==========================================================================
Ubuntu Security Notice USN-5442-2
June 01, 2022
linux-gcp-5.4, linux-gkeop, linux-gkeop-5.4, linux-ibm-5.4, linux-oracle,
linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-gkeop: Linux kernel for Google Container Engine (GKE) systems
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-raspi: Linux kernel for Raspberry Pi systems
- linux-gcp-5.4: Linux kernel for Google Cloud Platform (GCP) systems
- linux-gkeop-5.4: Linux kernel for Google Container Engine (GKE) systems
- linux-ibm-5.4: Linux kernel for IBM cloud systems
- linux-oracle-5.4: Linux kernel for Oracle Cloud systems
- linux-raspi-5.4: Linux kernel for Raspberry Pi systems
Details:
Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of
the Linux kernel did not properly perform reference counting in some
situations, leading to a use-after-free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or execute
arbitrary code. (CVE-2022-29581)
Bing-Jhong Billy Jheng discovered that the io_uring subsystem in the Linux
kernel contained in integer overflow. A local attacker could use this to
cause a denial of service (system crash) or execute arbitrary code.
(CVE-2022-1116)
Jann Horn discovered that the Linux kernel did not properly enforce seccomp
restrictions in some situations. A local attacker could use this to bypass
intended seccomp sandbox restrictions. (CVE-2022-30594)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS:
linux-image-5.4.0-1043-gkeop 5.4.0-1043.44
linux-image-5.4.0-1062-raspi 5.4.0-1062.70
linux-image-5.4.0-1073-oracle 5.4.0-1073.79
linux-image-gkeop 5.4.0.1043.46
linux-image-gkeop-5.4 5.4.0.1043.46
linux-image-oracle-lts-20.04 5.4.0.1073.73
linux-image-raspi 5.4.0.1062.96
linux-image-raspi2 5.4.0.1062.96
Ubuntu 18.04 LTS:
linux-image-5.4.0-1023-ibm 5.4.0-1023.25~18.04.1
linux-image-5.4.0-1043-gkeop 5.4.0-1043.44~18.04.1
linux-image-5.4.0-1062-raspi 5.4.0-1062.70~18.04.1
linux-image-5.4.0-1073-oracle 5.4.0-1073.79~18.04.1
linux-image-5.4.0-1075-gcp 5.4.0-1075.80~18.04.1
linux-image-gcp 5.4.0.1075.58
linux-image-gkeop-5.4 5.4.0.1043.44~18.04.42
linux-image-ibm 5.4.0.1023.39
linux-image-oracle 5.4.0.1073.79~18.04.52
linux-image-raspi-hwe-18.04 5.4.0.1062.63
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-5442-2
https://ubuntu.com/security/notices/USN-5442-1
CVE-2022-1116, CVE-2022-29581, CVE-2022-30594
Package Information:
https://launchpad.net/ubuntu/+source/linux-gkeop/5.4.0-1043.44
https://launchpad.net/ubuntu/+source/linux-oracle/5.4.0-1073.79
https://launchpad.net/ubuntu/+source/linux-raspi/5.4.0-1062.70
https://launchpad.net/ubuntu/+source/linux-gcp-5.4/5.4.0-1075.80~18.04.1
https://launchpad.net/ubuntu/+source/linux-gkeop-5.4/5.4.0-1043.44~18.04.1
https://launchpad.net/ubuntu/+source/linux-ibm-5.4/5.4.0-1023.25~18.04.1
https://launchpad.net/ubuntu/+source/linux-oracle-5.4/5.4.0-1073.79~18.04.1
https://launchpad.net/ubuntu/+source/linux-raspi-5.4/5.4.0-1062.70~18.04.1
Tuesday, May 31, 2022
[USN-5443-2] Linux kernel vulnerabilities
==========================================================================
Ubuntu Security Notice USN-5443-2
June 01, 2022
linux-gcp-5.13, linux-oracle, linux-oracle-5.13 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.10
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-gcp-5.13: Linux kernel for Google Cloud Platform (GCP) systems
- linux-oracle-5.13: Linux kernel for Oracle Cloud systems
Details:
Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of
the Linux kernel did not properly perform reference counting in some
situations, leading to a use-after-free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or execute
arbitrary code. (CVE-2022-29581)
Jann Horn discovered that the Linux kernel did not properly enforce seccomp
restrictions in some situations. A local attacker could use this to bypass
intended seccomp sandbox restrictions. (CVE-2022-30594)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 21.10:
linux-image-5.13.0-1030-oracle 5.13.0-1030.35
linux-image-oracle 5.13.0.1030.30
Ubuntu 20.04 LTS:
linux-image-5.13.0-1027-gcp 5.13.0-1027.32~20.04.1
linux-image-5.13.0-1030-oracle 5.13.0-1030.35~20.04.1
linux-image-gcp 5.13.0.1027.32~20.04.1
linux-image-oracle 5.13.0.1030.35~20.04.1
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-5443-2
https://ubuntu.com/security/notices/USN-5443-1
CVE-2022-29581, CVE-2022-30594
Package Information:
https://launchpad.net/ubuntu/+source/linux-oracle/5.13.0-1030.35
https://launchpad.net/ubuntu/+source/linux-gcp-5.13/5.13.0-1027.32~20.04.1
https://launchpad.net/ubuntu/+source/linux-oracle-5.13/5.13.0-1030.35~20.04.1
Ubuntu Security Notice USN-5443-2
June 01, 2022
linux-gcp-5.13, linux-oracle, linux-oracle-5.13 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.10
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-gcp-5.13: Linux kernel for Google Cloud Platform (GCP) systems
- linux-oracle-5.13: Linux kernel for Oracle Cloud systems
Details:
Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of
the Linux kernel did not properly perform reference counting in some
situations, leading to a use-after-free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or execute
arbitrary code. (CVE-2022-29581)
Jann Horn discovered that the Linux kernel did not properly enforce seccomp
restrictions in some situations. A local attacker could use this to bypass
intended seccomp sandbox restrictions. (CVE-2022-30594)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 21.10:
linux-image-5.13.0-1030-oracle 5.13.0-1030.35
linux-image-oracle 5.13.0.1030.30
Ubuntu 20.04 LTS:
linux-image-5.13.0-1027-gcp 5.13.0-1027.32~20.04.1
linux-image-5.13.0-1030-oracle 5.13.0-1030.35~20.04.1
linux-image-gcp 5.13.0.1027.32~20.04.1
linux-image-oracle 5.13.0.1030.35~20.04.1
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-5443-2
https://ubuntu.com/security/notices/USN-5443-1
CVE-2022-29581, CVE-2022-30594
Package Information:
https://launchpad.net/ubuntu/+source/linux-oracle/5.13.0-1030.35
https://launchpad.net/ubuntu/+source/linux-gcp-5.13/5.13.0-1027.32~20.04.1
https://launchpad.net/ubuntu/+source/linux-oracle-5.13/5.13.0-1030.35~20.04.1
[USN-5454-2] CUPS vulnerabilities
==========================================================================
Ubuntu Security Notice USN-5454-2
May 31, 2022
cups vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
Several security issues were fixed in CUPS.
Software Description:
- cups: Common UNIX Printing System(tm)
Details:
USN-5454-1 fixed several vulnerabilities in CUPS. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Joshua Mason discovered that CUPS incorrectly handled the secret key used
to access the administrative web interface. A remote attacker could
possibly use this issue to open a session as an administrator and execute
arbitrary code. (CVE-2022-26691)
It was discovered that CUPS incorrectly handled certain memory operations
when handling IPP printing. A remote attacker could possibly use this issue
to cause CUPS to crash, leading to a denial of service, or obtain sensitive
information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04
LTS. (CVE-2019-8842, CVE-2020-10001)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
cups 2.1.3-4ubuntu0.11+esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5454-2
https://ubuntu.com/security/notices/USN-5454-1
CVE-2019-8842, CVE-2020-10001, CVE-2022-26691
Ubuntu Security Notice USN-5454-2
May 31, 2022
cups vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
Several security issues were fixed in CUPS.
Software Description:
- cups: Common UNIX Printing System(tm)
Details:
USN-5454-1 fixed several vulnerabilities in CUPS. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Joshua Mason discovered that CUPS incorrectly handled the secret key used
to access the administrative web interface. A remote attacker could
possibly use this issue to open a session as an administrator and execute
arbitrary code. (CVE-2022-26691)
It was discovered that CUPS incorrectly handled certain memory operations
when handling IPP printing. A remote attacker could possibly use this issue
to cause CUPS to crash, leading to a denial of service, or obtain sensitive
information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04
LTS. (CVE-2019-8842, CVE-2020-10001)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
cups 2.1.3-4ubuntu0.11+esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5454-2
https://ubuntu.com/security/notices/USN-5454-1
CVE-2019-8842, CVE-2020-10001, CVE-2022-26691
F40 proposal: Retire python3.7 (Self-Contained Change proposal)
https://fedoraproject.org/wiki/Changes/RetirePython3.7
This document represents a proposed Change. As part of the Changes
process, proposals are publicly announced in order to receive
community feedback. This proposal will only be implemented if approved
by the Fedora Engineering Steering Committee.
== Summary ==
The {{package|python3.7}} package will be retired without replacement
from [[Releases/40|Fedora Linux 40]]. Python 3.7 will be End of Life
in June 2023 and it will be kept around only to test software
targeting Debian 10 "Buster" LTS. The removal is more or less aligned
with [https://wiki.debian.org/LTS Debian 10 TLS EOL] (June 2024) --
Fedora 39 (the last one to include Python 3.7) will likely EOL on
2024-11-12.
== Owner ==
* Name: [[User:Churchyard|Miro Hrončok]]
* Email: mhroncok@redhat.com
== Detailed Description ==
The {{package|python3.7}} package with the Python interpreter in
version 3.7 will be kept in Fedora after upstream EOL
([https://devguide.python.org/#status-of-python-branches 2023-06-27])
only to make it possible for Fedora users to test their software
against the Python version shipped in Debian 10 "Buster" LTS.
[https://wiki.debian.org/LTS Debian 10 "Buster" LTS is End of Life in
2024-06]. This happens couple months after the planned release of
Fedora 40. Hence, we decided to retire (completely remove)
{{package|python3.7}} from Fedora 40, before it gets released. Users
who target Debian 10 can use Fedora 39 until it EOLs.
Note that {{package|python3.6}} will remain available for the
foreseeable future to support developers who target RHEL 8.
== Feedback ==
This was discussed on the Python list prior to submitting the change
proposal: https://lists.fedoraproject.org/archives/list/python-devel@lists.fedoraproject.org/thread/W74WYEVGYAE57KVLCG73I75LZYKKUMXS/
There was no pushback.
== Benefit to Fedora ==
There is no direct benefit here, except that we don't want to maintain
it anymore and we don't think it's a good idea either.
Consider this change proposal a louder orphaning, except that we will
continue to maintain the package in older released and supported
Fedoras (38 and 39). If you wish to continue maintaining Python 3.7 in
Fedora past Fedora Linux 40, please [[SIGs/Python|speak to us]] first.
== Scope ==
* Proposal owners: Retire {{package|python3.7}} from rawhide just
before Fedora 40 is branched . Obsolete it from
{{package|fedora-obsolete-packages}} if it causes troubles on
upgrades. Make sure no Fedora package depends on it in any way (incl.
weak dependencies).
* Other developers: N/A (not needed for this Change)
* Release engineering: N/A (not needed for this Change)
* Policies and guidelines: N/A (not needed for this Change)
* Trademark approval: N/A (not needed for this Change)
* Alignment with Objectives: N/A (not needed for this Change)
== Upgrade/compatibility impact ==
The package will no longer be available from the repositories, but it
may remain on existing installations. If it causes troubles on
upgrade, it needs to be obsoleted.
== How To Test ==
Install Fedora 40. Try to install Python 3.7 via dnf or similar means.
It should not be found.
== User Experience ==
No more Python 3.7 to test user software on.
== Dependencies ==
None.
== Contingency Plan ==
* Contingency mechanism: (What to do? Who will do it?) N/A (not a
System Wide Change)
* Contingency deadline: N/A (not a System Wide Change)
* Blocks release? N/A (not a System Wide Change), Yes/No
== Documentation ==
N/A (not a System Wide Change)
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
This document represents a proposed Change. As part of the Changes
process, proposals are publicly announced in order to receive
community feedback. This proposal will only be implemented if approved
by the Fedora Engineering Steering Committee.
== Summary ==
The {{package|python3.7}} package will be retired without replacement
from [[Releases/40|Fedora Linux 40]]. Python 3.7 will be End of Life
in June 2023 and it will be kept around only to test software
targeting Debian 10 "Buster" LTS. The removal is more or less aligned
with [https://wiki.debian.org/LTS Debian 10 TLS EOL] (June 2024) --
Fedora 39 (the last one to include Python 3.7) will likely EOL on
2024-11-12.
== Owner ==
* Name: [[User:Churchyard|Miro Hrončok]]
* Email: mhroncok@redhat.com
== Detailed Description ==
The {{package|python3.7}} package with the Python interpreter in
version 3.7 will be kept in Fedora after upstream EOL
([https://devguide.python.org/#status-of-python-branches 2023-06-27])
only to make it possible for Fedora users to test their software
against the Python version shipped in Debian 10 "Buster" LTS.
[https://wiki.debian.org/LTS Debian 10 "Buster" LTS is End of Life in
2024-06]. This happens couple months after the planned release of
Fedora 40. Hence, we decided to retire (completely remove)
{{package|python3.7}} from Fedora 40, before it gets released. Users
who target Debian 10 can use Fedora 39 until it EOLs.
Note that {{package|python3.6}} will remain available for the
foreseeable future to support developers who target RHEL 8.
== Feedback ==
This was discussed on the Python list prior to submitting the change
proposal: https://lists.fedoraproject.org/archives/list/python-devel@lists.fedoraproject.org/thread/W74WYEVGYAE57KVLCG73I75LZYKKUMXS/
There was no pushback.
== Benefit to Fedora ==
There is no direct benefit here, except that we don't want to maintain
it anymore and we don't think it's a good idea either.
Consider this change proposal a louder orphaning, except that we will
continue to maintain the package in older released and supported
Fedoras (38 and 39). If you wish to continue maintaining Python 3.7 in
Fedora past Fedora Linux 40, please [[SIGs/Python|speak to us]] first.
== Scope ==
* Proposal owners: Retire {{package|python3.7}} from rawhide just
before Fedora 40 is branched . Obsolete it from
{{package|fedora-obsolete-packages}} if it causes troubles on
upgrades. Make sure no Fedora package depends on it in any way (incl.
weak dependencies).
* Other developers: N/A (not needed for this Change)
* Release engineering: N/A (not needed for this Change)
* Policies and guidelines: N/A (not needed for this Change)
* Trademark approval: N/A (not needed for this Change)
* Alignment with Objectives: N/A (not needed for this Change)
== Upgrade/compatibility impact ==
The package will no longer be available from the repositories, but it
may remain on existing installations. If it causes troubles on
upgrade, it needs to be obsoleted.
== How To Test ==
Install Fedora 40. Try to install Python 3.7 via dnf or similar means.
It should not be found.
== User Experience ==
No more Python 3.7 to test user software on.
== Dependencies ==
None.
== Contingency Plan ==
* Contingency mechanism: (What to do? Who will do it?) N/A (not a
System Wide Change)
* Contingency deadline: N/A (not a System Wide Change)
* Blocks release? N/A (not a System Wide Change), Yes/No
== Documentation ==
N/A (not a System Wide Change)
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[USN-5451-1] InfluxDB vulnerability
==========================================================================
Ubuntu Security Notice USN-5451-1
May 31, 2022
influxdb vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
An InfluxDB vulnerability allowed attackers to login as any known
database user.
Software Description:
- influxdb: Scalable datastore for metrics, events, and real-time analytics
Details:
Ilya Averyanov discovered that an InfluxDB vulnerability allowed
attackers to bypass authentication and gain access to any known
database user.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS:
influxdb 1.6.4-1+deb10u1build0.20.04.1
Ubuntu 18.04 LTS:
influxdb 1.1.1+dfsg1-4+deb9u1ubuntu1
After a standard system update you need to restart the influxdb
service to make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5451-1
CVE-2019-20933
Package Information:
https://launchpad.net/ubuntu/+source/influxdb/1.6.4-1+deb10u1build0.20.04.1
https://launchpad.net/ubuntu/+source/influxdb/1.1.1+dfsg1-4+deb9u1ubuntu1
Ubuntu Security Notice USN-5451-1
May 31, 2022
influxdb vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
An InfluxDB vulnerability allowed attackers to login as any known
database user.
Software Description:
- influxdb: Scalable datastore for metrics, events, and real-time analytics
Details:
Ilya Averyanov discovered that an InfluxDB vulnerability allowed
attackers to bypass authentication and gain access to any known
database user.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS:
influxdb 1.6.4-1+deb10u1build0.20.04.1
Ubuntu 18.04 LTS:
influxdb 1.1.1+dfsg1-4+deb9u1ubuntu1
After a standard system update you need to restart the influxdb
service to make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5451-1
CVE-2019-20933
Package Information:
https://launchpad.net/ubuntu/+source/influxdb/1.6.4-1+deb10u1build0.20.04.1
https://launchpad.net/ubuntu/+source/influxdb/1.1.1+dfsg1-4+deb9u1ubuntu1
[USN-5454-1] CUPS vulnerabilities
==========================================================================
Ubuntu Security Notice USN-5454-1
May 31, 2022
cups vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
- Ubuntu 21.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in CUPS.
Software Description:
- cups: Common UNIX Printing System(tm)
Details:
Joshua Mason discovered that CUPS incorrectly handled the secret key used
to access the administrative web interface. A remote attacker could
possibly use this issue to open a session as an administrator and execute
arbitrary code. (CVE-2022-26691)
It was discovered that CUPS incorrectly handled certain memory operations
when handling IPP printing. A remote attacker could possibly use this issue
to cause CUPS to crash, leading to a denial of service, or obtain sensitive
information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04
LTS. (CVE-2019-8842, CVE-2020-10001)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS:
cups 2.4.1op1-1ubuntu4.1
Ubuntu 21.10:
cups 2.3.3op2-7ubuntu2.1
Ubuntu 20.04 LTS:
cups 2.3.1-9ubuntu1.2
Ubuntu 18.04 LTS:
cups 2.2.7-1ubuntu2.9
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5454-1
CVE-2019-8842, CVE-2020-10001, CVE-2022-26691
Package Information:
https://launchpad.net/ubuntu/+source/cups/2.4.1op1-1ubuntu4.1
https://launchpad.net/ubuntu/+source/cups/2.3.3op2-7ubuntu2.1
https://launchpad.net/ubuntu/+source/cups/2.3.1-9ubuntu1.2
https://launchpad.net/ubuntu/+source/cups/2.2.7-1ubuntu2.9
Ubuntu Security Notice USN-5454-1
May 31, 2022
cups vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
- Ubuntu 21.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in CUPS.
Software Description:
- cups: Common UNIX Printing System(tm)
Details:
Joshua Mason discovered that CUPS incorrectly handled the secret key used
to access the administrative web interface. A remote attacker could
possibly use this issue to open a session as an administrator and execute
arbitrary code. (CVE-2022-26691)
It was discovered that CUPS incorrectly handled certain memory operations
when handling IPP printing. A remote attacker could possibly use this issue
to cause CUPS to crash, leading to a denial of service, or obtain sensitive
information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04
LTS. (CVE-2019-8842, CVE-2020-10001)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS:
cups 2.4.1op1-1ubuntu4.1
Ubuntu 21.10:
cups 2.3.3op2-7ubuntu2.1
Ubuntu 20.04 LTS:
cups 2.3.1-9ubuntu1.2
Ubuntu 18.04 LTS:
cups 2.2.7-1ubuntu2.9
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5454-1
CVE-2019-8842, CVE-2020-10001, CVE-2022-26691
Package Information:
https://launchpad.net/ubuntu/+source/cups/2.4.1op1-1ubuntu4.1
https://launchpad.net/ubuntu/+source/cups/2.3.3op2-7ubuntu2.1
https://launchpad.net/ubuntu/+source/cups/2.3.1-9ubuntu1.2
https://launchpad.net/ubuntu/+source/cups/2.2.7-1ubuntu2.9
Ubuntu 21.10 (Impish Indri) reaches End of Life on July 14 2022
Ubuntu announced its 21.10 (Impish Indri) release almost 9 months
ago, on October 14, 2021, and its support period is now nearing its
end. Ubuntu 21.10 will reach end of life on July 14, 2022.
ago, on October 14, 2021, and its support period is now nearing its
end. Ubuntu 21.10 will reach end of life on July 14, 2022.
At that time, Ubuntu Security Notices will no longer include
information or updated packages for Ubuntu 21.10.
The supported upgrade path from Ubuntu 21.10 is via Ubuntu 22.04.
Instructions and caveats for the upgrade may be found at:
https://help.ubuntu.com/community/JammyUpgrades
Ubuntu 22.04 continues to be actively supported with security updates
and select high-impact bug fixes. Announcements of security updates
for Ubuntu releases are sent to the ubuntu-security-announce mailing
list, information about which may be found at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
Since its launch in October 2004 Ubuntu has become one of the most
highly regarded Linux distributions with millions of users in homes,
schools, businesses and governments around the world. Ubuntu is Open
Source software, costs nothing to download, and users are free to
customise or alter their software in order to meet their needs.
On behalf of the Ubuntu Release Team,
Łukasz 'sil2100' Zemczak
--
ubuntu-announce mailing list
ubuntu-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-announce
Monday, May 30, 2022
Fedora 34 is going EOL in one week
Hello all,
Fedora 34 will go end of life for updates and support on 2022-06-07
No further updates, including security updates, will be
available for Fedora 34 after the said date. All the updates of Fedora
34 being pushed to stable will be stopped as well.
Fedora 35 will continue to receive updates until approximately one
month after the release of Fedora 37. The maintenance schedule of
Fedora releases is documented on the Fedora Project wiki [0]. The
Fedora Project wiki also contains instructions [1] on how to upgrade
from a previous release of Fedora to a version receiving updates.
Regards,
Fedora Release Engineering
[0]https://fedoraproject.org/wiki/Fedora_Release_Life_Cycle#Maintenance_Schedule
[1]https://fedoraproject.org/wiki/Upgrading?rd=DistributionUpgrades
--
Fedora 34 will go end of life for updates and support on 2022-06-07
No further updates, including security updates, will be
available for Fedora 34 after the said date. All the updates of Fedora
34 being pushed to stable will be stopped as well.
Fedora 35 will continue to receive updates until approximately one
month after the release of Fedora 37. The maintenance schedule of
Fedora releases is documented on the Fedora Project wiki [0]. The
Fedora Project wiki also contains instructions [1] on how to upgrade
from a previous release of Fedora to a version receiving updates.
Regards,
Fedora Release Engineering
[0]https://fedoraproject.org/wiki/Fedora_Release_Life_Cycle#Maintenance_Schedule
[1]https://fedoraproject.org/wiki/Upgrading?rd=DistributionUpgrades
--
Tomas Hrcka
role: CPE Team - Senior Software Engineer
fas: humaton
freenode: jednorozec
[USN-5446-2] dpkg vulnerability
==========================================================================
Ubuntu Security Notice USN-5446-2
May 30, 2022
dpkg vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
A malicious source package could write files outside the unpack directory.
Software Description:
- dpkg: Debian package management system
Details:
USN-5446-1 fixed a vulnerability in dpkg. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Max Justicz discovered that dpkg incorrectly handled unpacking certain
source packages. If a user or an automated system were tricked into
unpacking a specially crafted source package, a remote attacker could
modify files outside the target unpack directory, leading to a denial of
service or potentially gaining access to the system.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
dpkg 1.18.4ubuntu1.7+esm1
libdpkg-perl 1.18.4ubuntu1.7+esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5446-2
https://ubuntu.com/security/notices/USN-5446-1
CVE-2022-1664
Ubuntu Security Notice USN-5446-2
May 30, 2022
dpkg vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
A malicious source package could write files outside the unpack directory.
Software Description:
- dpkg: Debian package management system
Details:
USN-5446-1 fixed a vulnerability in dpkg. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Max Justicz discovered that dpkg incorrectly handled unpacking certain
source packages. If a user or an automated system were tricked into
unpacking a specially crafted source package, a remote attacker could
modify files outside the target unpack directory, leading to a denial of
service or potentially gaining access to the system.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
dpkg 1.18.4ubuntu1.7+esm1
libdpkg-perl 1.18.4ubuntu1.7+esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5446-2
https://ubuntu.com/security/notices/USN-5446-1
CVE-2022-1664
[USN-5453-1] FreeType vulnerability
==========================================================================
Ubuntu Security Notice USN-5453-1
May 30, 2022
freetype vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
FreeType could be made to crash if it opened a specially crafted file.
Software Description:
- freetype: FreeType 2 is a font engine library
Details:
It was discovered that FreeType incorrectly handled certain font files.
An attacker could possibly use this issue to cause a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
libfreetype6 2.6.1-0.1ubuntu2.5+esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5453-1
CVE-2022-27406
Ubuntu Security Notice USN-5453-1
May 30, 2022
freetype vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
FreeType could be made to crash if it opened a specially crafted file.
Software Description:
- freetype: FreeType 2 is a font engine library
Details:
It was discovered that FreeType incorrectly handled certain font files.
An attacker could possibly use this issue to cause a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
libfreetype6 2.6.1-0.1ubuntu2.5+esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5453-1
CVE-2022-27406
[USN-5452-1] NTFS-3G vulnerability
==========================================================================
Ubuntu Security Notice USN-5452-1
May 30, 2022
ntfs-3g vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
NTFS-3G could be made to crash or run programs if it opened a
specially crafted file.
Software Description:
- ntfs-3g: read/write NTFS driver for FUSE
Details:
It was discovered that NTFS-3G was incorrectly validating NTFS
metadata in its ntfsck tool by not performing boundary checks. A
local attacker could possibly use this issue to cause a denial of
service or to execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
ntfs-3g 1:2015.3.14AR.1-1ubuntu0.3+esm2
ntfs-3g-dev 1:2015.3.14AR.1-1ubuntu0.3+esm2
Ubuntu 14.04 ESM:
ntfs-3g 1:2013.1.13AR.1-2ubuntu2+esm2
ntfs-3g-dev 1:2013.1.13AR.1-2ubuntu2+esm2
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5452-1
CVE-2021-46790
Ubuntu Security Notice USN-5452-1
May 30, 2022
ntfs-3g vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
NTFS-3G could be made to crash or run programs if it opened a
specially crafted file.
Software Description:
- ntfs-3g: read/write NTFS driver for FUSE
Details:
It was discovered that NTFS-3G was incorrectly validating NTFS
metadata in its ntfsck tool by not performing boundary checks. A
local attacker could possibly use this issue to cause a denial of
service or to execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
ntfs-3g 1:2015.3.14AR.1-1ubuntu0.3+esm2
ntfs-3g-dev 1:2015.3.14AR.1-1ubuntu0.3+esm2
Ubuntu 14.04 ESM:
ntfs-3g 1:2013.1.13AR.1-2ubuntu2+esm2
ntfs-3g-dev 1:2013.1.13AR.1-2ubuntu2+esm2
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5452-1
CVE-2021-46790
[USN-5431-1] GnuPG vulnerability
-----BEGIN PGP PUBLIC KEY BLOCK-----
xsDNBGIl7V0BDAC+6Rrs/dA9eDfxCA5DutvqKqSxwodFEgiMxDLnR0OSrwlYgTFh
X+OChdT+L0AyBJsjfsrWByRCm/Eky6JE9QtnmDpusvrYwXmVm/Whe/0W+qJ6rzzU
sL0GkZoOUt2JhTdYcJ1o2A+J3RgXUuXUENMrpFhUwwpu7YOaMgCrno64C4wBgK55
KDUCd6i5bM26P4csLNjRO4+qJj4m3Hve/iJgpb510XI3aS4azY/Rm+iXGrlGMi9T
PGEDcsjoO3zT7v3l0EA5SEhpbXBHOGy94vRcMBYuUZqhwfa8Mi/h1uTtTHmT/+1f
7eWoO0tPssex6mWIodZo1epKIfjhbW63C571XIB0ZIuqfChj4k5dgthUqeJXpRDl
v3l2wd5HYzbGu3Ie37PodIeocnTa2C/o6PvN+wA4+BYWgZXCdCA5TqVrM+HCwzmF
Guc6ALYNklgpxas/4ZP6tcQxMgU8oBQ1+3Ufef46iP/jo9CvFRQ5JystLhHLfVpm
BgcILk2rYwwWjE0AEQEAAc1ARGF2aWQgRmVybmFuZGV6IEdvbnphbGV6IDxkYXZp
ZC5mZXJuYW5kZXpnb256YWxlekBjYW5vbmljYWwuY29tPsLBFAQTAQoAPhYhBIhm
zS6qttOZ5NIT3RltQSE48z9kBQJiJe1dAhsDBQkDwmcABQsJCAcDBRUKCQgLBRYC
AwEAAh4BAheAAAoJEBltQSE48z9kbG0MALnqt1PxxnNeDW11/d8nV66k/rweAfYT
TqzJ0ikuNDh94AdeuLCsOLfMk64d3KMyswD+i8CaFhkKv2kIlD/QzOku3PBUo4PP
+NxKWzCWYG3ZcGApgdhr+y7G59ZvuKxO0xxzbRIQmcnAl1qr6PvHpaSQJ/w1eKMl
GTVX5PvZNxVvg3TZ6NQhX1n2gIeqCYo4C9e9aIYCk8w4Gu6NyMiUBuy0ybMkz9JL
X4wEeRc2aGuWtSAnOayqTyDpleVy0qCH7tufh1ZL0gNFN8UJptivtmVSjNh5nPwU
x+a42iTjU3uVUGZ/UdtTOpruXHAX0zporXYXNFzZUG82Um7mYB8ETx1EribDG7TC
ktYEA+XBkfZ6JhGeeKMsLt5GmcfXB/+EoKUZjSsx94kqFNAQe6X4Y/158tZ8Gt3J
k2Aj/VBZK7lSbFjIB/jdf6ydhwLRIXsAlVx8i2NYa3SxLZMfKaet8LA/y+GNZxnj
GCdRT9eEJOZ62VETYwd+pAPW5BamUv8kW87AzQRiJe1dAQwAp0ywqyunvK5Iwn7T
x+tzixODvTgwMc+uNrH3o6+Ra6+Bn+YLmuuOwiScRb+sSErXoDz/LgLF0oIB2ZIs
Be+FT0m/eUY3xLiGF8L9DvrRSmePyiiml9rrd1wduuhg6hQw6/ef08WayVEzFWCF
63sqQk18ZKatP3WnOhSd0OT5xOXcW2//NJwFni+cjfnYuUMpVNodCwFQJtEeYSZz
zxVEJd4AtfM/ynGznPyYIsybt+fUhDvVEI+neWflpLk9jrJ1XIAhObEWkmgH9KQ3
5VGN7aLVBkxdbz2yCM4Auz8+DnDyksxuvZ3wcsM/eyIPFoBLrh3xNLOrERNqjPR3
MSnEGkt3+dkiQ5LbcvOpittix8Ycc6qdYYL6Gfy4Lfr/VZUWeGrGsVc79C+aqQUe
1dJkqGMTk9CRNaGxUlSyQ5ylcyoNlLusPGO/3zPGBIY7fOlqTVR7LFmfyxHcoCmg
EqXxhooeJn2PmTOY6E2Ap5ViYr8akucmO6GPJxHXqgW7qNDdABEBAAHCwPwEGAEK
ACYWIQSIZs0uqrbTmeTSE90ZbUEhOPM/ZAUCYiXtXQIbDAUJA8JnAAAKCRAZbUEh
OPM/ZODXDACkYliQ7r5w5IbBniu2axcW5j3PGd+G9Cm90oirsd9v35qRxErYXwbP
b79gBTMxHGgw+4mIz3F2mzzynZ11joW+0Zr8Vgr3BKSNBS5hz9NfcwkdiubkGsoj
jhruNUFtQqBNyQIJh9CfECXq2puYY7H6lu13bBNb49TY6XzyvOni2A5WntQqN+Ap
/RkxkLIGnBwi4p06OYs9Atda8IrMv0zXxlzRNEqk1cniNsSyRWHruVvN6nhVuvwF
sNM6z7F48B8tTh3iKludMPVL5YgGQeVtN3rXOwPCq3f9Y6G67eJxs7HhQYtuj7Gn
c3porYgLw2xOh6BOa6dWby0/adS79+FdycEtlNRKlrLMneEL2Sk1zrKVd0uF96yX
VOS0nAHllLod67uFgjT85P2MZWN7dPD6jAhv9rOq9cgOCKB+ulACePOpoXDFzgND
w5FGDbZtHYnLrJWyyqnas4ms4pnmJsnHAyDBWYS8a6j82D7NSx/7MrH6bAFl18zK
7/zNmhJ06VU=
=JWgW
-----END PGP PUBLIC KEY BLOCK-----
==========================================================================
Ubuntu Security Notice USN-5431-1
May 30, 2022
gnupg2 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
GnuPG could be made to stop responding.
Software Description:
- gnupg2: GNU privacy guard - a free PGP replacement
Details:
It was discovered that GnuPG was not properly processing keys
with large amounts of signatures. An attacker could possibly
use this issue to cause a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
gnupg 2.2.4-1ubuntu1.5
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5431-1
CVE-2019-13050
Package Information:
https://launchpad.net/ubuntu/+source/gnupg2/2.2.4-1ubuntu1.5
xsDNBGIl7V0BDAC+6Rrs/dA9eDfxCA5DutvqKqSxwodFEgiMxDLnR0OSrwlYgTFh
X+OChdT+L0AyBJsjfsrWByRCm/Eky6JE9QtnmDpusvrYwXmVm/Whe/0W+qJ6rzzU
sL0GkZoOUt2JhTdYcJ1o2A+J3RgXUuXUENMrpFhUwwpu7YOaMgCrno64C4wBgK55
KDUCd6i5bM26P4csLNjRO4+qJj4m3Hve/iJgpb510XI3aS4azY/Rm+iXGrlGMi9T
PGEDcsjoO3zT7v3l0EA5SEhpbXBHOGy94vRcMBYuUZqhwfa8Mi/h1uTtTHmT/+1f
7eWoO0tPssex6mWIodZo1epKIfjhbW63C571XIB0ZIuqfChj4k5dgthUqeJXpRDl
v3l2wd5HYzbGu3Ie37PodIeocnTa2C/o6PvN+wA4+BYWgZXCdCA5TqVrM+HCwzmF
Guc6ALYNklgpxas/4ZP6tcQxMgU8oBQ1+3Ufef46iP/jo9CvFRQ5JystLhHLfVpm
BgcILk2rYwwWjE0AEQEAAc1ARGF2aWQgRmVybmFuZGV6IEdvbnphbGV6IDxkYXZp
ZC5mZXJuYW5kZXpnb256YWxlekBjYW5vbmljYWwuY29tPsLBFAQTAQoAPhYhBIhm
zS6qttOZ5NIT3RltQSE48z9kBQJiJe1dAhsDBQkDwmcABQsJCAcDBRUKCQgLBRYC
AwEAAh4BAheAAAoJEBltQSE48z9kbG0MALnqt1PxxnNeDW11/d8nV66k/rweAfYT
TqzJ0ikuNDh94AdeuLCsOLfMk64d3KMyswD+i8CaFhkKv2kIlD/QzOku3PBUo4PP
+NxKWzCWYG3ZcGApgdhr+y7G59ZvuKxO0xxzbRIQmcnAl1qr6PvHpaSQJ/w1eKMl
GTVX5PvZNxVvg3TZ6NQhX1n2gIeqCYo4C9e9aIYCk8w4Gu6NyMiUBuy0ybMkz9JL
X4wEeRc2aGuWtSAnOayqTyDpleVy0qCH7tufh1ZL0gNFN8UJptivtmVSjNh5nPwU
x+a42iTjU3uVUGZ/UdtTOpruXHAX0zporXYXNFzZUG82Um7mYB8ETx1EribDG7TC
ktYEA+XBkfZ6JhGeeKMsLt5GmcfXB/+EoKUZjSsx94kqFNAQe6X4Y/158tZ8Gt3J
k2Aj/VBZK7lSbFjIB/jdf6ydhwLRIXsAlVx8i2NYa3SxLZMfKaet8LA/y+GNZxnj
GCdRT9eEJOZ62VETYwd+pAPW5BamUv8kW87AzQRiJe1dAQwAp0ywqyunvK5Iwn7T
x+tzixODvTgwMc+uNrH3o6+Ra6+Bn+YLmuuOwiScRb+sSErXoDz/LgLF0oIB2ZIs
Be+FT0m/eUY3xLiGF8L9DvrRSmePyiiml9rrd1wduuhg6hQw6/ef08WayVEzFWCF
63sqQk18ZKatP3WnOhSd0OT5xOXcW2//NJwFni+cjfnYuUMpVNodCwFQJtEeYSZz
zxVEJd4AtfM/ynGznPyYIsybt+fUhDvVEI+neWflpLk9jrJ1XIAhObEWkmgH9KQ3
5VGN7aLVBkxdbz2yCM4Auz8+DnDyksxuvZ3wcsM/eyIPFoBLrh3xNLOrERNqjPR3
MSnEGkt3+dkiQ5LbcvOpittix8Ycc6qdYYL6Gfy4Lfr/VZUWeGrGsVc79C+aqQUe
1dJkqGMTk9CRNaGxUlSyQ5ylcyoNlLusPGO/3zPGBIY7fOlqTVR7LFmfyxHcoCmg
EqXxhooeJn2PmTOY6E2Ap5ViYr8akucmO6GPJxHXqgW7qNDdABEBAAHCwPwEGAEK
ACYWIQSIZs0uqrbTmeTSE90ZbUEhOPM/ZAUCYiXtXQIbDAUJA8JnAAAKCRAZbUEh
OPM/ZODXDACkYliQ7r5w5IbBniu2axcW5j3PGd+G9Cm90oirsd9v35qRxErYXwbP
b79gBTMxHGgw+4mIz3F2mzzynZ11joW+0Zr8Vgr3BKSNBS5hz9NfcwkdiubkGsoj
jhruNUFtQqBNyQIJh9CfECXq2puYY7H6lu13bBNb49TY6XzyvOni2A5WntQqN+Ap
/RkxkLIGnBwi4p06OYs9Atda8IrMv0zXxlzRNEqk1cniNsSyRWHruVvN6nhVuvwF
sNM6z7F48B8tTh3iKludMPVL5YgGQeVtN3rXOwPCq3f9Y6G67eJxs7HhQYtuj7Gn
c3porYgLw2xOh6BOa6dWby0/adS79+FdycEtlNRKlrLMneEL2Sk1zrKVd0uF96yX
VOS0nAHllLod67uFgjT85P2MZWN7dPD6jAhv9rOq9cgOCKB+ulACePOpoXDFzgND
w5FGDbZtHYnLrJWyyqnas4ms4pnmJsnHAyDBWYS8a6j82D7NSx/7MrH6bAFl18zK
7/zNmhJ06VU=
=JWgW
-----END PGP PUBLIC KEY BLOCK-----
==========================================================================
Ubuntu Security Notice USN-5431-1
May 30, 2022
gnupg2 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
GnuPG could be made to stop responding.
Software Description:
- gnupg2: GNU privacy guard - a free PGP replacement
Details:
It was discovered that GnuPG was not properly processing keys
with large amounts of signatures. An attacker could possibly
use this issue to cause a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
gnupg 2.2.4-1ubuntu1.5
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5431-1
CVE-2019-13050
Package Information:
https://launchpad.net/ubuntu/+source/gnupg2/2.2.4-1ubuntu1.5
Orphaned packages looking for new maintainers
The following packages are orphaned and will be retired when they
are orphaned for six weeks, unless someone adopts them. If you know for sure
that the package should be retired, please do so now with a proper reason:
https://fedoraproject.org/wiki/How_to_remove_a_package_at_end_of_life
Note: If you received this mail directly you (co)maintain one of the affected
packages or a package that depends on one. Please adopt the affected package or
retire your depending package to avoid broken dependencies, otherwise your
package will fail to install and/or build when the affected package gets retired.
Request package ownership via the *Take* button in he left column on
https://src.fedoraproject.org/rpms/<pkgname>
Full report available at:
https://churchyard.fedorapeople.org/orphans-2022-05-30.txt
grep it for your FAS username and follow the dependency chain.
For human readable dependency chains,
see https://packager-dashboard.fedoraproject.org/
For all orphaned packages,
see https://packager-dashboard.fedoraproject.org/orphan
Package (co)maintainers Status Change
================================================================================
caffeine hhorak, orphan 4 weeks ago
compile-command-annotations hhorak, orphan 4 weeks ago
garmintools orphan 2 weeks ago
golang-github-10gen-escaper go-sig, orphan, panovotn 3 weeks ago
golang-github-3rf-mongo-lint go-sig, jchaloup, orphan, 3 weeks ago
panovotn
golang-github-jacobsa- go-sig, jchaloup, orphan 3 weeks ago
oglematchers
golang-github-spacemonkeygo- go-sig, orphan 3 weeks ago
openssl
golang-github-xdg-stringprep go-sig, orphan 3 weeks ago
jsoup mizdebsk, orphan 5 weeks ago
kup orphan 2 weeks ago
libcsv orphan 1 weeks ago
libnjb orphan 2 weeks ago
librcc orphan 1 weeks ago
perl-Judy orphan 1 weeks ago
perl-Log-Log4perl-Appender- orphan 1 weeks ago
Socket-UNIX
perl-PerlIO-buffersize orphan 1 weeks ago
python-readthedocs-sphinx-ext jjames, orphan, python-sig 5 weeks ago
python-repoze-lru infra-sig, jcaratzas, orphan 0 weeks ago
rust-image-roll orphan, rust-sig 5 weeks ago
unittest-cpp hobbes1069, kazade, orphan, 0 weeks ago
raphgro
The following packages require above mentioned packages:
Depending on: garmintools (1), status change: 2022-05-09 (2 weeks ago)
GarminPlugin (maintained by: besser82)
GarminPlugin-0.3.27-16.fc36.src requires garmintools-devel = 0.10-21.fc36
GarminPlugin-0.3.27-16.fc36.x86_64 requires garmintools(x86-64) =
0.10-21.fc36, libgarmintools.so.4()(64bit)
Depending on: golang-github-xdg-stringprep (21), status change: 2022-05-06 (3
weeks ago)
golang-github-xdg-scram (maintained by: eclipseo, go-sig)
golang-github-xdg-scram-0-0.7.20190623git7eeb566.fc36.src requires
golang(github.com/xdg/stringprep) = 1.0.0-7.fc36
golang-github-xdg-scram-devel-0-0.7.20190623git7eeb566.fc36.noarch requires
golang(github.com/xdg/stringprep) = 1.0.0-7.fc36
golang-mongodb-mongo-driver (maintained by: eclipseo, go-sig)
golang-mongodb-mongo-driver-1.4.5-5.fc37.src requires
golang(github.com/xdg/scram) = 0-0.7.20190623git7eeb566.fc36,
golang(github.com/xdg/stringprep) = 1.0.0-7.fc36
golang-mongodb-mongo-driver-devel-1.4.5-5.fc37.noarch requires
golang(github.com/xdg/scram) = 0-0.7.20190623git7eeb566.fc36,
golang(github.com/xdg/stringprep) = 1.0.0-7.fc36
golang-github-segmentio-kafka (maintained by: eclipseo, go-sig)
golang-github-segmentio-kafka-0.4.8-4.fc36.src requires
golang(github.com/xdg/scram) = 0-0.7.20190623git7eeb566.fc36,
golang(go.mongodb.org/mongo-driver/mongo) = 1.4.5-5.fc37
golang-github-segmentio-kafka-devel-0.4.8-4.fc36.noarch requires
golang(github.com/xdg/scram) = 0-0.7.20190623git7eeb566.fc36
golang-github-shopify-sarama (maintained by: eclipseo, go-sig)
golang-github-shopify-sarama-1.27.2-4.fc36.src requires
golang(github.com/xdg/scram) = 0-0.7.20190623git7eeb566.fc36
golang-github-openapi-strfmt (maintained by: eclipseo, go-sig)
golang-github-openapi-strfmt-0.19.11-4.fc36.src requires
golang(go.mongodb.org/mongo-driver/bson) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/bson/bsontype) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/bson/primitive) = 1.4.5-5.fc37
golang-github-openapi-strfmt-devel-0.19.11-4.fc36.noarch requires
golang(go.mongodb.org/mongo-driver/bson) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/bson/bsontype) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/bson/primitive) = 1.4.5-5.fc37
golang-github-tonistiigi-opentelemetry-contrib (maintained by: eclipseo)
golang-github-tonistiigi-opentelemetry-contrib-0.21.0-6.20220207git9a56be1.fc37.src
requires golang(github.com/Shopify/sarama) = 1.27.2-4.fc36,
golang(github.com/Shopify/sarama/mocks) = 1.27.2-4.fc36,
golang(go.mongodb.org/mongo-driver/bson) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/bson/bsontype) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/event) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/mongo) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/mongo/options) = 1.4.5-5.fc37
golang-github-tonistiigi-opentelemetry-contrib-devel-0.21.0-6.20220207git9a56be1.fc37.noarch
requires golang(github.com/Shopify/sarama) = 1.27.2-4.fc36,
golang(go.mongodb.org/mongo-driver/bson) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/bson/bsontype) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/event) = 1.4.5-5.fc37
golang-gocloud (maintained by: eclipseo, go-sig)
golang-gocloud-0.24.0-1.fc36~bootstrap.src requires
golang(github.com/Shopify/sarama) = 1.27.2-4.fc36,
golang(go.mongodb.org/mongo-driver/bson) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/bson/primitive) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/mongo) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/mongo/options) = 1.4.5-5.fc37
golang-gocloud-devel-0.24.0-1.fc36~bootstrap.noarch requires
golang(github.com/Shopify/sarama) = 1.27.2-4.fc36,
golang(go.mongodb.org/mongo-driver/bson) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/bson/primitive) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/mongo) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/mongo/options) = 1.4.5-5.fc37
golang-opentelemetry-contrib-0.20 (maintained by: eclipseo)
golang-opentelemetry-contrib-0.20-0.20.0-4.fc37.src requires
golang(github.com/Shopify/sarama) = 1.27.2-4.fc36,
golang(github.com/Shopify/sarama/mocks) = 1.27.2-4.fc36,
golang(go.mongodb.org/mongo-driver/bson) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/event) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/mongo) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/mongo/options) = 1.4.5-5.fc37
golang-opentelemetry-contrib-0.20-devel-0.20.0-4.fc37.noarch requires
golang(github.com/Shopify/sarama) = 1.27.2-4.fc36,
golang(go.mongodb.org/mongo-driver/bson) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/event) = 1.4.5-5.fc37
golang-opentelemetry-contrib (maintained by: eclipseo, go-sig)
golang-opentelemetry-contrib-devel-1.3.0-2.fc36.noarch requires
golang(github.com/Shopify/sarama) = 1.27.2-4.fc36,
golang(go.mongodb.org/mongo-driver/bson) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/bson/bsontype) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/event) = 1.4.5-5.fc37
golang-github-influxdata-flux (maintained by: eclipseo, go-sig)
golang-github-influxdata-flux-0.100.1-4.fc36.src requires
golang(github.com/segmentio/kafka-go) = 0.4.8-4.fc36
golang-github-influxdata-flux-devel-0.100.1-4.fc36.noarch requires
golang(github.com/segmentio/kafka-go) = 0.4.8-4.fc36
cadvisor (maintained by: eparis, go-sig, jchaloup, lsm5)
cadvisor-0.40.0-3.fc36.src requires golang(github.com/Shopify/sarama) =
1.27.2-4.fc36
golang-github-google-cadvisor-devel-0.40.0-3.fc36.noarch requires
golang(github.com/Shopify/sarama) = 1.27.2-4.fc36
golang-github-cockroachdb-cockroach (maintained by: eclipseo, go-sig)
golang-github-cockroachdb-cockroach-20.2.3-5.fc36.src requires
golang(github.com/Shopify/sarama) = 1.27.2-4.fc36
golang-github-cockroachdb-cockroach-devel-20.2.3-5.fc36.noarch requires
golang(github.com/Shopify/sarama) = 1.27.2-4.fc36
golang-github-openzipkin-zipkin (maintained by: eclipseo, go-sig, jchaloup)
golang-github-openzipkin-zipkin-0.2.5-4.fc36.src requires
golang(github.com/Shopify/sarama) = 1.27.2-4.fc36
golang-github-openzipkin-zipkin-devel-0.2.5-4.fc36.noarch requires
golang(github.com/Shopify/sarama) = 1.27.2-4.fc36
golang-github-haproxytech-client-native (maintained by: bdperkin, go-sig)
golang-github-haproxytech-client-native-2.5.3-2.fc37.src requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-haproxytech-client-native-devel-2.5.3-2.fc37.noarch requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-haproxytech-dataplaneapi (maintained by: bdperkin, go-sig)
golang-github-haproxytech-dataplaneapi-2.4.4-3.fc37.src requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-haproxytech-dataplaneapi-devel-2.4.4-3.fc37.noarch requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-haproxytech-models (maintained by: bdperkin, go-sig)
golang-github-haproxytech-models-2.2.0-4.fc36.src requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-haproxytech-models-devel-2.2.0-4.fc36.noarch requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-openapi-analysis (maintained by: eclipseo, go-sig)
golang-github-openapi-analysis-0.19.16-4.fc36~bootstrap.src requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-openapi-analysis-devel-0.19.16-4.fc36~bootstrap.noarch requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-openapi-runtime (maintained by: eclipseo, go-sig)
golang-github-openapi-runtime-0.19.31-2.fc36.src requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-openapi-runtime-devel-0.19.31-2.fc36.noarch requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-openapi-runtime-middleware-devel-0.19.31-2.fc36.noarch requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-openapi-validate (maintained by: eclipseo, go-sig)
golang-github-openapi-validate-0.20.1-4.fc36.src requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-openapi-validate-devel-0.20.1-4.fc36.noarch requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-prometheus (maintained by: eclipseo, go-sig)
golang-github-prometheus-2.32.1-4.fc37.src requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-prometheus-devel-2.32.1-4.fc37.noarch requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-prometheus-alertmanager (maintained by: eclipseo, go-sig)
golang-github-prometheus-alertmanager-0.23.0-8.fc37.src requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-prometheus-alertmanager-devel-0.23.0-8.fc37.noarch requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
Too many dependencies for golang-github-xdg-stringprep, not all listed here
Depending on: libcsv (1), status change: 2022-05-17 (1 weeks ago)
tellico (maintained by: alexlan, jamatos)
tellico-3.4.4-3.fc37.src requires libcsv-devel = 3.0.3-17.fc36
tellico-3.4.4-3.fc37.x86_64 requires libcsv.so.3()(64bit)
Depending on: python-readthedocs-sphinx-ext (2), status change: 2022-04-20 (5
weeks ago)
jpype (maintained by: raphgro)
jpype-1.3.0-2.fc36.src requires python3-readthedocs-sphinx-ext = 2.1.5-1.fc37
python-jaydebeapi (maintained by: kubo)
python3-jaydebeapi-1.2.3-6.fc36.noarch requires python3-jpype = 1.3.0-2.fc36,
python3.10dist(jpype1) = 1.3
Depending on: python-repoze-lru (47), status change: 2022-05-25 (0 weeks ago)
python-routes (maintained by: jcaratzas, kylev, mrunge, openstack-sig, python-sig)
python-routes-2.5.1-2.fc36.src requires python3dist(repoze-lru) = 0.7
python3-routes-2.5.1-2.fc36.noarch requires python3.10dist(repoze-lru) = 0.7
TurboGears2 (maintained by: cverna, ondrejj)
python3-TurboGears2-2.4.3-8.fc36.noarch requires python3-repoze-lru =
0.7-13.fc36, python3.10dist(repoze-lru) = 0.7
ceph (maintained by: branto, dmick, kkeithle, ktdreyer)
ceph-mgr-dashboard-2:17.2.0-5.fc37.noarch requires python3-routes = 2.5.1-2.fc36
zuul (maintained by: fbo, openstack-sig, zuul)
zuul-3.19.1-5.fc36.noarch requires python3.10dist(routes) = 2.5.1
zuul-3.19.1-5.fc36.src requires python3-routes = 2.5.1-2.fc36
samba (maintained by: abbra, anoopcs, asn, gd, iboukris, jarrpa, jlayton,
jstephen, obnox, pfilipen, simo)
ctdb-ceph-mutex-2:4.16.1-5.fc37.x86_64 requires librados.so.2()(64bit)
samba-vfs-cephfs-2:4.16.1-5.fc37.x86_64 requires libcephfs.so.2()(64bit)
fio (maintained by: sandeen)
fio-engine-rados-3.30-1.fc37.x86_64 requires librados.so.2()(64bit)
fio-engine-rbd-3.30-1.fc37.x86_64 requires librados.so.2()(64bit),
librbd.so.1()(64bit)
golang-github-ceph (maintained by: eclipseo, go-sig)
golang-github-ceph-0.7.0-3.fc35.src requires libcephfs-devel =
2:17.2.0-5.fc37, librados-devel = 2:17.2.0-5.fc37, librbd-devel = 2:17.2.0-5.fc37
golang-github-ceph-devel-0.7.0-3.fc35.noarch requires libcephfs-devel =
2:17.2.0-5.fc37, librados-devel = 2:17.2.0-5.fc37, librbd-devel = 2:17.2.0-5.fc37
libvirt (maintained by: berrange, clalance, crobinso, jforbes, laine,
libvirt-maint, osier, veillard, virtmaint-sig)
libvirt-daemon-driver-storage-rbd-8.3.0-1.fc37.x86_64 requires
librados.so.2()(64bit), librados.so.2(LIBRADOS_14.2.0)(64bit), librbd.so.1()(64bit)
nfs-ganesha (maintained by: dang, devos, kkeithle)
nfs-ganesha-ceph-4.0-5.fc37.x86_64 requires libcephfs.so.2()(64bit)
nfs-ganesha-rados-grace-4.0-5.fc37.x86_64 requires librados.so.2()(64bit)
nfs-ganesha-rados-urls-4.0-5.fc37.x86_64 requires librados.so.2()(64bit)
nfs-ganesha-rgw-4.0-5.fc37.x86_64 requires librgw.so.2()(64bit)
nfs-ganesha-4.0-5.fc37.i686 requires libwbclient.so.0,
libwbclient.so.0(WBCLIENT_0.9)
nfs-ganesha-4.0-5.fc37.src requires libwbclient-devel = 2:4.16.1-5.fc37
nfs-ganesha-4.0-5.fc37.x86_64 requires libwbclient.so.0()(64bit),
libwbclient.so.0(WBCLIENT_0.9)(64bit)
python-cradox (maintained by: jpena)
python-cradox-2.1.0-15.fc36.src requires librados2-devel = 2:17.2.0-5.fc37
python3-cradox-2.1.0-15.fc36.x86_64 requires librados.so.2()(64bit),
librados.so.2(LIBRADOS_14.2.0)(64bit)
qemu (maintained by: berrange, bonzini, crobinso, dwmw2, ehabkost, jforbes,
lkundrak, quintela, rjones, virtmaint-sig)
qemu-block-rbd-2:7.0.0-3.fc37.x86_64 requires librados.so.2()(64bit),
librbd.so.1()(64bit)
scsi-target-utils (maintained by: grover, michaelc, mlombard, terjeros)
scsi-target-utils-rbd-1.0.79-5.fc36.x86_64 requires librados.so.2()(64bit),
librbd.so.1()(64bit)
tcmu-runner (maintained by: mlombard)
tcmu-runner-1.5.4-4.fc36.src requires librbd-devel = 2:17.2.0-5.fc37
tcmu-runner-1.5.4-4.fc36.x86_64 requires librbd.so.1()(64bit)
xrootd (maintained by: ellert, simonm)
xrootd-ceph-1:5.4.2-3.fc37.x86_64 requires librados.so.2()(64bit),
librados.so.2(LIBRADOS_14.2.0)(64bit), libradosstriper.so.1()(64bit)
BackupPC (maintained by: hobbes1069)
BackupPC-4.4.0-6.fc36.x86_64 requires samba-client = 2:4.16.1-5.fc37
amanda (maintained by: jridky, pcahyna, tibbs)
amanda-3.5.1-33.fc36.src requires samba-client = 2:4.16.1-5.fc37
caja-extensions (maintained by: raveit65)
caja-share-1.26.0-3.fc36.x86_64 requires samba = 2:4.16.1-5.fc37
cifs-utils (maintained by: abbra, jlayton, ronniesahlberg, simo, sprabhu)
cifs-utils-6.15-1.fc37.src requires libwbclient-devel = 2:4.16.1-5.fc37
cifs-utils-6.15-1.fc37.x86_64 requires libwbclient.so.0()(64bit),
libwbclient.so.0(WBCLIENT_0.9)(64bit)
deepin-file-manager (maintained by: cheeselee, deepinde-sig, mosquito, zsun)
deepin-file-manager-5.5.10-3.fc37.i686 requires samba = 2:4.16.1-5.fc37
deepin-file-manager-5.5.10-3.fc37.x86_64 requires samba = 2:4.16.1-5.fc37
evolution-mapi (maintained by: asn, mbarnes, mcrha)
evolution-mapi-3.44.2-1.fc37.x86_64 requires libndr.so.2()(64bit),
libndr.so.2(NDR_0.0.1)(64bit), libsamba-util.so.0()(64bit),
libsamba-util.so.0(SAMBA_UTIL_0.0.1)(64bit)
ffmpeg (maintained by: asn, ngompa, rathann)
ffmpeg-5.0.1-8.fc37.src requires pkgconfig(smbclient) = 0.7.0
libavformat-free-5.0.1-8.fc37.i686 requires libsmbclient.so.0,
libsmbclient.so.0(SMBCLIENT_0.1.0)
libavformat-free-5.0.1-8.fc37.x86_64 requires libsmbclient.so.0()(64bit),
libsmbclient.so.0(SMBCLIENT_0.1.0)(64bit)
fleet-commander-admin (maintained by: ogutierrez)
fleet-commander-admin-0.16.0-1.fc37.noarch requires python3-samba =
2:4.16.1-5.fc37
fleet-commander-admin-0.16.0-1.fc37.src requires python3-samba = 2:4.16.1-5.fc37
fleet-commander-client (maintained by: ogutierrez)
fleet-commander-client-0.15.0-11.fc36.noarch requires python3-samba =
2:4.16.1-5.fc37
freeipa (maintained by: abbra, ipa-maint, jhrozek, mkosek, pvoborni, rcritten,
simo, twoerner)
freeipa-client-samba-4.9.9-1.fc37.x86_64 requires python3-samba =
2:4.16.1-5.fc37, samba = 2:4.16.1-5.fc37, samba-client = 2:4.16.1-5.fc37,
samba-common-tools = 2:4.16.1-5.fc37, samba-winbind = 2:4.16.1-5.fc37
freeipa-server-4.9.9-1.fc37.x86_64 requires libndr-krb5pac.so.0()(64bit),
libndr-krb5pac.so.0(NDR_KRB5PAC_0.0.1)(64bit), libndr-standard.so.0()(64bit),
libndr.so.2()(64bit), libndr.so.2(NDR_0.0.1)(64bit),
libsamba-errors.so.1()(64bit), libsamba-errors.so.1(SAMBA_ERRORS_1)(64bit),
libsamba-util.so.0()(64bit), libsamba-util.so.0(SAMBA_UTIL_0.0.1)(64bit),
samba-client-libs = 2:4.16.1-5.fc37
freeipa-server-trust-ad-4.9.9-1.fc37.x86_64 requires
libndr-nbt.so.0()(64bit), libndr-nbt.so.0(NDR_NBT_0.0.1)(64bit),
libndr.so.2()(64bit), libndr.so.2(NDR_0.0.1)(64bit),
libsamba-passdb.so.0()(64bit), libsamba-passdb.so.0(SAMBA_PASSDB_0.2.0)(64bit),
libsamba-util.so.0()(64bit), libsamba-util.so.0(SAMBA_UTIL_0.0.1)(64bit),
libsmbconf.so.0()(64bit), libsmbconf.so.0(SMBCONF_0)(64bit),
libsmbldap.so.2()(64bit), libsmbldap.so.2(SMBLDAP_0)(64bit),
libsmbldap.so.2(SMBLDAP_1)(64bit), libsmbldap.so.2(SMBLDAP_2)(64bit),
python3-samba = 2:4.16.1-5.fc37, samba = 2:4.16.1-5.fc37, samba-winbind =
2:4.16.1-5.fc37
gnome-control-center (maintained by: gnome-sig, pwalter)
gnome-control-center-42.2-1.fc37.src requires pkgconfig(smbclient) = 0.7.0
gnome-control-center-42.2-1.fc37.x86_64 requires libsmbclient.so.0()(64bit),
libsmbclient.so.0(SMBCLIENT_0.1.0)(64bit)
gnome-vfs2 (maintained by: alexl, caillon, caolanm, gnome-sig, limb, mbarnes,
rhughes, rstrode, ssp)
gnome-vfs2-2.24.4-38.fc36.src requires libsmbclient-devel = 2:4.16.1-5.fc37
gnome-vfs2-smb-2.24.4-38.fc36.x86_64 requires libsmbclient.so.0()(64bit),
libsmbclient.so.0(SMBCLIENT_0.1.0)(64bit)
gssntlmssp (maintained by: simo)
gssntlmssp-1.1.0-1.fc37.src requires pkgconfig(wbclient) = 0.15
gssntlmssp-1.1.0-1.fc37.x86_64 requires libwbclient.so.0()(64bit),
libwbclient.so.0(WBCLIENT_0.12)(64bit), libwbclient.so.0(WBCLIENT_0.9)(64bit)
gvfs (maintained by: alexl, oholy)
gvfs-1.50.2-1.fc37.src requires libsmbclient-devel = 2:4.16.1-5.fc37
gvfs-smb-1.50.2-1.fc37.x86_64 requires libsmbclient.so.0()(64bit),
libsmbclient.so.0(SMBCLIENT_0.1.0)(64bit),
libsmbclient.so.0(SMBCLIENT_0.5.0)(64bit),
libsmbclient.so.0(SMBCLIENT_0.6.0)(64bit)
kde-print-manager (maintained by: jreznik, kde-sig, rdieter, than)
kde-print-manager-22.04.1-1.fc37.src requires samba-client = 2:4.16.1-5.fc37
kdebase3 (maintained by: jreznik, kkofler, rdieter, than)
kdebase3-3.5.10-71.fc36.src requires libsmbclient-devel = 2:4.16.1-5.fc37
kdebase3-3.5.10-71.fc36.x86_64 requires libsmbclient.so.0()(64bit),
libsmbclient.so.0(SMBCLIENT_0.1.0)(64bit)
kio-extras (maintained by: kde-sig, rdieter)
kio-extras-22.04.1-1.fc37.i686 requires libsmbclient.so.0,
libsmbclient.so.0(SMBCLIENT_0.1.0), libsmbclient.so.0(SMBCLIENT_0.2.3),
libsmbclient.so.0(SMBCLIENT_0.6.0)
kio-extras-22.04.1-1.fc37.src requires libsmbclient-devel = 2:4.16.1-5.fc37
kio-extras-22.04.1-1.fc37.x86_64 requires libsmbclient.so.0()(64bit),
libsmbclient.so.0(SMBCLIENT_0.1.0)(64bit),
libsmbclient.so.0(SMBCLIENT_0.2.3)(64bit),
libsmbclient.so.0(SMBCLIENT_0.6.0)(64bit)
libsoup (maintained by: alexl, caillon, caolanm, danw, gnome-sig, mbarnes,
mcrha, rhughes, rstrode, ssp, tpopela)
libsoup-2.74.2-2.fc36.src requires /usr/bin/ntlm_auth
libsoup3 (maintained by: gnome-sig, limb, mcrha)
libsoup3-3.0.6-2.fc37.src requires /usr/bin/ntlm_auth
mod_auth_ntlm_winbind (maintained by: buc)
mod_auth_ntlm_winbind-0.0.0-0.32.20070129svn713.fc36.x86_64 requires
samba-common = 2:4.16.1-5.fc37
nagios-plugins (maintained by: ignatenkobrain, nb, smooge, swilkerson, tartina)
nagios-plugins-2.4.0-6.fc37.src requires samba-client = 2:4.16.1-5.fc37
nagios-plugins-disk_smb-2.4.0-6.fc37.x86_64 requires /usr/bin/smbclient
ncid (maintained by: jlcjohn, moceap, sandeen)
ncid-samba-1.13-3.fc37.noarch requires samba-client = 2:4.16.1-5.fc37
nmbscan (maintained by: fab, lystor, rebus)
nmbscan-1.2.6-23.fc36.noarch requires samba-client = 2:4.16.1-5.fc37
openchange (maintained by: asn, gd, mbarnes, mcrha, simo)
openchange-2.3-40.fc36.i686 requires libdcerpc-binding.so.0,
libdcerpc-binding.so.0(DCERPC_BINDING_0.0.1), libdcerpc.so.0,
libdcerpc.so.0(DCERPC_0.0.1), libndr-standard.so.0,
libndr-standard.so.0(NDR_STANDARD_0.0.1), libndr.so.2, libndr.so.2(NDR_0.0.1),
libndr.so.2(NDR_0.0.6), libndr.so.2(NDR_0.2.0), libndr.so.2(NDR_1.0.0),
libndr.so.2(NDR_2.0.0), libsamba-credentials.so.1,
libsamba-credentials.so.1(SAMBA_CREDENTIALS_1.0.0), libsamba-hostconfig.so.0,
libsamba-hostconfig.so.0(SAMBA_HOSTCONFIG_0.0.1), libsamba-util.so.0,
libsamba-util.so.0(SAMBA_UTIL_0.0.1)
openchange-2.3-40.fc36.src requires samba-common = 2:4.16.1-5.fc37,
samba-devel = 2:4.16.1-5.fc37, samba-libs = 2:4.16.1-5.fc37, samba-pidl =
2:4.16.1-5.fc37
openchange-2.3-40.fc36.x86_64 requires libdcerpc-binding.so.0()(64bit),
libdcerpc-binding.so.0(DCERPC_BINDING_0.0.1)(64bit), libdcerpc.so.0()(64bit),
libdcerpc.so.0(DCERPC_0.0.1)(64bit), libndr-standard.so.0()(64bit),
libndr-standard.so.0(NDR_STANDARD_0.0.1)(64bit), libndr.so.2()(64bit),
libndr.so.2(NDR_0.0.1)(64bit), libndr.so.2(NDR_0.0.6)(64bit),
libndr.so.2(NDR_0.2.0)(64bit), libndr.so.2(NDR_1.0.0)(64bit),
libndr.so.2(NDR_2.0.0)(64bit), libsamba-credentials.so.1()(64bit),
libsamba-credentials.so.1(SAMBA_CREDENTIALS_1.0.0)(64bit),
libsamba-hostconfig.so.0()(64bit),
libsamba-hostconfig.so.0(SAMBA_HOSTCONFIG_0.0.1)(64bit),
libsamba-util.so.0()(64bit), libsamba-util.so.0(SAMBA_UTIL_0.0.1)(64bit)
openchange-client-2.3-40.fc36.x86_64 requires
libdcerpc-binding.so.0()(64bit), libdcerpc.so.0()(64bit), libndr.so.2()(64bit),
libndr.so.2(NDR_0.0.1)(64bit), libsamba-credentials.so.1()(64bit),
libsamba-hostconfig.so.0()(64bit), libsamba-util.so.0()(64bit),
libsamba-util.so.0(SAMBA_UTIL_0.0.1)(64bit)
openchange-devel-2.3-40.fc36.i686 requires pkgconfig(dcerpc) = 0.0.1,
pkgconfig(dcerpc_samr) = 0.0.1, pkgconfig(ndr) = 2.0.0,
pkgconfig(samba-hostconfig) = 0.0.1
openchange-devel-2.3-40.fc36.x86_64 requires pkgconfig(dcerpc) = 0.0.1,
pkgconfig(dcerpc_samr) = 0.0.1, pkgconfig(ndr) = 2.0.0,
pkgconfig(samba-hostconfig) = 0.0.1
php-icewind-smb2 (maintained by: remi)
php-icewind-smb2-2.0.7-7.fc36.noarch requires /usr/bin/smbclient
php-smbclient (maintained by: remi)
php-smbclient-1.0.6-5.fc36.src requires libsmbclient-devel = 2:4.16.1-5.fc37
php-smbclient-1.0.6-5.fc36.x86_64 requires libsmbclient.so.0()(64bit),
libsmbclient.so.0(SMBCLIENT_0.1.0)(64bit),
libsmbclient.so.0(SMBCLIENT_0.2.0)(64bit),
libsmbclient.so.0(SMBCLIENT_0.5.0)(64bit)
python-smbc (maintained by: twaugh, zdohnal)
python-smbc-1.0.23-5.fc36.src requires libsmbclient-devel = 2:4.16.1-5.fc37
python3-smbc-1.0.23-5.fc36.x86_64 requires libsmbclient.so.0()(64bit),
libsmbclient.so.0(SMBCLIENT_0.1.0)(64bit),
libsmbclient.so.0(SMBCLIENT_0.5.0)(64bit)
realmd (maintained by: sbose, stefw)
realmd-0.17.0-10.fc37.src requires samba-common-tools = 2:4.16.1-5.fc37
smb4k (maintained by: heliocastro, rdieter, sergiomb)
smb4k-3.1.2-1.fc37.i686 requires libsmbclient.so.0,
libsmbclient.so.0(SMBCLIENT_0.1.0), libsmbclient.so.0(SMBCLIENT_0.5.0),
samba-client = 2:4.16.1-5.fc37
smb4k-3.1.2-1.fc37.src requires libsmbclient-devel = 2:4.16.1-5.fc37
smb4k-3.1.2-1.fc37.x86_64 requires libsmbclient.so.0()(64bit),
libsmbclient.so.0(SMBCLIENT_0.1.0)(64bit),
libsmbclient.so.0(SMBCLIENT_0.5.0)(64bit), samba-client = 2:4.16.1-5.fc37
sssd (maintained by: abbra, asn, atikhonov, jhrozek, lslebodn, mzidek, nalin,
pbrezina, sbose, sgallagh, simo, sssd-maintainers)
sssd-2.7.0-1.fc37.src requires libsmbclient-devel = 2:4.16.1-5.fc37,
samba-devel = 2:4.16.1-5.fc37, samba-winbind = 2:4.16.1-5.fc37
sssd-ad-2.7.0-1.fc37.x86_64 requires libndr-krb5pac.so.0()(64bit),
libndr-krb5pac.so.0(NDR_KRB5PAC_0.0.1)(64bit), libndr-nbt.so.0()(64bit),
libndr-nbt.so.0(NDR_NBT_0.0.1)(64bit), libndr-standard.so.0()(64bit),
libndr.so.2()(64bit), libndr.so.2(NDR_0.0.1)(64bit),
libndr.so.2(NDR_0.0.6)(64bit), libndr.so.2(NDR_1.0.0)(64bit),
libsamba-util.so.0()(64bit), libsmbclient.so.0()(64bit),
libsmbclient.so.0(SMBCLIENT_0.1.0)(64bit), samba-client-libs = 2:4.16.1-5.fc37
sssd-common-pac-2.7.0-1.fc37.x86_64 requires libndr-krb5pac.so.0()(64bit),
libndr-krb5pac.so.0(NDR_KRB5PAC_0.0.1)(64bit), libndr.so.2()(64bit),
libndr.so.2(NDR_0.0.1)(64bit)
sssd-ipa-2.7.0-1.fc37.x86_64 requires libndr-krb5pac.so.0()(64bit),
libndr-krb5pac.so.0(NDR_KRB5PAC_0.0.1)(64bit), libndr-nbt.so.0()(64bit),
libndr-nbt.so.0(NDR_NBT_0.0.1)(64bit), libndr-standard.so.0()(64bit),
libndr.so.2()(64bit), libndr.so.2(NDR_0.0.1)(64bit),
libsamba-util.so.0()(64bit), samba-client-libs = 2:4.16.1-5.fc37
wcm (maintained by: nalimilan, tieugene)
wcm-0.20.0-19.fc36.src requires pkgconfig(smbclient) = 0.7.0
wcm-0.20.0-19.fc36.x86_64 requires libsmbclient.so.0()(64bit),
libsmbclient.so.0(SMBCLIENT_0.1.0)(64bit)
wine (maintained by: besser82, mooninite)
wine-7.9-1.fc37.i686 requires /usr/bin/ntlm_auth
wine-7.9-1.fc37.x86_64 requires /usr/bin/ntlm_auth
xmms2 (maintained by: spot, thomasj)
xmms2-0.8-80.fc36.src requires libsmbclient-devel = 2:4.16.1-5.fc37
Too many dependencies for python-repoze-lru, not all listed here
See dependency chains of your packages at
https://packager-dashboard.fedoraproject.org/
See all orphaned packages at https://packager-dashboard.fedoraproject.org/orphan
Affected (co)maintainers (either directly or via packages' dependencies):
abbra: python-repoze-lru
alexl: python-repoze-lru
alexlan: libcsv
anoopcs: python-repoze-lru
asn: python-repoze-lru
atikhonov: python-repoze-lru
bdperkin: golang-github-xdg-stringprep
berrange: python-repoze-lru
besser82: python-repoze-lru, garmintools
bonzini: python-repoze-lru
branto: python-repoze-lru
buc: python-repoze-lru
caillon: python-repoze-lru
caolanm: python-repoze-lru
cheeselee: python-repoze-lru
clalance: python-repoze-lru
crobinso: python-repoze-lru
cverna: python-repoze-lru
dang: python-repoze-lru
danw: python-repoze-lru
deepinde-sig: python-repoze-lru
devos: python-repoze-lru
dmick: python-repoze-lru
dwmw2: python-repoze-lru
eclipseo: python-repoze-lru, golang-github-xdg-stringprep
ehabkost: python-repoze-lru
ellert: python-repoze-lru
eparis: golang-github-xdg-stringprep
fab: python-repoze-lru
fbo: python-repoze-lru
gd: python-repoze-lru
gnome-sig: python-repoze-lru
go-sig: golang-github-10gen-escaper, golang-github-3rf-mongo-lint,
golang-github-jacobsa-oglematchers, golang-github-xdg-stringprep,
python-repoze-lru, golang-github-spacemonkeygo-openssl
grover: python-repoze-lru
heliocastro: python-repoze-lru
hhorak: caffeine, compile-command-annotations
hobbes1069: unittest-cpp, python-repoze-lru
iboukris: python-repoze-lru
ignatenkobrain: python-repoze-lru
infra-sig: python-repoze-lru
ipa-maint: python-repoze-lru
jamatos: libcsv
jarrpa: python-repoze-lru
jcaratzas: python-repoze-lru
jchaloup: golang-github-xdg-stringprep, golang-github-3rf-mongo-lint,
golang-github-jacobsa-oglematchers
jforbes: python-repoze-lru
jhrozek: python-repoze-lru
jjames: python-readthedocs-sphinx-ext
jlayton: python-repoze-lru
jlcjohn: python-repoze-lru
jpena: python-repoze-lru
jreznik: python-repoze-lru
jridky: python-repoze-lru
jstephen: python-repoze-lru
kazade: unittest-cpp
kde-sig: python-repoze-lru
kkeithle: python-repoze-lru
kkofler: python-repoze-lru
ktdreyer: python-repoze-lru
kubo: python-readthedocs-sphinx-ext
kylev: python-repoze-lru
laine: python-repoze-lru
libvirt-maint: python-repoze-lru
limb: python-repoze-lru
lkundrak: python-repoze-lru
lslebodn: python-repoze-lru
lsm5: golang-github-xdg-stringprep
lystor: python-repoze-lru
mbarnes: python-repoze-lru
mcrha: python-repoze-lru
michaelc: python-repoze-lru
mizdebsk: jsoup
mkosek: python-repoze-lru
mlombard: python-repoze-lru
moceap: python-repoze-lru
mooninite: python-repoze-lru
mosquito: python-repoze-lru
mrunge: python-repoze-lru
mzidek: python-repoze-lru
nalimilan: python-repoze-lru
nalin: python-repoze-lru
nb: python-repoze-lru
ngompa: python-repoze-lru
obnox: python-repoze-lru
ogutierrez: python-repoze-lru
oholy: python-repoze-lru
ondrejj: python-repoze-lru
openstack-sig: python-repoze-lru
osier: python-repoze-lru
panovotn: golang-github-3rf-mongo-lint, golang-github-10gen-escaper
pbrezina: python-repoze-lru
pcahyna: python-repoze-lru
pfilipen: python-repoze-lru
pvoborni: python-repoze-lru
pwalter: python-repoze-lru
python-sig: python-repoze-lru, python-readthedocs-sphinx-ext
quintela: python-repoze-lru
raphgro: unittest-cpp, python-readthedocs-sphinx-ext
rathann: python-repoze-lru
raveit65: python-repoze-lru
rcritten: python-repoze-lru
rdieter: python-repoze-lru
rebus: python-repoze-lru
remi: python-repoze-lru
rhughes: python-repoze-lru
rjones: python-repoze-lru
ronniesahlberg: python-repoze-lru
rstrode: python-repoze-lru
rust-sig: rust-image-roll
sandeen: python-repoze-lru
sbose: python-repoze-lru
sergiomb: python-repoze-lru
sgallagh: python-repoze-lru
simo: python-repoze-lru
simonm: python-repoze-lru
smooge: python-repoze-lru
spot: python-repoze-lru
sprabhu: python-repoze-lru
ssp: python-repoze-lru
sssd-maintainers: python-repoze-lru
stefw: python-repoze-lru
swilkerson: python-repoze-lru
tartina: python-repoze-lru
terjeros: python-repoze-lru
than: python-repoze-lru
thomasj: python-repoze-lru
tibbs: python-repoze-lru
tieugene: python-repoze-lru
tpopela: python-repoze-lru
twaugh: python-repoze-lru
twoerner: python-repoze-lru
veillard: python-repoze-lru
virtmaint-sig: python-repoze-lru
zdohnal: python-repoze-lru
zsun: python-repoze-lru
zuul: python-repoze-lru
--
The script creating this output is run and developed by Fedora
Release Engineering. Please report issues at its pagure instance:
https://pagure.io/releng/
The sources of this script can be found at:
https://pagure.io/releng/blob/main/f/scripts/find_unblocked_orphans.py
Report finished at 2022-05-30 06:24:14 UTC
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
are orphaned for six weeks, unless someone adopts them. If you know for sure
that the package should be retired, please do so now with a proper reason:
https://fedoraproject.org/wiki/How_to_remove_a_package_at_end_of_life
Note: If you received this mail directly you (co)maintain one of the affected
packages or a package that depends on one. Please adopt the affected package or
retire your depending package to avoid broken dependencies, otherwise your
package will fail to install and/or build when the affected package gets retired.
Request package ownership via the *Take* button in he left column on
https://src.fedoraproject.org/rpms/<pkgname>
Full report available at:
https://churchyard.fedorapeople.org/orphans-2022-05-30.txt
grep it for your FAS username and follow the dependency chain.
For human readable dependency chains,
see https://packager-dashboard.fedoraproject.org/
For all orphaned packages,
see https://packager-dashboard.fedoraproject.org/orphan
Package (co)maintainers Status Change
================================================================================
caffeine hhorak, orphan 4 weeks ago
compile-command-annotations hhorak, orphan 4 weeks ago
garmintools orphan 2 weeks ago
golang-github-10gen-escaper go-sig, orphan, panovotn 3 weeks ago
golang-github-3rf-mongo-lint go-sig, jchaloup, orphan, 3 weeks ago
panovotn
golang-github-jacobsa- go-sig, jchaloup, orphan 3 weeks ago
oglematchers
golang-github-spacemonkeygo- go-sig, orphan 3 weeks ago
openssl
golang-github-xdg-stringprep go-sig, orphan 3 weeks ago
jsoup mizdebsk, orphan 5 weeks ago
kup orphan 2 weeks ago
libcsv orphan 1 weeks ago
libnjb orphan 2 weeks ago
librcc orphan 1 weeks ago
perl-Judy orphan 1 weeks ago
perl-Log-Log4perl-Appender- orphan 1 weeks ago
Socket-UNIX
perl-PerlIO-buffersize orphan 1 weeks ago
python-readthedocs-sphinx-ext jjames, orphan, python-sig 5 weeks ago
python-repoze-lru infra-sig, jcaratzas, orphan 0 weeks ago
rust-image-roll orphan, rust-sig 5 weeks ago
unittest-cpp hobbes1069, kazade, orphan, 0 weeks ago
raphgro
The following packages require above mentioned packages:
Depending on: garmintools (1), status change: 2022-05-09 (2 weeks ago)
GarminPlugin (maintained by: besser82)
GarminPlugin-0.3.27-16.fc36.src requires garmintools-devel = 0.10-21.fc36
GarminPlugin-0.3.27-16.fc36.x86_64 requires garmintools(x86-64) =
0.10-21.fc36, libgarmintools.so.4()(64bit)
Depending on: golang-github-xdg-stringprep (21), status change: 2022-05-06 (3
weeks ago)
golang-github-xdg-scram (maintained by: eclipseo, go-sig)
golang-github-xdg-scram-0-0.7.20190623git7eeb566.fc36.src requires
golang(github.com/xdg/stringprep) = 1.0.0-7.fc36
golang-github-xdg-scram-devel-0-0.7.20190623git7eeb566.fc36.noarch requires
golang(github.com/xdg/stringprep) = 1.0.0-7.fc36
golang-mongodb-mongo-driver (maintained by: eclipseo, go-sig)
golang-mongodb-mongo-driver-1.4.5-5.fc37.src requires
golang(github.com/xdg/scram) = 0-0.7.20190623git7eeb566.fc36,
golang(github.com/xdg/stringprep) = 1.0.0-7.fc36
golang-mongodb-mongo-driver-devel-1.4.5-5.fc37.noarch requires
golang(github.com/xdg/scram) = 0-0.7.20190623git7eeb566.fc36,
golang(github.com/xdg/stringprep) = 1.0.0-7.fc36
golang-github-segmentio-kafka (maintained by: eclipseo, go-sig)
golang-github-segmentio-kafka-0.4.8-4.fc36.src requires
golang(github.com/xdg/scram) = 0-0.7.20190623git7eeb566.fc36,
golang(go.mongodb.org/mongo-driver/mongo) = 1.4.5-5.fc37
golang-github-segmentio-kafka-devel-0.4.8-4.fc36.noarch requires
golang(github.com/xdg/scram) = 0-0.7.20190623git7eeb566.fc36
golang-github-shopify-sarama (maintained by: eclipseo, go-sig)
golang-github-shopify-sarama-1.27.2-4.fc36.src requires
golang(github.com/xdg/scram) = 0-0.7.20190623git7eeb566.fc36
golang-github-openapi-strfmt (maintained by: eclipseo, go-sig)
golang-github-openapi-strfmt-0.19.11-4.fc36.src requires
golang(go.mongodb.org/mongo-driver/bson) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/bson/bsontype) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/bson/primitive) = 1.4.5-5.fc37
golang-github-openapi-strfmt-devel-0.19.11-4.fc36.noarch requires
golang(go.mongodb.org/mongo-driver/bson) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/bson/bsontype) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/bson/primitive) = 1.4.5-5.fc37
golang-github-tonistiigi-opentelemetry-contrib (maintained by: eclipseo)
golang-github-tonistiigi-opentelemetry-contrib-0.21.0-6.20220207git9a56be1.fc37.src
requires golang(github.com/Shopify/sarama) = 1.27.2-4.fc36,
golang(github.com/Shopify/sarama/mocks) = 1.27.2-4.fc36,
golang(go.mongodb.org/mongo-driver/bson) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/bson/bsontype) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/event) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/mongo) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/mongo/options) = 1.4.5-5.fc37
golang-github-tonistiigi-opentelemetry-contrib-devel-0.21.0-6.20220207git9a56be1.fc37.noarch
requires golang(github.com/Shopify/sarama) = 1.27.2-4.fc36,
golang(go.mongodb.org/mongo-driver/bson) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/bson/bsontype) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/event) = 1.4.5-5.fc37
golang-gocloud (maintained by: eclipseo, go-sig)
golang-gocloud-0.24.0-1.fc36~bootstrap.src requires
golang(github.com/Shopify/sarama) = 1.27.2-4.fc36,
golang(go.mongodb.org/mongo-driver/bson) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/bson/primitive) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/mongo) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/mongo/options) = 1.4.5-5.fc37
golang-gocloud-devel-0.24.0-1.fc36~bootstrap.noarch requires
golang(github.com/Shopify/sarama) = 1.27.2-4.fc36,
golang(go.mongodb.org/mongo-driver/bson) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/bson/primitive) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/mongo) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/mongo/options) = 1.4.5-5.fc37
golang-opentelemetry-contrib-0.20 (maintained by: eclipseo)
golang-opentelemetry-contrib-0.20-0.20.0-4.fc37.src requires
golang(github.com/Shopify/sarama) = 1.27.2-4.fc36,
golang(github.com/Shopify/sarama/mocks) = 1.27.2-4.fc36,
golang(go.mongodb.org/mongo-driver/bson) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/event) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/mongo) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/mongo/options) = 1.4.5-5.fc37
golang-opentelemetry-contrib-0.20-devel-0.20.0-4.fc37.noarch requires
golang(github.com/Shopify/sarama) = 1.27.2-4.fc36,
golang(go.mongodb.org/mongo-driver/bson) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/event) = 1.4.5-5.fc37
golang-opentelemetry-contrib (maintained by: eclipseo, go-sig)
golang-opentelemetry-contrib-devel-1.3.0-2.fc36.noarch requires
golang(github.com/Shopify/sarama) = 1.27.2-4.fc36,
golang(go.mongodb.org/mongo-driver/bson) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/bson/bsontype) = 1.4.5-5.fc37,
golang(go.mongodb.org/mongo-driver/event) = 1.4.5-5.fc37
golang-github-influxdata-flux (maintained by: eclipseo, go-sig)
golang-github-influxdata-flux-0.100.1-4.fc36.src requires
golang(github.com/segmentio/kafka-go) = 0.4.8-4.fc36
golang-github-influxdata-flux-devel-0.100.1-4.fc36.noarch requires
golang(github.com/segmentio/kafka-go) = 0.4.8-4.fc36
cadvisor (maintained by: eparis, go-sig, jchaloup, lsm5)
cadvisor-0.40.0-3.fc36.src requires golang(github.com/Shopify/sarama) =
1.27.2-4.fc36
golang-github-google-cadvisor-devel-0.40.0-3.fc36.noarch requires
golang(github.com/Shopify/sarama) = 1.27.2-4.fc36
golang-github-cockroachdb-cockroach (maintained by: eclipseo, go-sig)
golang-github-cockroachdb-cockroach-20.2.3-5.fc36.src requires
golang(github.com/Shopify/sarama) = 1.27.2-4.fc36
golang-github-cockroachdb-cockroach-devel-20.2.3-5.fc36.noarch requires
golang(github.com/Shopify/sarama) = 1.27.2-4.fc36
golang-github-openzipkin-zipkin (maintained by: eclipseo, go-sig, jchaloup)
golang-github-openzipkin-zipkin-0.2.5-4.fc36.src requires
golang(github.com/Shopify/sarama) = 1.27.2-4.fc36
golang-github-openzipkin-zipkin-devel-0.2.5-4.fc36.noarch requires
golang(github.com/Shopify/sarama) = 1.27.2-4.fc36
golang-github-haproxytech-client-native (maintained by: bdperkin, go-sig)
golang-github-haproxytech-client-native-2.5.3-2.fc37.src requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-haproxytech-client-native-devel-2.5.3-2.fc37.noarch requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-haproxytech-dataplaneapi (maintained by: bdperkin, go-sig)
golang-github-haproxytech-dataplaneapi-2.4.4-3.fc37.src requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-haproxytech-dataplaneapi-devel-2.4.4-3.fc37.noarch requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-haproxytech-models (maintained by: bdperkin, go-sig)
golang-github-haproxytech-models-2.2.0-4.fc36.src requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-haproxytech-models-devel-2.2.0-4.fc36.noarch requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-openapi-analysis (maintained by: eclipseo, go-sig)
golang-github-openapi-analysis-0.19.16-4.fc36~bootstrap.src requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-openapi-analysis-devel-0.19.16-4.fc36~bootstrap.noarch requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-openapi-runtime (maintained by: eclipseo, go-sig)
golang-github-openapi-runtime-0.19.31-2.fc36.src requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-openapi-runtime-devel-0.19.31-2.fc36.noarch requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-openapi-runtime-middleware-devel-0.19.31-2.fc36.noarch requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-openapi-validate (maintained by: eclipseo, go-sig)
golang-github-openapi-validate-0.20.1-4.fc36.src requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-openapi-validate-devel-0.20.1-4.fc36.noarch requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-prometheus (maintained by: eclipseo, go-sig)
golang-github-prometheus-2.32.1-4.fc37.src requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-prometheus-devel-2.32.1-4.fc37.noarch requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-prometheus-alertmanager (maintained by: eclipseo, go-sig)
golang-github-prometheus-alertmanager-0.23.0-8.fc37.src requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
golang-github-prometheus-alertmanager-devel-0.23.0-8.fc37.noarch requires
golang(github.com/go-openapi/strfmt) = 0.19.11-4.fc36
Too many dependencies for golang-github-xdg-stringprep, not all listed here
Depending on: libcsv (1), status change: 2022-05-17 (1 weeks ago)
tellico (maintained by: alexlan, jamatos)
tellico-3.4.4-3.fc37.src requires libcsv-devel = 3.0.3-17.fc36
tellico-3.4.4-3.fc37.x86_64 requires libcsv.so.3()(64bit)
Depending on: python-readthedocs-sphinx-ext (2), status change: 2022-04-20 (5
weeks ago)
jpype (maintained by: raphgro)
jpype-1.3.0-2.fc36.src requires python3-readthedocs-sphinx-ext = 2.1.5-1.fc37
python-jaydebeapi (maintained by: kubo)
python3-jaydebeapi-1.2.3-6.fc36.noarch requires python3-jpype = 1.3.0-2.fc36,
python3.10dist(jpype1) = 1.3
Depending on: python-repoze-lru (47), status change: 2022-05-25 (0 weeks ago)
python-routes (maintained by: jcaratzas, kylev, mrunge, openstack-sig, python-sig)
python-routes-2.5.1-2.fc36.src requires python3dist(repoze-lru) = 0.7
python3-routes-2.5.1-2.fc36.noarch requires python3.10dist(repoze-lru) = 0.7
TurboGears2 (maintained by: cverna, ondrejj)
python3-TurboGears2-2.4.3-8.fc36.noarch requires python3-repoze-lru =
0.7-13.fc36, python3.10dist(repoze-lru) = 0.7
ceph (maintained by: branto, dmick, kkeithle, ktdreyer)
ceph-mgr-dashboard-2:17.2.0-5.fc37.noarch requires python3-routes = 2.5.1-2.fc36
zuul (maintained by: fbo, openstack-sig, zuul)
zuul-3.19.1-5.fc36.noarch requires python3.10dist(routes) = 2.5.1
zuul-3.19.1-5.fc36.src requires python3-routes = 2.5.1-2.fc36
samba (maintained by: abbra, anoopcs, asn, gd, iboukris, jarrpa, jlayton,
jstephen, obnox, pfilipen, simo)
ctdb-ceph-mutex-2:4.16.1-5.fc37.x86_64 requires librados.so.2()(64bit)
samba-vfs-cephfs-2:4.16.1-5.fc37.x86_64 requires libcephfs.so.2()(64bit)
fio (maintained by: sandeen)
fio-engine-rados-3.30-1.fc37.x86_64 requires librados.so.2()(64bit)
fio-engine-rbd-3.30-1.fc37.x86_64 requires librados.so.2()(64bit),
librbd.so.1()(64bit)
golang-github-ceph (maintained by: eclipseo, go-sig)
golang-github-ceph-0.7.0-3.fc35.src requires libcephfs-devel =
2:17.2.0-5.fc37, librados-devel = 2:17.2.0-5.fc37, librbd-devel = 2:17.2.0-5.fc37
golang-github-ceph-devel-0.7.0-3.fc35.noarch requires libcephfs-devel =
2:17.2.0-5.fc37, librados-devel = 2:17.2.0-5.fc37, librbd-devel = 2:17.2.0-5.fc37
libvirt (maintained by: berrange, clalance, crobinso, jforbes, laine,
libvirt-maint, osier, veillard, virtmaint-sig)
libvirt-daemon-driver-storage-rbd-8.3.0-1.fc37.x86_64 requires
librados.so.2()(64bit), librados.so.2(LIBRADOS_14.2.0)(64bit), librbd.so.1()(64bit)
nfs-ganesha (maintained by: dang, devos, kkeithle)
nfs-ganesha-ceph-4.0-5.fc37.x86_64 requires libcephfs.so.2()(64bit)
nfs-ganesha-rados-grace-4.0-5.fc37.x86_64 requires librados.so.2()(64bit)
nfs-ganesha-rados-urls-4.0-5.fc37.x86_64 requires librados.so.2()(64bit)
nfs-ganesha-rgw-4.0-5.fc37.x86_64 requires librgw.so.2()(64bit)
nfs-ganesha-4.0-5.fc37.i686 requires libwbclient.so.0,
libwbclient.so.0(WBCLIENT_0.9)
nfs-ganesha-4.0-5.fc37.src requires libwbclient-devel = 2:4.16.1-5.fc37
nfs-ganesha-4.0-5.fc37.x86_64 requires libwbclient.so.0()(64bit),
libwbclient.so.0(WBCLIENT_0.9)(64bit)
python-cradox (maintained by: jpena)
python-cradox-2.1.0-15.fc36.src requires librados2-devel = 2:17.2.0-5.fc37
python3-cradox-2.1.0-15.fc36.x86_64 requires librados.so.2()(64bit),
librados.so.2(LIBRADOS_14.2.0)(64bit)
qemu (maintained by: berrange, bonzini, crobinso, dwmw2, ehabkost, jforbes,
lkundrak, quintela, rjones, virtmaint-sig)
qemu-block-rbd-2:7.0.0-3.fc37.x86_64 requires librados.so.2()(64bit),
librbd.so.1()(64bit)
scsi-target-utils (maintained by: grover, michaelc, mlombard, terjeros)
scsi-target-utils-rbd-1.0.79-5.fc36.x86_64 requires librados.so.2()(64bit),
librbd.so.1()(64bit)
tcmu-runner (maintained by: mlombard)
tcmu-runner-1.5.4-4.fc36.src requires librbd-devel = 2:17.2.0-5.fc37
tcmu-runner-1.5.4-4.fc36.x86_64 requires librbd.so.1()(64bit)
xrootd (maintained by: ellert, simonm)
xrootd-ceph-1:5.4.2-3.fc37.x86_64 requires librados.so.2()(64bit),
librados.so.2(LIBRADOS_14.2.0)(64bit), libradosstriper.so.1()(64bit)
BackupPC (maintained by: hobbes1069)
BackupPC-4.4.0-6.fc36.x86_64 requires samba-client = 2:4.16.1-5.fc37
amanda (maintained by: jridky, pcahyna, tibbs)
amanda-3.5.1-33.fc36.src requires samba-client = 2:4.16.1-5.fc37
caja-extensions (maintained by: raveit65)
caja-share-1.26.0-3.fc36.x86_64 requires samba = 2:4.16.1-5.fc37
cifs-utils (maintained by: abbra, jlayton, ronniesahlberg, simo, sprabhu)
cifs-utils-6.15-1.fc37.src requires libwbclient-devel = 2:4.16.1-5.fc37
cifs-utils-6.15-1.fc37.x86_64 requires libwbclient.so.0()(64bit),
libwbclient.so.0(WBCLIENT_0.9)(64bit)
deepin-file-manager (maintained by: cheeselee, deepinde-sig, mosquito, zsun)
deepin-file-manager-5.5.10-3.fc37.i686 requires samba = 2:4.16.1-5.fc37
deepin-file-manager-5.5.10-3.fc37.x86_64 requires samba = 2:4.16.1-5.fc37
evolution-mapi (maintained by: asn, mbarnes, mcrha)
evolution-mapi-3.44.2-1.fc37.x86_64 requires libndr.so.2()(64bit),
libndr.so.2(NDR_0.0.1)(64bit), libsamba-util.so.0()(64bit),
libsamba-util.so.0(SAMBA_UTIL_0.0.1)(64bit)
ffmpeg (maintained by: asn, ngompa, rathann)
ffmpeg-5.0.1-8.fc37.src requires pkgconfig(smbclient) = 0.7.0
libavformat-free-5.0.1-8.fc37.i686 requires libsmbclient.so.0,
libsmbclient.so.0(SMBCLIENT_0.1.0)
libavformat-free-5.0.1-8.fc37.x86_64 requires libsmbclient.so.0()(64bit),
libsmbclient.so.0(SMBCLIENT_0.1.0)(64bit)
fleet-commander-admin (maintained by: ogutierrez)
fleet-commander-admin-0.16.0-1.fc37.noarch requires python3-samba =
2:4.16.1-5.fc37
fleet-commander-admin-0.16.0-1.fc37.src requires python3-samba = 2:4.16.1-5.fc37
fleet-commander-client (maintained by: ogutierrez)
fleet-commander-client-0.15.0-11.fc36.noarch requires python3-samba =
2:4.16.1-5.fc37
freeipa (maintained by: abbra, ipa-maint, jhrozek, mkosek, pvoborni, rcritten,
simo, twoerner)
freeipa-client-samba-4.9.9-1.fc37.x86_64 requires python3-samba =
2:4.16.1-5.fc37, samba = 2:4.16.1-5.fc37, samba-client = 2:4.16.1-5.fc37,
samba-common-tools = 2:4.16.1-5.fc37, samba-winbind = 2:4.16.1-5.fc37
freeipa-server-4.9.9-1.fc37.x86_64 requires libndr-krb5pac.so.0()(64bit),
libndr-krb5pac.so.0(NDR_KRB5PAC_0.0.1)(64bit), libndr-standard.so.0()(64bit),
libndr.so.2()(64bit), libndr.so.2(NDR_0.0.1)(64bit),
libsamba-errors.so.1()(64bit), libsamba-errors.so.1(SAMBA_ERRORS_1)(64bit),
libsamba-util.so.0()(64bit), libsamba-util.so.0(SAMBA_UTIL_0.0.1)(64bit),
samba-client-libs = 2:4.16.1-5.fc37
freeipa-server-trust-ad-4.9.9-1.fc37.x86_64 requires
libndr-nbt.so.0()(64bit), libndr-nbt.so.0(NDR_NBT_0.0.1)(64bit),
libndr.so.2()(64bit), libndr.so.2(NDR_0.0.1)(64bit),
libsamba-passdb.so.0()(64bit), libsamba-passdb.so.0(SAMBA_PASSDB_0.2.0)(64bit),
libsamba-util.so.0()(64bit), libsamba-util.so.0(SAMBA_UTIL_0.0.1)(64bit),
libsmbconf.so.0()(64bit), libsmbconf.so.0(SMBCONF_0)(64bit),
libsmbldap.so.2()(64bit), libsmbldap.so.2(SMBLDAP_0)(64bit),
libsmbldap.so.2(SMBLDAP_1)(64bit), libsmbldap.so.2(SMBLDAP_2)(64bit),
python3-samba = 2:4.16.1-5.fc37, samba = 2:4.16.1-5.fc37, samba-winbind =
2:4.16.1-5.fc37
gnome-control-center (maintained by: gnome-sig, pwalter)
gnome-control-center-42.2-1.fc37.src requires pkgconfig(smbclient) = 0.7.0
gnome-control-center-42.2-1.fc37.x86_64 requires libsmbclient.so.0()(64bit),
libsmbclient.so.0(SMBCLIENT_0.1.0)(64bit)
gnome-vfs2 (maintained by: alexl, caillon, caolanm, gnome-sig, limb, mbarnes,
rhughes, rstrode, ssp)
gnome-vfs2-2.24.4-38.fc36.src requires libsmbclient-devel = 2:4.16.1-5.fc37
gnome-vfs2-smb-2.24.4-38.fc36.x86_64 requires libsmbclient.so.0()(64bit),
libsmbclient.so.0(SMBCLIENT_0.1.0)(64bit)
gssntlmssp (maintained by: simo)
gssntlmssp-1.1.0-1.fc37.src requires pkgconfig(wbclient) = 0.15
gssntlmssp-1.1.0-1.fc37.x86_64 requires libwbclient.so.0()(64bit),
libwbclient.so.0(WBCLIENT_0.12)(64bit), libwbclient.so.0(WBCLIENT_0.9)(64bit)
gvfs (maintained by: alexl, oholy)
gvfs-1.50.2-1.fc37.src requires libsmbclient-devel = 2:4.16.1-5.fc37
gvfs-smb-1.50.2-1.fc37.x86_64 requires libsmbclient.so.0()(64bit),
libsmbclient.so.0(SMBCLIENT_0.1.0)(64bit),
libsmbclient.so.0(SMBCLIENT_0.5.0)(64bit),
libsmbclient.so.0(SMBCLIENT_0.6.0)(64bit)
kde-print-manager (maintained by: jreznik, kde-sig, rdieter, than)
kde-print-manager-22.04.1-1.fc37.src requires samba-client = 2:4.16.1-5.fc37
kdebase3 (maintained by: jreznik, kkofler, rdieter, than)
kdebase3-3.5.10-71.fc36.src requires libsmbclient-devel = 2:4.16.1-5.fc37
kdebase3-3.5.10-71.fc36.x86_64 requires libsmbclient.so.0()(64bit),
libsmbclient.so.0(SMBCLIENT_0.1.0)(64bit)
kio-extras (maintained by: kde-sig, rdieter)
kio-extras-22.04.1-1.fc37.i686 requires libsmbclient.so.0,
libsmbclient.so.0(SMBCLIENT_0.1.0), libsmbclient.so.0(SMBCLIENT_0.2.3),
libsmbclient.so.0(SMBCLIENT_0.6.0)
kio-extras-22.04.1-1.fc37.src requires libsmbclient-devel = 2:4.16.1-5.fc37
kio-extras-22.04.1-1.fc37.x86_64 requires libsmbclient.so.0()(64bit),
libsmbclient.so.0(SMBCLIENT_0.1.0)(64bit),
libsmbclient.so.0(SMBCLIENT_0.2.3)(64bit),
libsmbclient.so.0(SMBCLIENT_0.6.0)(64bit)
libsoup (maintained by: alexl, caillon, caolanm, danw, gnome-sig, mbarnes,
mcrha, rhughes, rstrode, ssp, tpopela)
libsoup-2.74.2-2.fc36.src requires /usr/bin/ntlm_auth
libsoup3 (maintained by: gnome-sig, limb, mcrha)
libsoup3-3.0.6-2.fc37.src requires /usr/bin/ntlm_auth
mod_auth_ntlm_winbind (maintained by: buc)
mod_auth_ntlm_winbind-0.0.0-0.32.20070129svn713.fc36.x86_64 requires
samba-common = 2:4.16.1-5.fc37
nagios-plugins (maintained by: ignatenkobrain, nb, smooge, swilkerson, tartina)
nagios-plugins-2.4.0-6.fc37.src requires samba-client = 2:4.16.1-5.fc37
nagios-plugins-disk_smb-2.4.0-6.fc37.x86_64 requires /usr/bin/smbclient
ncid (maintained by: jlcjohn, moceap, sandeen)
ncid-samba-1.13-3.fc37.noarch requires samba-client = 2:4.16.1-5.fc37
nmbscan (maintained by: fab, lystor, rebus)
nmbscan-1.2.6-23.fc36.noarch requires samba-client = 2:4.16.1-5.fc37
openchange (maintained by: asn, gd, mbarnes, mcrha, simo)
openchange-2.3-40.fc36.i686 requires libdcerpc-binding.so.0,
libdcerpc-binding.so.0(DCERPC_BINDING_0.0.1), libdcerpc.so.0,
libdcerpc.so.0(DCERPC_0.0.1), libndr-standard.so.0,
libndr-standard.so.0(NDR_STANDARD_0.0.1), libndr.so.2, libndr.so.2(NDR_0.0.1),
libndr.so.2(NDR_0.0.6), libndr.so.2(NDR_0.2.0), libndr.so.2(NDR_1.0.0),
libndr.so.2(NDR_2.0.0), libsamba-credentials.so.1,
libsamba-credentials.so.1(SAMBA_CREDENTIALS_1.0.0), libsamba-hostconfig.so.0,
libsamba-hostconfig.so.0(SAMBA_HOSTCONFIG_0.0.1), libsamba-util.so.0,
libsamba-util.so.0(SAMBA_UTIL_0.0.1)
openchange-2.3-40.fc36.src requires samba-common = 2:4.16.1-5.fc37,
samba-devel = 2:4.16.1-5.fc37, samba-libs = 2:4.16.1-5.fc37, samba-pidl =
2:4.16.1-5.fc37
openchange-2.3-40.fc36.x86_64 requires libdcerpc-binding.so.0()(64bit),
libdcerpc-binding.so.0(DCERPC_BINDING_0.0.1)(64bit), libdcerpc.so.0()(64bit),
libdcerpc.so.0(DCERPC_0.0.1)(64bit), libndr-standard.so.0()(64bit),
libndr-standard.so.0(NDR_STANDARD_0.0.1)(64bit), libndr.so.2()(64bit),
libndr.so.2(NDR_0.0.1)(64bit), libndr.so.2(NDR_0.0.6)(64bit),
libndr.so.2(NDR_0.2.0)(64bit), libndr.so.2(NDR_1.0.0)(64bit),
libndr.so.2(NDR_2.0.0)(64bit), libsamba-credentials.so.1()(64bit),
libsamba-credentials.so.1(SAMBA_CREDENTIALS_1.0.0)(64bit),
libsamba-hostconfig.so.0()(64bit),
libsamba-hostconfig.so.0(SAMBA_HOSTCONFIG_0.0.1)(64bit),
libsamba-util.so.0()(64bit), libsamba-util.so.0(SAMBA_UTIL_0.0.1)(64bit)
openchange-client-2.3-40.fc36.x86_64 requires
libdcerpc-binding.so.0()(64bit), libdcerpc.so.0()(64bit), libndr.so.2()(64bit),
libndr.so.2(NDR_0.0.1)(64bit), libsamba-credentials.so.1()(64bit),
libsamba-hostconfig.so.0()(64bit), libsamba-util.so.0()(64bit),
libsamba-util.so.0(SAMBA_UTIL_0.0.1)(64bit)
openchange-devel-2.3-40.fc36.i686 requires pkgconfig(dcerpc) = 0.0.1,
pkgconfig(dcerpc_samr) = 0.0.1, pkgconfig(ndr) = 2.0.0,
pkgconfig(samba-hostconfig) = 0.0.1
openchange-devel-2.3-40.fc36.x86_64 requires pkgconfig(dcerpc) = 0.0.1,
pkgconfig(dcerpc_samr) = 0.0.1, pkgconfig(ndr) = 2.0.0,
pkgconfig(samba-hostconfig) = 0.0.1
php-icewind-smb2 (maintained by: remi)
php-icewind-smb2-2.0.7-7.fc36.noarch requires /usr/bin/smbclient
php-smbclient (maintained by: remi)
php-smbclient-1.0.6-5.fc36.src requires libsmbclient-devel = 2:4.16.1-5.fc37
php-smbclient-1.0.6-5.fc36.x86_64 requires libsmbclient.so.0()(64bit),
libsmbclient.so.0(SMBCLIENT_0.1.0)(64bit),
libsmbclient.so.0(SMBCLIENT_0.2.0)(64bit),
libsmbclient.so.0(SMBCLIENT_0.5.0)(64bit)
python-smbc (maintained by: twaugh, zdohnal)
python-smbc-1.0.23-5.fc36.src requires libsmbclient-devel = 2:4.16.1-5.fc37
python3-smbc-1.0.23-5.fc36.x86_64 requires libsmbclient.so.0()(64bit),
libsmbclient.so.0(SMBCLIENT_0.1.0)(64bit),
libsmbclient.so.0(SMBCLIENT_0.5.0)(64bit)
realmd (maintained by: sbose, stefw)
realmd-0.17.0-10.fc37.src requires samba-common-tools = 2:4.16.1-5.fc37
smb4k (maintained by: heliocastro, rdieter, sergiomb)
smb4k-3.1.2-1.fc37.i686 requires libsmbclient.so.0,
libsmbclient.so.0(SMBCLIENT_0.1.0), libsmbclient.so.0(SMBCLIENT_0.5.0),
samba-client = 2:4.16.1-5.fc37
smb4k-3.1.2-1.fc37.src requires libsmbclient-devel = 2:4.16.1-5.fc37
smb4k-3.1.2-1.fc37.x86_64 requires libsmbclient.so.0()(64bit),
libsmbclient.so.0(SMBCLIENT_0.1.0)(64bit),
libsmbclient.so.0(SMBCLIENT_0.5.0)(64bit), samba-client = 2:4.16.1-5.fc37
sssd (maintained by: abbra, asn, atikhonov, jhrozek, lslebodn, mzidek, nalin,
pbrezina, sbose, sgallagh, simo, sssd-maintainers)
sssd-2.7.0-1.fc37.src requires libsmbclient-devel = 2:4.16.1-5.fc37,
samba-devel = 2:4.16.1-5.fc37, samba-winbind = 2:4.16.1-5.fc37
sssd-ad-2.7.0-1.fc37.x86_64 requires libndr-krb5pac.so.0()(64bit),
libndr-krb5pac.so.0(NDR_KRB5PAC_0.0.1)(64bit), libndr-nbt.so.0()(64bit),
libndr-nbt.so.0(NDR_NBT_0.0.1)(64bit), libndr-standard.so.0()(64bit),
libndr.so.2()(64bit), libndr.so.2(NDR_0.0.1)(64bit),
libndr.so.2(NDR_0.0.6)(64bit), libndr.so.2(NDR_1.0.0)(64bit),
libsamba-util.so.0()(64bit), libsmbclient.so.0()(64bit),
libsmbclient.so.0(SMBCLIENT_0.1.0)(64bit), samba-client-libs = 2:4.16.1-5.fc37
sssd-common-pac-2.7.0-1.fc37.x86_64 requires libndr-krb5pac.so.0()(64bit),
libndr-krb5pac.so.0(NDR_KRB5PAC_0.0.1)(64bit), libndr.so.2()(64bit),
libndr.so.2(NDR_0.0.1)(64bit)
sssd-ipa-2.7.0-1.fc37.x86_64 requires libndr-krb5pac.so.0()(64bit),
libndr-krb5pac.so.0(NDR_KRB5PAC_0.0.1)(64bit), libndr-nbt.so.0()(64bit),
libndr-nbt.so.0(NDR_NBT_0.0.1)(64bit), libndr-standard.so.0()(64bit),
libndr.so.2()(64bit), libndr.so.2(NDR_0.0.1)(64bit),
libsamba-util.so.0()(64bit), samba-client-libs = 2:4.16.1-5.fc37
wcm (maintained by: nalimilan, tieugene)
wcm-0.20.0-19.fc36.src requires pkgconfig(smbclient) = 0.7.0
wcm-0.20.0-19.fc36.x86_64 requires libsmbclient.so.0()(64bit),
libsmbclient.so.0(SMBCLIENT_0.1.0)(64bit)
wine (maintained by: besser82, mooninite)
wine-7.9-1.fc37.i686 requires /usr/bin/ntlm_auth
wine-7.9-1.fc37.x86_64 requires /usr/bin/ntlm_auth
xmms2 (maintained by: spot, thomasj)
xmms2-0.8-80.fc36.src requires libsmbclient-devel = 2:4.16.1-5.fc37
Too many dependencies for python-repoze-lru, not all listed here
See dependency chains of your packages at
https://packager-dashboard.fedoraproject.org/
See all orphaned packages at https://packager-dashboard.fedoraproject.org/orphan
Affected (co)maintainers (either directly or via packages' dependencies):
abbra: python-repoze-lru
alexl: python-repoze-lru
alexlan: libcsv
anoopcs: python-repoze-lru
asn: python-repoze-lru
atikhonov: python-repoze-lru
bdperkin: golang-github-xdg-stringprep
berrange: python-repoze-lru
besser82: python-repoze-lru, garmintools
bonzini: python-repoze-lru
branto: python-repoze-lru
buc: python-repoze-lru
caillon: python-repoze-lru
caolanm: python-repoze-lru
cheeselee: python-repoze-lru
clalance: python-repoze-lru
crobinso: python-repoze-lru
cverna: python-repoze-lru
dang: python-repoze-lru
danw: python-repoze-lru
deepinde-sig: python-repoze-lru
devos: python-repoze-lru
dmick: python-repoze-lru
dwmw2: python-repoze-lru
eclipseo: python-repoze-lru, golang-github-xdg-stringprep
ehabkost: python-repoze-lru
ellert: python-repoze-lru
eparis: golang-github-xdg-stringprep
fab: python-repoze-lru
fbo: python-repoze-lru
gd: python-repoze-lru
gnome-sig: python-repoze-lru
go-sig: golang-github-10gen-escaper, golang-github-3rf-mongo-lint,
golang-github-jacobsa-oglematchers, golang-github-xdg-stringprep,
python-repoze-lru, golang-github-spacemonkeygo-openssl
grover: python-repoze-lru
heliocastro: python-repoze-lru
hhorak: caffeine, compile-command-annotations
hobbes1069: unittest-cpp, python-repoze-lru
iboukris: python-repoze-lru
ignatenkobrain: python-repoze-lru
infra-sig: python-repoze-lru
ipa-maint: python-repoze-lru
jamatos: libcsv
jarrpa: python-repoze-lru
jcaratzas: python-repoze-lru
jchaloup: golang-github-xdg-stringprep, golang-github-3rf-mongo-lint,
golang-github-jacobsa-oglematchers
jforbes: python-repoze-lru
jhrozek: python-repoze-lru
jjames: python-readthedocs-sphinx-ext
jlayton: python-repoze-lru
jlcjohn: python-repoze-lru
jpena: python-repoze-lru
jreznik: python-repoze-lru
jridky: python-repoze-lru
jstephen: python-repoze-lru
kazade: unittest-cpp
kde-sig: python-repoze-lru
kkeithle: python-repoze-lru
kkofler: python-repoze-lru
ktdreyer: python-repoze-lru
kubo: python-readthedocs-sphinx-ext
kylev: python-repoze-lru
laine: python-repoze-lru
libvirt-maint: python-repoze-lru
limb: python-repoze-lru
lkundrak: python-repoze-lru
lslebodn: python-repoze-lru
lsm5: golang-github-xdg-stringprep
lystor: python-repoze-lru
mbarnes: python-repoze-lru
mcrha: python-repoze-lru
michaelc: python-repoze-lru
mizdebsk: jsoup
mkosek: python-repoze-lru
mlombard: python-repoze-lru
moceap: python-repoze-lru
mooninite: python-repoze-lru
mosquito: python-repoze-lru
mrunge: python-repoze-lru
mzidek: python-repoze-lru
nalimilan: python-repoze-lru
nalin: python-repoze-lru
nb: python-repoze-lru
ngompa: python-repoze-lru
obnox: python-repoze-lru
ogutierrez: python-repoze-lru
oholy: python-repoze-lru
ondrejj: python-repoze-lru
openstack-sig: python-repoze-lru
osier: python-repoze-lru
panovotn: golang-github-3rf-mongo-lint, golang-github-10gen-escaper
pbrezina: python-repoze-lru
pcahyna: python-repoze-lru
pfilipen: python-repoze-lru
pvoborni: python-repoze-lru
pwalter: python-repoze-lru
python-sig: python-repoze-lru, python-readthedocs-sphinx-ext
quintela: python-repoze-lru
raphgro: unittest-cpp, python-readthedocs-sphinx-ext
rathann: python-repoze-lru
raveit65: python-repoze-lru
rcritten: python-repoze-lru
rdieter: python-repoze-lru
rebus: python-repoze-lru
remi: python-repoze-lru
rhughes: python-repoze-lru
rjones: python-repoze-lru
ronniesahlberg: python-repoze-lru
rstrode: python-repoze-lru
rust-sig: rust-image-roll
sandeen: python-repoze-lru
sbose: python-repoze-lru
sergiomb: python-repoze-lru
sgallagh: python-repoze-lru
simo: python-repoze-lru
simonm: python-repoze-lru
smooge: python-repoze-lru
spot: python-repoze-lru
sprabhu: python-repoze-lru
ssp: python-repoze-lru
sssd-maintainers: python-repoze-lru
stefw: python-repoze-lru
swilkerson: python-repoze-lru
tartina: python-repoze-lru
terjeros: python-repoze-lru
than: python-repoze-lru
thomasj: python-repoze-lru
tibbs: python-repoze-lru
tieugene: python-repoze-lru
tpopela: python-repoze-lru
twaugh: python-repoze-lru
twoerner: python-repoze-lru
veillard: python-repoze-lru
virtmaint-sig: python-repoze-lru
zdohnal: python-repoze-lru
zsun: python-repoze-lru
zuul: python-repoze-lru
--
The script creating this output is run and developed by Fedora
Release Engineering. Please report issues at its pagure instance:
https://pagure.io/releng/
The sources of this script can be found at:
https://pagure.io/releng/blob/main/f/scripts/find_unblocked_orphans.py
Report finished at 2022-05-30 06:24:14 UTC
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Thursday, May 26, 2022
[USN-5450-1] Subversion vulnerabilities
==========================================================================
Ubuntu Security Notice USN-5450-1
May 27, 2022
subversion vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in subversion.
Software Description:
- subversion: Advanced version control system
Details:
Evgeny Kotkov discovered that subversion servers did not properly follow
path-based authorization rules in certain cases. An attacker could
potentially use this issue to retrieve information about private paths.
(CVE-2021-28544)
Thomas Weißschuh discovered that subversion servers did not properly handle
memory in certain configurations. A remote attacker could potentially use
this issue to cause a denial of service or other unspecified impact.
(CVE-2022-24070)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS:
libapache2-mod-svn 1.14.1-3ubuntu0.22.04.1
libsvn1 1.14.1-3ubuntu0.22.04.1
subversion 1.14.1-3ubuntu0.22.04.1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5450-1
CVE-2021-28544, CVE-2022-24070
Package Information:
https://launchpad.net/ubuntu/+source/subversion/1.14.1-3ubuntu0.22.04.1
Ubuntu Security Notice USN-5450-1
May 27, 2022
subversion vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in subversion.
Software Description:
- subversion: Advanced version control system
Details:
Evgeny Kotkov discovered that subversion servers did not properly follow
path-based authorization rules in certain cases. An attacker could
potentially use this issue to retrieve information about private paths.
(CVE-2021-28544)
Thomas Weißschuh discovered that subversion servers did not properly handle
memory in certain configurations. A remote attacker could potentially use
this issue to cause a denial of service or other unspecified impact.
(CVE-2022-24070)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS:
libapache2-mod-svn 1.14.1-3ubuntu0.22.04.1
libsvn1 1.14.1-3ubuntu0.22.04.1
subversion 1.14.1-3ubuntu0.22.04.1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5450-1
CVE-2021-28544, CVE-2022-24070
Package Information:
https://launchpad.net/ubuntu/+source/subversion/1.14.1-3ubuntu0.22.04.1
[USN-5449-1] libXv vulnerability
==========================================================================
Ubuntu Security Notice USN-5449-1
May 26, 2022
libxv vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
libXv could be made to crash or run programs if it received specially
crafted input.
Software Description:
- libxv: X11 Video extension library
Details:
It was discovered that libXv incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial
of service, or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
libxv1 2:1.0.10-1ubuntu0.16.04.1~esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5449-1
CVE-2016-5407
Ubuntu Security Notice USN-5449-1
May 26, 2022
libxv vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
libXv could be made to crash or run programs if it received specially
crafted input.
Software Description:
- libxv: X11 Video extension library
Details:
It was discovered that libXv incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial
of service, or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
libxv1 2:1.0.10-1ubuntu0.16.04.1~esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5449-1
CVE-2016-5407
[USN-5448-1] ncurses vulnerabilities
==========================================================================
Ubuntu Security Notice USN-5448-1
May 26, 2022
ncurses vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in ncurses.
Software Description:
- ncurses: shared libraries for terminal handling (32-bit)
Details:
It was discovered that ncurses was not properly checking array bounds
when executing the fmt_entry function, which could result in an
out-of-bounds write. An attacker could possibly use this issue to
execute arbitrary code. (CVE-2017-10684)
It was discovered that ncurses was not properly checking user input,
which could result in it being treated as a format argument. An
attacker could possibly use this issue to expose sensitive
information or to execute arbitrary code. (CVE-2017-10685)
It was discovered that ncurses was incorrectly performing memory
management operations and was not blocking access attempts to
illegal memory locations. An attacker could possibly use this issue
to cause a denial of service. (CVE-2017-11112, CVE-2017-13729,
CVE-2017-13730, CVE-2017-13731, CVE-2017-13732, CVE-2017-13733,
CVE-2017-13734)
It was discovered that ncurses was not properly performing checks
on pointer values before attempting to access the related memory
locations, which could lead to NULL pointer dereferencing. An
attacker could possibly use this issue to cause a denial of service.
(CVE-2017-11113)
It was discovered that ncurses was incorrectly handling loops in
libtic, which could lead to the execution of an infinite loop. An
attacker could possibly use this issue to cause a denial of service.
(CVE-2017-13728)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
lib32ncurses5 6.0+20160213-1ubuntu1+esm1
lib32ncursesw5 6.0+20160213-1ubuntu1+esm1
lib32tinfo5 6.0+20160213-1ubuntu1+esm1
lib64ncurses5 6.0+20160213-1ubuntu1+esm1
lib64tinfo5 6.0+20160213-1ubuntu1+esm1
libncurses5 6.0+20160213-1ubuntu1+esm1
libncursesw5 6.0+20160213-1ubuntu1+esm1
libtinfo5 6.0+20160213-1ubuntu1+esm1
libx32ncurses5 6.0+20160213-1ubuntu1+esm1
libx32ncursesw5 6.0+20160213-1ubuntu1+esm1
libx32tinfo5 6.0+20160213-1ubuntu1+esm1
ncurses-base 6.0+20160213-1ubuntu1+esm1
ncurses-bin 6.0+20160213-1ubuntu1+esm1
ncurses-term 6.0+20160213-1ubuntu1+esm1
Ubuntu 14.04 ESM:
lib32ncurses5 5.9+20140118-1ubuntu1+esm1
lib32ncursesw5 5.9+20140118-1ubuntu1+esm1
lib32tinfo5 5.9+20140118-1ubuntu1+esm1
lib64ncurses5 5.9+20140118-1ubuntu1+esm1
lib64tinfo5 5.9+20140118-1ubuntu1+esm1
libncurses5 5.9+20140118-1ubuntu1+esm1
libncursesw5 5.9+20140118-1ubuntu1+esm1
libtinfo5 5.9+20140118-1ubuntu1+esm1
libx32ncurses5 5.9+20140118-1ubuntu1+esm1
libx32ncursesw5 5.9+20140118-1ubuntu1+esm1
libx32tinfo5 5.9+20140118-1ubuntu1+esm1
ncurses-base 5.9+20140118-1ubuntu1+esm1
ncurses-bin 5.9+20140118-1ubuntu1+esm1
ncurses-term 5.9+20140118-1ubuntu1+esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5448-1
CVE-2017-10684, CVE-2017-10685, CVE-2017-11112, CVE-2017-11113,
CVE-2017-13728, CVE-2017-13729, CVE-2017-13730, CVE-2017-13731,
CVE-2017-13732, CVE-2017-13733, CVE-2017-13734
Ubuntu Security Notice USN-5448-1
May 26, 2022
ncurses vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in ncurses.
Software Description:
- ncurses: shared libraries for terminal handling (32-bit)
Details:
It was discovered that ncurses was not properly checking array bounds
when executing the fmt_entry function, which could result in an
out-of-bounds write. An attacker could possibly use this issue to
execute arbitrary code. (CVE-2017-10684)
It was discovered that ncurses was not properly checking user input,
which could result in it being treated as a format argument. An
attacker could possibly use this issue to expose sensitive
information or to execute arbitrary code. (CVE-2017-10685)
It was discovered that ncurses was incorrectly performing memory
management operations and was not blocking access attempts to
illegal memory locations. An attacker could possibly use this issue
to cause a denial of service. (CVE-2017-11112, CVE-2017-13729,
CVE-2017-13730, CVE-2017-13731, CVE-2017-13732, CVE-2017-13733,
CVE-2017-13734)
It was discovered that ncurses was not properly performing checks
on pointer values before attempting to access the related memory
locations, which could lead to NULL pointer dereferencing. An
attacker could possibly use this issue to cause a denial of service.
(CVE-2017-11113)
It was discovered that ncurses was incorrectly handling loops in
libtic, which could lead to the execution of an infinite loop. An
attacker could possibly use this issue to cause a denial of service.
(CVE-2017-13728)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
lib32ncurses5 6.0+20160213-1ubuntu1+esm1
lib32ncursesw5 6.0+20160213-1ubuntu1+esm1
lib32tinfo5 6.0+20160213-1ubuntu1+esm1
lib64ncurses5 6.0+20160213-1ubuntu1+esm1
lib64tinfo5 6.0+20160213-1ubuntu1+esm1
libncurses5 6.0+20160213-1ubuntu1+esm1
libncursesw5 6.0+20160213-1ubuntu1+esm1
libtinfo5 6.0+20160213-1ubuntu1+esm1
libx32ncurses5 6.0+20160213-1ubuntu1+esm1
libx32ncursesw5 6.0+20160213-1ubuntu1+esm1
libx32tinfo5 6.0+20160213-1ubuntu1+esm1
ncurses-base 6.0+20160213-1ubuntu1+esm1
ncurses-bin 6.0+20160213-1ubuntu1+esm1
ncurses-term 6.0+20160213-1ubuntu1+esm1
Ubuntu 14.04 ESM:
lib32ncurses5 5.9+20140118-1ubuntu1+esm1
lib32ncursesw5 5.9+20140118-1ubuntu1+esm1
lib32tinfo5 5.9+20140118-1ubuntu1+esm1
lib64ncurses5 5.9+20140118-1ubuntu1+esm1
lib64tinfo5 5.9+20140118-1ubuntu1+esm1
libncurses5 5.9+20140118-1ubuntu1+esm1
libncursesw5 5.9+20140118-1ubuntu1+esm1
libtinfo5 5.9+20140118-1ubuntu1+esm1
libx32ncurses5 5.9+20140118-1ubuntu1+esm1
libx32ncursesw5 5.9+20140118-1ubuntu1+esm1
libx32tinfo5 5.9+20140118-1ubuntu1+esm1
ncurses-base 5.9+20140118-1ubuntu1+esm1
ncurses-bin 5.9+20140118-1ubuntu1+esm1
ncurses-term 5.9+20140118-1ubuntu1+esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5448-1
CVE-2017-10684, CVE-2017-10685, CVE-2017-11112, CVE-2017-11113,
CVE-2017-13728, CVE-2017-13729, CVE-2017-13730, CVE-2017-13731,
CVE-2017-13732, CVE-2017-13733, CVE-2017-13734
F37 proposal: Return Cloud Base to Edition Status (System-Wide Change proposal)
https://fedoraproject.org/wiki/Changes/RestoreCloudEdition
This document represents a proposed Change. As part of the Changes
process, proposals are publicly announced in order to receive
community feedback. This proposal will only be implemented if approved
by the Fedora Engineering Steering Committee.
== Summary ==
Cloud '''should''' be listed on getfedora.org with Workstation, Server
and IoT. The petition to reinstate the Cloud Base as an official
Edition is based on the clear identification of unique environmental
support requirements for private hyperscaler and public cloud
environments not specifically addressed by other Editions.
== Owner ==
* Name: [https://pagure.io/cloud-sig Fedora Cloud SIG]
* Name: [[User:davdunc| David Duncan]]
* Email: davdunc@amazon.com
== Detailed Description ==
The cloud base as an edition is plastic in a way that is appropriate
to match the various virtual environments on which it is capable of
running. There has been a lot of work explored here and a lot of
writing done to find that next level. In previous years, we had lots
of multi-cloud aspirations that couldn't be fulfilled, but they can be
now and we want to ensure availability and ease of use.The Fedora
Cloud Base image is uniquely focused on supporting cloud and other
fail-only environments.
== Feedback ==
See the discussion here:
https://discussion.fedoraproject.org/t/fedora-cloud-edition-not-an-edition-and-the-future/34064/23
Some specific feedback received was that we could potentially deploy
images of Fedora Workstation or Fedora Server to accomplish the same
tasks that are accomplished with Fedora Cloud Base, but that is
generally incorrect. Cloud specific workloads are not meant to be used
in the same way as these other editions except under specific
circumstances. Cloud specific configurations favor automated
deployments with monitoring and logging handled to some degree through
remote services. They are meant to be deployed sparingly and then to
increase in numbers for scalability.
These images should be able to handle virtualization for many
different workloads. The use of graphical environments or Server roles
satisfy only highly specialized cloud experiences.
== Benefit to Fedora ==
Cloud is a base, it has variations that work in different
environments, but it supports work that is not related to the "Just
enough" position of FCOS and extends the surface for experimental
workloads at the base operating system layers. The Cloud working group
has a very dedicated group of supporters who find value beyond the
requirements of the other editions. With the adoption of btrfs in this
most recent release there was much stir over how it could fit so well
and yet diverge so much from ''Container'' exclusive like those of
FCOS or ''Server'' goals, further accenting this dividing line.
That introduces the highlights for the reasons Fedora Cloud Base fits as an
[https://docs.fedoraproject.org/en-US/council/policy/edition-promotion-policy/
Edition]. The cloud base as an edition is plastic in a way that is
appropriate to match the various virtual environments on which it is
capable of running. There has been a lot of work explored here and a
lot of writing done to find that next level. In previous years, we had
lots of multi-cloud aspirations that couldn't be fulfilled, but they
can be now and we want to ensure availability and ease of use.
== Scope ==
* Proposal owners: [[Cloud/Cloud_PRD|Cloud PRD]] and
[[CloudBase/Technical_Specification|Technical Specification]] updates
are in process to ensure that we provide sufficient roadmap and
technical specification to confirm alignment with the Fedora Project
overall and especially that we are aligned with the Cloud Base users
and established infrastructure providers.
* Other developers: Web changes will need to be made to accomodate the
publication of links and some artwork will need to be created to align
with current Project design.
* Release engineering: [https://pagure.io/releng/issues #Releng issue
number] `TBD`
* Policies and guidelines: N/A (not needed for this Change)
* Trademark approval: https://pagure.io/Fedora-Council/tickets/issue/397
* Alignment with Objectives:
== Upgrade/compatibility impact ==
In restoring the Cloud edition to the official Edition status, we
eliminate any issues. It is with the downgrade to edition status where
there will be an impact. The release information will have to be
modified to remove the edition identifiers and this may cause an
impact to current users.
== How To Test ==
Standard QA testing and evaluation methods apply for QA Compose.
== User Experience ==
This may change where Fedora Cloud Base Images are located in the web
portal, but it will most likely be simpler to discover the images
themselves.
== Dependencies ==
There are no currently known dependencies for this.
== Contingency Plan ==
* Contingency mechanism: Remove the
* Contingency deadline: 2022-10-18
* Blocks release? This is not a release blocker
If this is not approved for F37, we will roll forward to F38 and
prepare as required. There is no technical change in the image build
requirements.
== Documentation ==
Documentation is currently in the wiki for the [[Cloud|working group]]
and the [[Cloud SIG]] and is in the process of a series of updates
to be moved to the [[DocsProject|Fedora Docs]] format
== Release Notes ==
''Fedora Cloud Base Edition''
Announcing the promotion of the Fedora Cloud Base to official status
as a Fedora Edition. Fedora Cloud Base Images can now be found from
https://getfedora.org
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
This document represents a proposed Change. As part of the Changes
process, proposals are publicly announced in order to receive
community feedback. This proposal will only be implemented if approved
by the Fedora Engineering Steering Committee.
== Summary ==
Cloud '''should''' be listed on getfedora.org with Workstation, Server
and IoT. The petition to reinstate the Cloud Base as an official
Edition is based on the clear identification of unique environmental
support requirements for private hyperscaler and public cloud
environments not specifically addressed by other Editions.
== Owner ==
* Name: [https://pagure.io/cloud-sig Fedora Cloud SIG]
* Name: [[User:davdunc| David Duncan]]
* Email: davdunc@amazon.com
== Detailed Description ==
The cloud base as an edition is plastic in a way that is appropriate
to match the various virtual environments on which it is capable of
running. There has been a lot of work explored here and a lot of
writing done to find that next level. In previous years, we had lots
of multi-cloud aspirations that couldn't be fulfilled, but they can be
now and we want to ensure availability and ease of use.The Fedora
Cloud Base image is uniquely focused on supporting cloud and other
fail-only environments.
== Feedback ==
See the discussion here:
https://discussion.fedoraproject.org/t/fedora-cloud-edition-not-an-edition-and-the-future/34064/23
Some specific feedback received was that we could potentially deploy
images of Fedora Workstation or Fedora Server to accomplish the same
tasks that are accomplished with Fedora Cloud Base, but that is
generally incorrect. Cloud specific workloads are not meant to be used
in the same way as these other editions except under specific
circumstances. Cloud specific configurations favor automated
deployments with monitoring and logging handled to some degree through
remote services. They are meant to be deployed sparingly and then to
increase in numbers for scalability.
These images should be able to handle virtualization for many
different workloads. The use of graphical environments or Server roles
satisfy only highly specialized cloud experiences.
== Benefit to Fedora ==
Cloud is a base, it has variations that work in different
environments, but it supports work that is not related to the "Just
enough" position of FCOS and extends the surface for experimental
workloads at the base operating system layers. The Cloud working group
has a very dedicated group of supporters who find value beyond the
requirements of the other editions. With the adoption of btrfs in this
most recent release there was much stir over how it could fit so well
and yet diverge so much from ''Container'' exclusive like those of
FCOS or ''Server'' goals, further accenting this dividing line.
That introduces the highlights for the reasons Fedora Cloud Base fits as an
[https://docs.fedoraproject.org/en-US/council/policy/edition-promotion-policy/
Edition]. The cloud base as an edition is plastic in a way that is
appropriate to match the various virtual environments on which it is
capable of running. There has been a lot of work explored here and a
lot of writing done to find that next level. In previous years, we had
lots of multi-cloud aspirations that couldn't be fulfilled, but they
can be now and we want to ensure availability and ease of use.
== Scope ==
* Proposal owners: [[Cloud/Cloud_PRD|Cloud PRD]] and
[[CloudBase/Technical_Specification|Technical Specification]] updates
are in process to ensure that we provide sufficient roadmap and
technical specification to confirm alignment with the Fedora Project
overall and especially that we are aligned with the Cloud Base users
and established infrastructure providers.
* Other developers: Web changes will need to be made to accomodate the
publication of links and some artwork will need to be created to align
with current Project design.
* Release engineering: [https://pagure.io/releng/issues #Releng issue
number] `TBD`
* Policies and guidelines: N/A (not needed for this Change)
* Trademark approval: https://pagure.io/Fedora-Council/tickets/issue/397
* Alignment with Objectives:
== Upgrade/compatibility impact ==
In restoring the Cloud edition to the official Edition status, we
eliminate any issues. It is with the downgrade to edition status where
there will be an impact. The release information will have to be
modified to remove the edition identifiers and this may cause an
impact to current users.
== How To Test ==
Standard QA testing and evaluation methods apply for QA Compose.
== User Experience ==
This may change where Fedora Cloud Base Images are located in the web
portal, but it will most likely be simpler to discover the images
themselves.
== Dependencies ==
There are no currently known dependencies for this.
== Contingency Plan ==
* Contingency mechanism: Remove the
* Contingency deadline: 2022-10-18
* Blocks release? This is not a release blocker
If this is not approved for F37, we will roll forward to F38 and
prepare as required. There is no technical change in the image build
requirements.
== Documentation ==
Documentation is currently in the wiki for the [[Cloud|working group]]
and the [[Cloud SIG]] and is in the process of a series of updates
to be moved to the [[DocsProject|Fedora Docs]] format
== Release Notes ==
''Fedora Cloud Base Edition''
Announcing the promotion of the Fedora Cloud Base to official status
as a Fedora Edition. Fedora Cloud Base Images can now be found from
https://getfedora.org
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[USN-5402-2] OpenSSL vulnerabilities
==========================================================================
Ubuntu Security Notice USN-5402-2
May 26, 2022
openssl vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
Several security issues were fixed in OpenSSL.
Software Description:
- openssl: Secure Socket Layer (SSL) cryptographic library and tools
Details:
USN-5402-1 fixed several vulnerabilities in OpenSSL. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Elison Niven discovered that OpenSSL incorrectly handled the c_rehash
script. A local attacker could possibly use this issue to execute arbitrary
commands when c_rehash is run. (CVE-2022-1292)
Aliaksei Levin discovered that OpenSSL incorrectly handled resources when
decoding certificates and keys. A remote attacker could possibly use this
issue to cause OpenSSL to consume resources, leading to a denial of
service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-1473)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
libssl1.0.0 1.0.2g-1ubuntu4.20+esm3
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5402-2
https://ubuntu.com/security/notices/USN-5402-1
CVE-2022-1292, CVE-2022-1473
Ubuntu Security Notice USN-5402-2
May 26, 2022
openssl vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
Several security issues were fixed in OpenSSL.
Software Description:
- openssl: Secure Socket Layer (SSL) cryptographic library and tools
Details:
USN-5402-1 fixed several vulnerabilities in OpenSSL. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Elison Niven discovered that OpenSSL incorrectly handled the c_rehash
script. A local attacker could possibly use this issue to execute arbitrary
commands when c_rehash is run. (CVE-2022-1292)
Aliaksei Levin discovered that OpenSSL incorrectly handled resources when
decoding certificates and keys. A remote attacker could possibly use this
issue to cause OpenSSL to consume resources, leading to a denial of
service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-1473)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
libssl1.0.0 1.0.2g-1ubuntu4.20+esm3
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5402-2
https://ubuntu.com/security/notices/USN-5402-1
CVE-2022-1292, CVE-2022-1473
[USN-5447-1] logrotate vulnerability
==========================================================================
Ubuntu Security Notice USN-5447-1
May 26, 2022
logrotate vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
- Ubuntu 21.10
Summary:
logrotate could be made to stop processing log files.
Software Description:
- logrotate: Log rotation utility
Details:
It was discovered that logrotate incorrectly handled the state file. A
local attacker could possibly use this issue to keep a lock on the state
file and cause logrotate to stop working, leading to a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS:
logrotate 3.19.0-1ubuntu1.1
Ubuntu 21.10:
logrotate 3.18.0-2ubuntu1.1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5447-1
CVE-2022-1348
Package Information:
https://launchpad.net/ubuntu/+source/logrotate/3.19.0-1ubuntu1.1
https://launchpad.net/ubuntu/+source/logrotate/3.18.0-2ubuntu1.1
Ubuntu Security Notice USN-5447-1
May 26, 2022
logrotate vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
- Ubuntu 21.10
Summary:
logrotate could be made to stop processing log files.
Software Description:
- logrotate: Log rotation utility
Details:
It was discovered that logrotate incorrectly handled the state file. A
local attacker could possibly use this issue to keep a lock on the state
file and cause logrotate to stop working, leading to a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS:
logrotate 3.19.0-1ubuntu1.1
Ubuntu 21.10:
logrotate 3.18.0-2ubuntu1.1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5447-1
CVE-2022-1348
Package Information:
https://launchpad.net/ubuntu/+source/logrotate/3.19.0-1ubuntu1.1
https://launchpad.net/ubuntu/+source/logrotate/3.18.0-2ubuntu1.1
[USN-5446-1] dpkg vulnerability
==========================================================================
Ubuntu Security Notice USN-5446-1
May 26, 2022
dpkg vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
- Ubuntu 21.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
A malicious source package could write files outside the unpack directory.
Software Description:
- dpkg: Debian package management system
Details:
Max Justicz discovered that dpkg incorrectly handled unpacking certain
source packages. If a user or an automated system were tricked into
unpacking a specially crafted source package, a remote attacker could
modify files outside the target unpack directory, leading to a denial of
service or potentially gaining access to the system.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS:
dpkg 1.21.1ubuntu2.1
libdpkg-perl 1.21.1ubuntu2.1
Ubuntu 21.10:
dpkg 1.20.9ubuntu2.2
libdpkg-perl 1.20.9ubuntu2.2
Ubuntu 20.04 LTS:
dpkg 1.19.7ubuntu3.2
libdpkg-perl 1.19.7ubuntu3.2
Ubuntu 18.04 LTS:
dpkg 1.19.0.5ubuntu2.4
libdpkg-perl 1.19.0.5ubuntu2.4
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5446-1
CVE-2022-1664
Package Information:
https://launchpad.net/ubuntu/+source/dpkg/1.21.1ubuntu2.1
https://launchpad.net/ubuntu/+source/dpkg/1.20.9ubuntu2.2
https://launchpad.net/ubuntu/+source/dpkg/1.19.7ubuntu3.2
https://launchpad.net/ubuntu/+source/dpkg/1.19.0.5ubuntu2.4
Ubuntu Security Notice USN-5446-1
May 26, 2022
dpkg vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
- Ubuntu 21.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
A malicious source package could write files outside the unpack directory.
Software Description:
- dpkg: Debian package management system
Details:
Max Justicz discovered that dpkg incorrectly handled unpacking certain
source packages. If a user or an automated system were tricked into
unpacking a specially crafted source package, a remote attacker could
modify files outside the target unpack directory, leading to a denial of
service or potentially gaining access to the system.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS:
dpkg 1.21.1ubuntu2.1
libdpkg-perl 1.21.1ubuntu2.1
Ubuntu 21.10:
dpkg 1.20.9ubuntu2.2
libdpkg-perl 1.20.9ubuntu2.2
Ubuntu 20.04 LTS:
dpkg 1.19.7ubuntu3.2
libdpkg-perl 1.19.7ubuntu3.2
Ubuntu 18.04 LTS:
dpkg 1.19.0.5ubuntu2.4
libdpkg-perl 1.19.0.5ubuntu2.4
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5446-1
CVE-2022-1664
Package Information:
https://launchpad.net/ubuntu/+source/dpkg/1.21.1ubuntu2.1
https://launchpad.net/ubuntu/+source/dpkg/1.20.9ubuntu2.2
https://launchpad.net/ubuntu/+source/dpkg/1.19.7ubuntu3.2
https://launchpad.net/ubuntu/+source/dpkg/1.19.0.5ubuntu2.4
[USN-5445-1] Subversion vulnerabilities
==========================================================================
Ubuntu Security Notice USN-5445-1
May 26, 2022
subversion vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in subversion.
Software Description:
- subversion: Advanced version control system
Details:
Ace Olszowka discovered that Subversion incorrectly handled certain
svnserve requests. A remote attacker could possibly use this issue to cause
svnserver to crash, resulting in a denial of service. This issue only
affected Ubuntu 18.04 LTS. (CVE-2018-11782)
Tomas Bortoli discovered that Subversion incorrectly handled certain
svnserve requests. A remote attacker could possibly use this issue to cause
svnserver to crash, resulting in a denial of service. This issue only
affected Ubuntu 18.04 LTS. (CVE-2019-0203)
Thomas Åkesson discovered that Subversion incorrectly handled certain
inputs. An attacker could possibly use this issue to cause a denial of
service. (CVE-2020-17525)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS:
libapache2-mod-svn 1.13.0-3ubuntu0.2
libsvn1 1.13.0-3ubuntu0.2
subversion 1.13.0-3ubuntu0.2
Ubuntu 18.04 LTS:
libapache2-mod-svn 1.9.7-4ubuntu1.1
libsvn1 1.9.7-4ubuntu1.1
subversion 1.9.7-4ubuntu1.1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5445-1
CVE-2018-11782, CVE-2019-0203, CVE-2020-17525
Package Information:
https://launchpad.net/ubuntu/+source/subversion/1.13.0-3ubuntu0.2
https://launchpad.net/ubuntu/+source/subversion/1.9.7-4ubuntu1.1
Ubuntu Security Notice USN-5445-1
May 26, 2022
subversion vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in subversion.
Software Description:
- subversion: Advanced version control system
Details:
Ace Olszowka discovered that Subversion incorrectly handled certain
svnserve requests. A remote attacker could possibly use this issue to cause
svnserver to crash, resulting in a denial of service. This issue only
affected Ubuntu 18.04 LTS. (CVE-2018-11782)
Tomas Bortoli discovered that Subversion incorrectly handled certain
svnserve requests. A remote attacker could possibly use this issue to cause
svnserver to crash, resulting in a denial of service. This issue only
affected Ubuntu 18.04 LTS. (CVE-2019-0203)
Thomas Åkesson discovered that Subversion incorrectly handled certain
inputs. An attacker could possibly use this issue to cause a denial of
service. (CVE-2020-17525)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS:
libapache2-mod-svn 1.13.0-3ubuntu0.2
libsvn1 1.13.0-3ubuntu0.2
subversion 1.13.0-3ubuntu0.2
Ubuntu 18.04 LTS:
libapache2-mod-svn 1.9.7-4ubuntu1.1
libsvn1 1.9.7-4ubuntu1.1
subversion 1.9.7-4ubuntu1.1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5445-1
CVE-2018-11782, CVE-2019-0203, CVE-2020-17525
Package Information:
https://launchpad.net/ubuntu/+source/subversion/1.13.0-3ubuntu0.2
https://launchpad.net/ubuntu/+source/subversion/1.9.7-4ubuntu1.1
Tuesday, May 24, 2022
[USN-5404-2] Rsyslog vulnerability
==========================================================================
Ubuntu Security Notice USN-5404-2
May 24, 2022
rsyslog vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
Rsyslog could be made to crash if it received a specially crafted request.
Software Description:
- rsyslog: Enhanced syslogd
Details:
USN-5404-1 addressed a vulnerability in Rsyslog. This update
provides the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Pieter Agten discovered that Rsyslog incorrectly handled certain
requests. An attacker could possibly use this issue to cause a crash.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
rsyslog 8.16.0-1ubuntu3.1+esm2
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5404-2
https://ubuntu.com/security/notices/USN-5404-1
CVE-2022-24903
Ubuntu Security Notice USN-5404-2
May 24, 2022
rsyslog vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
Rsyslog could be made to crash if it received a specially crafted request.
Software Description:
- rsyslog: Enhanced syslogd
Details:
USN-5404-1 addressed a vulnerability in Rsyslog. This update
provides the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Pieter Agten discovered that Rsyslog incorrectly handled certain
requests. An attacker could possibly use this issue to cause a crash.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
rsyslog 8.16.0-1ubuntu3.1+esm2
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5404-2
https://ubuntu.com/security/notices/USN-5404-1
CVE-2022-24903
Subscribe to:
Posts (Atom)