CVE fixes for 2022-06-06
Includes: CVE-2022-28736 CVE-2022-28735 CVE-2022-28734 CVE-2022-28733 CVE-2021-3697 CVE-2021-3696 CVE-2021-3695
Moderate/high, some network access. Update!
Upstream disclosure with more information: https://lists.gnu.org/archive/html/grub-devel/2022-06/msg00035.html
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2022-27932fdd06
Please login to add feedback.
This update has been submitted for testing by rharwood.
This update's test gating status has been changed to 'waiting'.
rharwood edited this update.
This update's test gating status has been changed to 'failed'.
This update's test gating status has been changed to 'waiting'.
This update's test gating status has been changed to 'failed'.
This update has been pushed to testing.
Works.
tested on armv7/aarch64/x86_64
The openQA failure here is interesting: somehow, with the new grub2 builds (this affects F35, F36 and Rawhide), anaconda's required space calculation changes. We run the affected test with a 10G disk, and with the new grub2, anaconda thinks it needs more than 10G for KDE and GNOME live installs. With older grub2, it thinks 10G is enough space.
I don't know exactly what changed. anaconda thinks it's 700-800M short, so I don't think the change is as simple as "grub2 got that much bigger", because at a quick check none of the packages is close to that size.
I'm going to run a few checks manually and see if I can figure out what's going on.
Note that anaconda's calculation here is completely wrong anyway, but it's still concerning that it thinks 10G is OK before this update but not after it, and I'd like to figure out why that is rather than just bumping the test's disk size or whatever.
No regressions found
After digging into it some more I couldn't really figure out what's going on, but the package doesn't seem to anything egregious to make stuff bigger. So I'm just going to bump the disk size used in openQA as I don't really have anything else practical to do here. Will do that and re-run the affected tests.
This update's test gating status has been changed to 'passed'.
This update can be pushed to stable now if the maintainer wishes
This update has been submitted for stable by bodhi.
This update has been pushed to stable.