting sent to active application https://bugzilla.redhat.com/show_bug.cgi?id=1770296 --------------------------------------------------------------------------------
================================================================================ nodejs-12.16.3-1.fc31 (FEDORA-2020-2fa367cf95) JavaScript runtime -------------------------------------------------------------------------------- Update Information:
Update to 12.16.3 -------------------------------------------------------------------------------- ChangeLog:
* Wed Apr 29 2020 Stephen Gallagher sgallagh@redhat.com - 1:12.16.3-1 - Update to 12.16.3 * Wed Apr 15 2020 Zuzana Svetlikova zsvetlik@redhat.com - 1:12.16.2-1 - Update to 12.16.2 - Add bundled uvwasi and histogram_c provides - Add shared brotli dependency * Tue Mar 17 2020 Tom Stellard tstellar@redhat.com - 1:12.16.1-4 - Replace hard-coded gcc and g++ with __cc and __cxx macros * Mon Mar 16 2020 Stephen Gallagher sgallagh@redhat.com - 1:12.16.1-3 - Set npmrc to use python3 explicitly * Wed Feb 26 2020 Stephen Gallagher sgallagh@redhat.com - 1:12.16.1-2 - Build with Python 3 only --------------------------------------------------------------------------------
================================================================================ nordugrid-arc-6.6.0-1.fc31 (FEDORA-2020-f993e1ddfd) Advanced Resource Connector Middleware -------------------------------------------------------------------------------- Update Information:
NorduGrid ARC 6.6.0 -------------------------------------------------------------------------------- ChangeLog:
* Mon Apr 27 2020 Mattias Ellert mattias.ellert@physics.uu.se - 6.6.0-1 - Update to version 6.6.0 - Drop patch nordugrid-arc-openssl-1.1.1f.patch (previously backported) - Split out package arcctl-service package from arcctl package - Split out plugins-python from main ARC python module pacakage * Thu Apr 16 2020 Mattias Ellert mattias.ellert@physics.uu.se - 6.5.0-3 - Adapt to openssl 1.1.1f * Tue Mar 10 2020 Mattias Ellert mattias.ellert@physics.uu.se - 6.5.0-2 - Adapt to new perl rpm package split in rawhide - perl(English) and perl(Sys::Hostname) now in separate packages --------------------------------------------------------------------------------
================================================================================ nrpe-4.0.3-1.fc31 (FEDORA-2020-885f1b897e) Host/service/network monitoring agent for Nagios -------------------------------------------------------------------------------- Update Information:
New upstream version ---- Fix regression with nasty_metacharacters -------------------------------------------------------------------------------- ChangeLog:
* Wed Apr 29 2020 Martin Jackson mhjacks@swbell.net - 4.0.1-1 - New upstream version * Sun Apr 26 2020 Martin Jackson mhjacks@swbell.net - 4.0.2-3.20200423git4f7dd11 - Fix regression with nasty_metacharacters - Update Patch3 - Drop patch13 (trees have diverged) --------------------------------------------------------------------------------
================================================================================ ocrmypdf-9.8.0-1.fc31 (FEDORA-2020-907422ee4a) Add an OCR text layer to scanned PDF files -------------------------------------------------------------------------------- Update Information:
Update to latest version -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 30 2020 Elliott Sales de Andrade quantum.analyst@gmail.com - 9.8.0-1 - Update to latest version -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1829097 - ocrmypdf-9.8.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1829097 --------------------------------------------------------------------------------
================================================================================ openqa-4.6-49.20200429git46234f9.fc31 (FEDORA-2020-2333513542) OS-level automated testing framework -------------------------------------------------------------------------------- Update Information:
This update provides updated builds of openQA and os-autoinst, along with required perl-YAML-PP and perl-Minion dependencies. The updated openQA brings a range of improvements and bug fixes, as usual, including fixes for a scheduler problem which led to occasional incomplete tests. -------------------------------------------------------------------------------- ChangeLog:
* Wed Apr 29 2020 Adam Williamson awilliam@redhat.com - 4.6-49.20200429git46234f9 - Bump to latest git - Resync spec with upstream - Backport PR #3017: missing asset check shouldn't use 'hidden' asset attribute * Sat Apr 18 2020 Adam Williamson awilliam@redhat.com - 4.6-48.20200415git7160d88 - Backport PR #2955 to fix broken load_templates --clean * Wed Apr 15 2020 Adam Williamson awilliam@redhat.com - 4.6-47.20200415git7160d88 - Bump to latest git - Drop merged patch - Resync spec with upstream * Fri Mar 20 2020 Adam Williamson awilliam@redhat.com - 4.6-46.20200319git12cea51 - Backport #2856 to fix extracting compressed download assets * Thu Mar 19 2020 Adam Williamson awilliam@redhat.com - 4.6-45.20200319git12cea51 - Bump to latest git (inc. fix for POO #62417) - Drop workaround for POO #62417 * Thu Mar 19 2020 Adam Williamson awilliam@redhat.com - 4.6-44.20200205git4861e34 - Restart aarch64 install tests that fail in the first module (#1689037) --------------------------------------------------------------------------------
================================================================================ openscap-1.3.3-1.fc31 (FEDORA-2020-27696c7fee) Set of open source libraries enabling integration of the SCAP line of standards -------------------------------------------------------------------------------- Update Information:
Update to the latest upstream version - New features - Added a Python script that can be used for CLI tailoring (autotailor) - Added timezone to XCCDF TestResult start/end time - Added yamlfilecontent independent probe (proposal/draft implementation), see https://github.com/OVAL- Community/OVAL/issues/91 for more information - Introduced `urn:xccdf:fix:script:kubernetes` fix type in XCCDF - Added ability to generate `machineconfig` fix - Maintenance, bug fixes - utils/oscap- podman: Detect ambiguous scan target - Fixed #170: The rpmverifyfile probe can't verify files from '/bin' directory - The data system_info probe return for offline and online modes is consistent and actual - Prevent crashes when complicated regexes are executed in textfilecontent58 probe - Fixed #1512: Severity refinement lost in generated guide - Fixed #1453: Pointer lost in Swig API - Evaluation Characteristics of the XCCDF report are now consistent with OVAL entities from system_info probe - Fixed filepath pattern matching in offline mode in textfilecontent58 probe - Fixed infinite recursion in systemdunitdependency probe - Fixed the case when CMake couldn't find libacl or xattr.h -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 30 2020 Jan ��ern�� jcerny@redhat.com - 1:1.3.3-1 - Upgrade to the latest upstream release --------------------------------------------------------------------------------
================================================================================ os-autoinst-4.6-12.20200430git85fa4f1.fc31 (FEDORA-2020-2333513542) OS-level test automation -------------------------------------------------------------------------------- Update Information:
This update provides updated builds of openQA and os-autoinst, along with required perl-YAML-PP and perl-Minion dependencies. The updated openQA brings a range of improvements and bug fixes, as usual, including fixes for a scheduler problem which led to occasional incomplete tests. -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 30 2020 Adam Williamson awilliam@redhat.com - 4.6-12.20200430git85fa4f12 - Bump to latest git - Resync spec with upstream, tweak dependency macro implementation * Fri Apr 17 2020 Adam Williamson awilliam@redhat.com - 4.6-11.20200414git50464d4e - Rearrange the dependencies ppisar added * Wed Apr 15 2020 Adam Williamson awilliam@redhat.com - 4.6-10.20200414git50464d4e - Bump to latest git * Wed Apr 1 2020 Petr Pisar ppisar@redhat.com - Add more Perl dependencies * Wed Mar 11 2020 Adam Williamson awilliam@redhat.com - 4.6-9.20200311git4e3dec50 - Bump to latest git --------------------------------------------------------------------------------
================================================================================ perl-Minion-10.04-1.fc31 (FEDORA-2020-2333513542) High performance job queue for the Perl programming language -------------------------------------------------------------------------------- Update Information:
This update provides updated builds of openQA and os-autoinst, along with required perl-YAML-PP and perl-Minion dependencies. The updated openQA brings a range of improvements and bug fixes, as usual, including fixes for a scheduler problem which led to occasional incomplete tests. -------------------------------------------------------------------------------- ChangeLog:
* Sun Feb 2 2020 Emmanuel Seyman emmanuel@seyman.fr - 10.04-1 - Update to 10.04 * Thu Jan 30 2020 Fedora Release Engineering releng@fedoraproject.org - 10.02-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ perl-YAML-PP-0.021-1.fc31 (FEDORA-2020-2333513542) YAML 1.2 processor -------------------------------------------------------------------------------- Update Information:
This update provides updated builds of openQA and os-autoinst, along with required perl-YAML-PP and perl-Minion dependencies. The updated openQA brings a range of improvements and bug fixes, as usual, including fixes for a scheduler problem which led to occasional incomplete tests. -------------------------------------------------------------------------------- ChangeLog:
--------------------------------------------------------------------------------
================================================================================ php-sebastian-code-unit-1.0.2-1.fc31 (FEDORA-2020-1d4cc233b8) Collection of value objects that represent the PHP code units -------------------------------------------------------------------------------- Update Information:
**Version 1.0.2** - 2020-04-30 **Fixed** * `Mapper::stringToCodeUnits()` raised the wrong exception for `Class::method` when a class named `Class` exists but does not have a method named `method` ---- **Version 1.0.1** - 2020-04-27 **Fixed** * [#2](https://github.com/sebastianbergmann/code-unit/issues/2): `Mapper::stringToCodeUnits()` breaks when `ClassName<extended>` is used for class that extends built-in class ---- Collection of value objects that represent the PHP code units. -------------------------------------------------------------------------------- ChangeLog:
-------------------------------------------------------------------------------- References:
[ 1 ] Bug #1820478 - Review Request: php-sebastian-code-unit - Collection of value objects that represent the PHP code units https://bugzilla.redhat.com/show_bug.cgi?id=1820478 --------------------------------------------------------------------------------
================================================================================ phpunit9-9.1.4-1.fc31 (FEDORA-2020-f4ab4b8f3b) The PHP Unit Testing framework version 9 -------------------------------------------------------------------------------- Update Information:
**Version 9.1.4** - 2020-04-30 **Fixed** * [#4196](https://github.com/sebastianbergmann/phpunit/issues/4196): Invalid `@covers` annotation crashes test runner ---- **Version 9.1.3** - 2020-04-23 **Added** * [#4186](https://github.com/sebastianbergmann/phpunit/issues/4186): Support adding directories to blacklist (of files that PHPUnit filters from stacktraces) **Changed** * `PHPUnit\Util\Blacklist` is no longer `@internal` ---- **Version 9.1.2** - 2020-04-20 **Changed** * Changed how `PHPUnit\TextUI\Command` passes warnings to `PHPUnit\TextUI\TestRunner` ---- **Version 9.1.1** - 2020-04-03 **Fixed** * [#4162](https://github.com/sebastianbergmann/phpunit/issues/4162): Raising an exception from a test double's configured method does not work ---- **Version 9.1.0** - 2020-04-03 **Added** * [#4061](https://github.com/sebastianbergmann/phpunit/issues/4061): Implement `assertIsNotReadable()` as alternative for `assertNotIsReadable()` with a more readable name * [#4064](https://github.com/sebastianbergmann/phpunit/issues/4064): Implement `assertIsNotWritable()` as alternative for `assertNotIsWritable()` with a more readable name * [#4067](https://github.com/sebastianbergmann/phpunit/issues/4067): Implement `assertDirectoryDoesNotExist()` as alternative for `assertDirectoryNotExists()` with a more readable name * [#4070](https://github.com/sebastianbergmann/phpunit/issues/4070): Implement `assertDirectoryIsNotReadable()` as alternative for `assertDirectoryNotIsReadable()` with a more readable name * [#4073](https://github.com/sebastianbergmann/phpunit/issues/4073): Implement `assertDirectoryIsNotWritable()` as alternative for `assertDirectoryNotIsWritable()` with a more readable name * [#4076](https://github.com/sebastianbergmann/phpunit/issues/4076): Implement `assertFileDoesNotExist()` as alternative for `assertFileNotExists()` with a more readable name * [#4079](https://github.com/sebastianbergmann/phpunit/issues/4079): Implement `assertFileIsNotReadable()` as alternative for `assertFileNotIsReadable()` with a more readable name * [#4082](https://github.com/sebastianbergmann/phpunit/issues/4082): Implement `assertFileIsNotWritable()` as alternative for `assertFileNotIsWritable()` with a more readable name * [#4085](https://github.com/sebastianbergmann/phpunit/issues/4085): Implement `assertMatchesRegularExpression()` as alternative for `assertRegExp()` with a more readable name * [#4088](https://github.com/sebastianbergmann/phpunit/issues/4088): Implement `assertDoesNotMatchRegularExpression()` as alternative for `assertNotRegExp()` with a more readable name * [#4100](https://github.com/sebastianbergmann/phpunit/issues/4100): Implement `failOnIncomplete` and `failOnSkipped` configuration options as well as `--fail- on-incomplete` and `--fail-on-skipped` commandline options * [#4130](https://github.com/sebastianbergmann/phpunit/pull/4130): Canonicalize JSON values in failure message * [#4136](https://github.com/sebastianbergmann/phpunit/pull/4136): Allow loading PHPUnit extensions via command-line options * [#4148](https://github.com/sebastianbergmann/phpunit/issues/4148): Support for `@preCondition` and `@postCondition` annotations **Changed** * [#4039](https://github.com/sebastianbergmann/phpunit/issues/4039): Deprecate custom test suite loader * [#4062](https://github.com/sebastianbergmann/phpunit/issues/4062): Deprecate `assertNotIsReadable()` * [#4065](https://github.com/sebastianbergmann/phpunit/issues/4065): Deprecate `assertNotIsWritable()` * [#4068](https://github.com/sebastianbergmann/phpunit/issues/4068): Deprecate `assertDirectoryNotExists()` * [#4071](https://github.com/sebastianbergmann/phpunit/issues/4071): Deprecate `assertDirectoryNotIsReadable()` * [#4074](https://github.com/sebastianbergmann/phpunit/issues/4074): Deprecate `assertDirectoryNotIsWritable()` * [#4077](https://github.com/sebastianbergmann/phpunit/issues/4077): Deprecate `assertFileNotExists()` * [#4080](https://github.com/sebastianbergmann/phpunit/issues/4080): Deprecate `assertFileNotIsReadable()` * [#4083](https://github.com/sebastianbergmann/phpunit/issues/4083): Deprecate `assertFileNotIsWritable()` * [#4086](https://github.com/sebastianbergmann/phpunit/issues/4086): Deprecate `assertRegExp()` * [#4089](https://github.com/sebastianbergmann/phpunit/issues/4089): Deprecate `assertNotRegExp()` * [#4091](https://github.com/sebastianbergmann/phpunit/issues/4091): Deprecate `assertEqualXMLStructure()` * [#4095](https://github.com/sebastianbergmann/phpunit/pull/4095): Improve performance of `StringContains` constraint * [#4105](https://github.com/sebastianbergmann/phpunit/issues/4105): Deprecate multiple test case classes in single file and test case class name differing from filename * [#4141](https://github.com/sebastianbergmann/phpunit/pull/4141): Deprecate Prophecy integration -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 30 2020 Remi Collet remi@remirepo.net - 9.1.4-1 - update to 9.1.4 - raise dependency on sebastian/code-unit 1.0.2 * Thu Apr 23 2020 Remi Collet remi@remirepo.net - 9.1.3-1 - update to 9.1.3 - raise dependency on phpunit/php-timer 3.1.4 - add dependency on sebastian/code-unit --------------------------------------------------------------------------------
================================================================================ pungi-4.2.2-1.fc31 (FEDORA-2020-b9dce07f95) Distribution compose tool -------------------------------------------------------------------------------- Update Information:
New upstream release: * Work around a permission problem for cloned module defaults repo. * Fix warning about removed `productimg` phase. * Allow disabling reusing pkgset phase results. * Fix nodeps gather method to not match on prefixes of names. * Remove check after copying file. * Stop creating iso stage dir just before deleting it. * Allow reusing old buildinstall phase result. * set umask to be more permissive for ostree operations. * Split repoclosure into separate phase. * Increase time delay between submitting Koji image builds. * Allow gather phase reuse on `product_id` change. * Gather more debug data for GitWrapper clone. * Reuse arch pkgset repos. * Get non-rpm build to pungi's extra_files with inheritance. -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 30 2020 Lubom��r Sedl���� lsedlar@redhat.com - 4.2.2-1 - New upstream release --------------------------------------------------------------------------------
================================================================================ python-google-auth-1.14.1-1.fc31 (FEDORA-2020-2ed0bee70d) Google Auth Python Library -------------------------------------------------------------------------------- Update Information:
Update to 1.14.1. -------------------------------------------------------------------------------- ChangeLog:
* Wed Apr 22 2020 Fedora Release Monitoring release-monitoring@fedoraproject.org - 1:1.14.1-1 - Update to 1.14.1 (#1824032) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1824032 - python-google-auth-1.14.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1824032 --------------------------------------------------------------------------------
================================================================================ python-kubernetes-11.0.0-2.fc31 (FEDORA-2020-9d6af470dd) Python client for the kubernetes API. -------------------------------------------------------------------------------- Update Information:
Update to python-kubernetes 11.0.0 and python-openshift 0.11.0 -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 30 2020 Jason Montleon jmontleo@redhat.com - 11.0.0-2 - Fix EPEL 7 and 8 builds * Thu Apr 30 2020 Jason Montleon jmontleo@redhat.com - 11.0.0-1 - Update to 11.0.0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1696532 - python-kubernetes-11.0.0b2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1696532 [ 2 ] Bug #1816888 - python-openshift-0.11.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1816888 --------------------------------------------------------------------------------
================================================================================ python-mercantile-1.1.4-1.fc31 (FEDORA-2020-474d4a2591) Web Mercator XYZ tile utilities -------------------------------------------------------------------------------- Update Information:
Update to latest version -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 30 2020 Elliott Sales de Andrade quantum.analyst@gmail.com - 1.1.4-1 - Update to latest version -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1829134 - python-mercantile-1.1.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1829134 --------------------------------------------------------------------------------
================================================================================ python-openshift-0.11.0-3.fc31 (FEDORA-2020-9d6af470dd) Python client for the OpenShift API -------------------------------------------------------------------------------- Update Information:
Update to python-kubernetes 11.0.0 and python-openshift 0.11.0 -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 30 2020 Jason Montleon jmontleo@redhat.com 1:0.11.0-3 - Add missing changelog entries * Thu Apr 30 2020 Jason Montleon jmontleo@redhat.com 1:0.11.0-2 - Fix el8 builds * Thu Apr 30 2020 Jason Montleon jmontleo@redhat.com 1:0.11.0-1 - Update to 0.11.0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1696532 - python-kubernetes-11.0.0b2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1696532 [ 2 ] Bug #1816888 - python-openshift-0.11.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1816888 --------------------------------------------------------------------------------
================================================================================ python-pymediainfo-4.2.1-1.fc31 (FEDORA-2020-9a8cacf554) Python wrapper around the MediaInfo library -------------------------------------------------------------------------------- Update Information:
Update to 4.2.1. -------------------------------------------------------------------------------- ChangeLog:
* Fri May 1 2020 Vasiliy N. Glazov vascom2@gmail.com - 4.2.1-1 - Update to 4.2.1 * Thu Jan 30 2020 Fedora Release Engineering releng@fedoraproject.org - 4.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1829604 - python-pymediainfo-4.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1829604 --------------------------------------------------------------------------------
================================================================================ roundcubemail-1.4.4-1.fc31 (FEDORA-2020-35e12da5fe) Round Cube Webmail is a browser-based multilingual IMAP client -------------------------------------------------------------------------------- Update Information:
**Version 1.4.4** This is a **service and security update** to the stable version 1.4 of Roundcube Webmail. It contains four fixes for recently reported security vulnerabilities as well a number of general improvements from our issue tracker. - Fix bug where attachments with Content-Id were attached to the message on reply (#7122) - Fix identity selection on reply when both sender and recipient addresses are included in identities (#7211) - Elastic: Fix text selection with Shift+PageUp and Shift+PageDown in plain text editor when using Chrome (#7230) - Elastic: Fix recipient input bug when using click to select a contact from autocomplete list (#7231) - Elastic: Fix color of a folder with recent messages (#7281) - Elastic: Restrict logo size in print view (#7275) - Fix invalid Content-Type for messages with only html part and inline images - Mail_Mime-1.10.7 (#7261) - Fix missing contact display name in QR Code data (#7257) - Fix so button label in Select image/media dialogs is "Close" not "Cancel" (#7246) - Fix regression in testing database schema on MSSQL (#7227) - Fix cursor position after inserting a group to a recipient input using autocompletion (#7267) - Fix string literals handling in IMAP STATUS (and various other) responses (#7290) - Fix bug where multiple images in a message were replaced by the first one on forward/reply/edit (#7293) - Fix handling keyservers configured with protocol prefix (#7295) - Markasjunk: Fix marking as spam/ham on moving messages with Move menu (#7189) - Markasjunk: Fix bug where moving to Junk was failing on messages selected with Select > All (#7206) - Fix so imap error message is displayed to the user on folder create/update (#7245) - Fix bug where a special folder couldn't be created if a special-use flag is not supported (#7147) - Mailvelope: Fix bug where recipients with name were not handled properly in mail compose (#7312) - Fix characters encoding in group rename input after group creation/rename (#7330) - Fix bug where some message/rfc822 parts could not be attached on forward (#7323) - Make install- jsdeps.sh script working without the 'file' program installed (#7325) - Fix performance issue of parsing big HTML messages by disabling HTML5 parser for these (#7331) - Fix so Print button for PDF attachments works on Firefox >= 75 (#5125) - **Security**: Fix XSS issue in handling of CDATA in HTML messages - **Security**: Fix remote code execution via crafted 'im_convert_path' or 'im_identify_path' settings - **Security**: Fix local file inclusion (and code execution) via crafted 'plugins' option - **Security**: Fix CSRF bypass that could be used to log out an authenticated user (#7302) -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 30 2020 Remi Collet remi@remirepo.net - 1.4.4-1 - update to 1.4.4 --------------------------------------------------------------------------------
================================================================================ rstudio-1.2.5042-1.fc31 (FEDORA-2020-6431061eeb) RStudio base package -------------------------------------------------------------------------------- Update Information:
Update to 1.2.5042, which adds support for R 4.0 -------------------------------------------------------------------------------- ChangeLog:
* Wed Apr 29 2020 I��aki ��car iucar@fedoraproject.org - 1.2.5042-1 - Update to 1.2.5042, which adds support for R 4.0 * Mon Apr 27 2020 I��aki ��car iucar@fedoraproject.org - 1.2.5033-14 - Use bundled jQuery before js-query is retired * Mon Apr 6 2020 I��aki ��car iucar@fedoraproject.org - 1.2.5033-13 - Remove unneeded qt5-devel metapackage dependency -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1829377 - rstudio-1.2.5042 is available https://bugzilla.redhat.com/show_bug.cgi?id=1829377 --------------------------------------------------------------------------------
================================================================================ tinygo-0.13.1-1.fc31 (FEDORA-2020-3038a0e378) Go compiler for small places -------------------------------------------------------------------------------- Update Information:
Update to latest version -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 30 2020 Elliott Sales de Andrade quantum.analyst@gmail.com - 0.13.1-1 - Update to latest version * Mon Apr 20 2020 Elliott Sales de Andrade quantum.analyst@gmail.com - 0.13.0-1 - Update to latest version -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1828109 - tinygo-0.13.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1828109 --------------------------------------------------------------------------------
================================================================================ wordpress-5.4.1-1.fc31 (FEDORA-2020-7701f49327) Blog tool and publishing platform -------------------------------------------------------------------------------- Update Information:
**WordPress 5.4.1** Security Updates Seven security issues affect WordPress versions 5.4 and earlier. If you haven���t yet updated to 5.4, all WordPress versions since 3.7 have also been updated to fix the following security issues: * Props to Muaz Bin Abdus Sattar and Jannes who both independently reported an issue where password reset tokens were not properly invalidated * Props to ka1n4t for finding an issue where certain private posts can be viewed unauthenticated * Props to Evan Ricafort for discovering an XSS issue in the Customizer * Props to Ben Bidner from the WordPress Security Team who discovered an XSS issue in the search block * Props to Nick Daugherty from WordPress VIP / WordPress Security Team who discovered an XSS issue in wp- object-cache * Props to Ronnie Goodrich (Kahoots) and Jason Medeiros who independently reported an XSS issue in file uploads. * Props to Weston Ruter for fixing a stored XSS vulnerability in the WordPress customizer. * Additionally, an authenticated XSS issue in the block editor was discovered by Nguyen the Duc in WordPress 5.4 RC1 and RC2. It was fixed in 5.4 RC5. We wanted to be sure to give credit and thank them for all of their work in making WordPress more secure. -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 30 2020 Remi Collet remi@remirepo.net - 5.4.1-1 - WordPress 5.4.1 Security and Maintenance Release --------------------------------------------------------------------------------