I installed the following packages:

sudo dnf install https://kojipkgs.fedoraproject.org//packages/sudo/1.9.5p2/1.fc33/x86_64/sudo-1.9.5p2-1.fc33.x86_64.rpm https://kojipkgs.fedoraproject.org//packages/sudo/1.9.5p2/1.fc33/x86_64/sudo-python-plugin-1.9.5p2-1.fc33.x86_64.rpm

=> rpm -q sudo says "sudo-1.9.5p2-1.fc33.x86_64"

Vulnerability check using (cd /; sudoedit -s '\' xxxxxxxxxxxx) command: * Before: "sudoedit: malloc.c:2394: sysmalloc: Assertion (...) failed." * After: "usage: sudoedit [-AknS] [-r role] (...)"

sudo --version: * Before: Sudo version 1.9.5p1 * After: Sudo version 1.9.5p2

Note: but I failed to test the update in the usual way, "sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2021-2cb63d912a" doesn't find any update.

I confirm that python37-3.7.8-1.fc32.x86_64 fix LIBPL:

$ python3.7 -c "import distutils.sysconfig; print(distutils.sysconfig.get_config_var('LIBPL'))" /usr/lib64/python3.7/config-3.7m-x86_64-linux-gnu

$ python3.7 -c "import sysconfig; print(sysconfig.get_config_var('LIBPL'))" /usr/lib64/python3.7/config-3.7m-x86_64-linux-gnu

Note: I installed the package using "sudo dnf install https://kojipkgs.fedoraproject.org//packages/python37/3.7.8/1.fc32/x86_64/python37-3.7.8-1.fc32.x86_64.rpm".

I confirm that python36-3.6.11-1.fc32.x86_64 fix the AbstractBasicAuthHandler vulnerability. I checked with https://pypi.org/project/check-python-vuln/ tool (which now says that all checked vulnerabilities are fixed).

I also confirm that LIBPL is fixed:

$ python3.6 -c "import distutils.sysconfig; print(distutils.sysconfig.get_config_var('LIBPL'))" /usr/lib64/python3.6/config-3.6m-x86_64-linux-gnu

$ python3.6 -c "import sysconfig; print(sysconfig.get_config_var('LIBPL'))" /usr/lib64/python3.6/config-3.6m-x86_64-linux-gnu

Note: I installed the package using "sudo dnf install https://kojipkgs.fedoraproject.org//packages/python36/3.6.11/1.fc32/x86_64/python36-3.6.11-1.fc32.x86_64.rpm". The dnf update didn't work yet.

I tested manually and I confirm that the upgrade fix "python3.7-config --configdir": the path now contains "/lib64/".

The upgrade fix the issue: "python3.7-config --configdir" returns /usr/lib64/python3.7/config-3.7m-x86_64-linux-gnu ("lib64" is correct, previously it was "lib").

The upgrade fix the issue: "python3.6-config --configdir" returns /usr/lib64/python3.6/config-3.6m-x86_64-linux-gnu ("lib64" is correct, previously it was "lib").

The upgrade fix the issue: "python3.6-config --configdir" returns /usr/lib64/python3.6/config-3.6m-x86_64-linux-gnu ("lib64" is correct, previously it was "lib").

Without this fix, Firefox prevented me to access lwn.net and netflix.com. With this fix, i can access these websites again!

I'm not sure if the system accounted my vote after I added my second comment. Just I case, I vote again.

More info in my original bug reports:

Firefox with Wayland crash on wl_abort() when selecting more than 4000 characters in a <textarea>: https://bugzilla.mozilla.org/show_bug.cgi?id=1539773</p> <p>On Wayland, notify_surrounding_text() crash on wl_abort() if text is longer than 4000 bytes: https://gitlab.gnome.org/GNOME/gtk/issues/1783</p></div></textarea>

My test: run "MOZ_ENABLE_WAYLAND=1 firefox" (I have MOZ_ENABLE_WAYLAND=1 in /etc/environment), go to https://en.wikipedia.org/wiki/GTK : select all text & copy it, go to http://paste.alacon.org/ and paste the text in the textarea. Then select again the text => Firefox exit immediately with gtk3-3.24.1-2.fc29.

Using gtk3-3.24.1-3.fc29, Firefox no longer crash. Good!