{"update": {"autokarma": true, "autotime": true, "stable_karma": 3, "stable_days": 14, "unstable_karma": -3, "require_bugs": true, "require_testcases": true, "display_name": "", "notes": "Security fix for CVE-2021-30473\nSecurity fix for CVE-2021-30475", "type": "security", "status": "stable", "request": null, "severity": "high", "suggest": "unspecified", "locked": false, "pushed": true, "critpath": false, "critpath_groups": null, "close_bugs": true, "date_submitted": "2021-06-13 16:53:07", "date_modified": null, "date_approved": null, "date_testing": "2021-06-14 01:31:36", "date_stable": "2021-06-29 00:34:11", "alias": "FEDORA-EPEL-2021-49226a1ff0", "test_gating_status": "ignored", "from_tag": "epel7-build-side-42575", "date_pushed": "2021-06-29 00:34:11", "meets_testing_requirements": true, "url": "https://bodhi.stg.fedoraproject.org/updates/FEDORA-EPEL-2021-49226a1ff0", "title": "aom-3.1.1-1.el7", "version_hash": "859fe32791267a8bd9a8636a2c968d50614f71fe", "release": {"name": "EPEL-7", "long_name": "Fedora EPEL 7", "version": "7", "id_prefix": "FEDORA-EPEL", "branch": "epel7", "dist_tag": "epel7", "stable_tag": "epel7", "testing_tag": "epel7-testing", "candidate_tag": "epel7-testing-candidate", "pending_signing_tag": "epel7-signing-pending", "pending_testing_tag": "epel7-testing-pending", "pending_stable_tag": "epel7-pending", "override_tag": "epel7-override", "mail_template": "fedora_epel_legacy_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": false, "package_manager": "unspecified", "testing_repository": null, "released_on": null, "eol": null, "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "eclipseo", "email": "zebob.m@gmail.com", "id": 3743, "avatar": "https://seccdn.libravatar.org/avatar/d39b265ba4de0763d7a95d149ca7ee52cc5ff3e3a3dc13eecee1652927748f2b?s=24&d=retro", "openid": "eclipseo.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "go-sig"}, {"name": "rust-sig"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'waiting'.", "timestamp": "2021-06-13 16:53:07", "update_id": 317275, "user_id": 91, "id": 2086244, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by bodhi. ", "timestamp": "2021-06-13 16:57:56", "update_id": 317275, "user_id": 91, "id": 2086253, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'ignored'.", "timestamp": "2021-06-13 16:57:56", "update_id": 317275, "user_id": 91, "id": 2086254, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2021-06-14 01:31:46", "update_id": 317275, "user_id": 91, "id": 2086432, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for stable by bodhi. ", "timestamp": "2021-06-28 01:34:15", "update_id": 317275, "user_id": 91, "id": 2102016, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 1, "karma_critpath": 0, "text": "Works together with xine-lib-1.2.11-3.el7.x86_64", "timestamp": "2021-06-28 12:24:52", "update_id": 317275, "user_id": 172, "id": 2102419, "bug_feedback": [{"karma": 0, "comment_id": 2102419, "bug_id": 1954337, "bug": {"bug_id": 1954337, "title": "aom-3.1.1 is available", "security": false, "parent": false}}, {"karma": 0, "comment_id": 2102419, "bug_id": 1961375, "bug": {"bug_id": 1961375, "title": "CVE-2021-30473 libaom: aom_image.c in libaom frees memory that is not located on the heap", "security": true, "parent": true}}, {"karma": 0, "comment_id": 2102419, "bug_id": 1961377, "bug": {"bug_id": 1961377, "title": "CVE-2021-30473 aom: libaom: aom_image.c in libaom frees memory that is not located on the heap [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 2102419, "bug_id": 1968017, "bug": {"bug_id": 1968017, "title": "CVE-2021-30475 libaom: Buffer overflow in aom_dsp/noise_model.c", "security": true, "parent": true}}, {"karma": 0, "comment_id": 2102419, "bug_id": 1968020, "bug": {"bug_id": 1968020, "title": "CVE-2021-30475 aom: libaom: Buffer overflow in aom_dsp/noise_model.c [epel-all]", "security": true, "parent": false}}], "testcase_feedback": [], "user": {"name": "robert", "email": "redhat@linuxnetz.de", "id": 172, "avatar": "https://seccdn.libravatar.org/avatar/5ce2f7b6de1c95bdf5b1d0f117f568f9955a164c0916ea7552b5db21bf3e689a?s=24&d=retro", "openid": "robert.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "ipausers"}, {"name": "ambassadors"}, {"name": "campusambassadors"}, {"name": "gitfedora-web"}, {"name": "fedora-contributor"}, {"name": "advocates"}, {"name": "fedorabugs"}, {"name": "gitsecurity-spin"}, {"name": "signed_fpca"}, {"name": "gitfama"}, {"name": "epel-packagers-sig"}, {"name": "web"}, {"name": "clamav"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to stable.", "timestamp": "2021-06-29 00:34:22", "update_id": 317275, "user_id": 91, "id": 2102988, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}], "builds": [{"nvr": "aom-3.1.1-1.el7", "signed": true, "release_id": 8, "type": "rpm", "epoch": 0}], "bugs": [{"bug_id": 1954337, "title": "aom-3.1.1 is available", "security": false, "parent": false, "feedback": [{"karma": 0, "comment_id": 2088027, "bug_id": 1954337, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2021-06-15 06:03:42", "update_id": 317272, "user_id": 4120, "id": 2088027, "testcase_feedback": [], "user": {"name": "atim", "email": "ego.cordatus@gmail.com", "id": 4120, "avatar": "https://seccdn.libravatar.org/avatar/8c3a317a13d88ca7421098b94cce0501c97ca2283e7139c4992df34f6218fb3b?s=24&d=retro", "openid": "atim.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "rust-sig"}]}}}, {"karma": 0, "comment_id": 2093786, "bug_id": 1954337, "comment": {"karma": 1, "karma_critpath": 0, "text": "No issues.\n\nTested on fedora workstation vm running in gnome box with allocated 20gib hdd and 2.5gib ram. Host OS is Fedora workstation running on 10th gen intel i3 processor, 8gib ram and 1TB hdd(HP 240 G8 laptop).", "timestamp": "2021-06-19 07:13:23", "update_id": 317272, "user_id": 6474, "id": 2093786, "testcase_feedback": [], "user": {"name": "sammy", "email": "samar.vaishampayan@gmail.com", "id": 6474, "avatar": "https://seccdn.libravatar.org/avatar/082345be737266f3418d8dc87292b44ede18e8f9e933bdb2bab4400c653d4adb?s=24&d=retro", "openid": "sammy.id.stg.fedoraproject.org", "groups": []}}}, {"karma": 0, "comment_id": 2090240, "bug_id": 1954337, "comment": {"karma": 0, "karma_critpath": 0, "text": "this will have caused gimp, and hence Python 2.x and GTK+ 2.x, to be installed for quite a lot of people :( See https://pagure.io/releng/failed-composes/issue/2568#comment-737981 . I'll send out a jpegxl update to prevent it, once it goes stable at least.", "timestamp": "2021-06-16 16:07:59", "update_id": 317272, "user_id": 302, "id": 2090240, "testcase_feedback": [], "user": {"name": "adamwill", "email": "awilliam@redhat.com", "id": 302, "avatar": "https://seccdn.libravatar.org/avatar/51720fbb2ec5dfd2bc005ac374a3bfd3190cb8f45f3bb8d6bdf35fb6a051d03b?s=24&d=retro", "openid": "adamwill.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "qa-tools-sig"}, {"name": "fedora-contributor"}, {"name": "news"}, {"name": "gittriage"}, {"name": "sysadmin"}, {"name": "gitspin-kickstarts"}, {"name": "signed_fpca"}, {"name": "gitgeneric-release"}, {"name": "yak_farmers"}, {"name": "triagers"}, {"name": "qa"}, {"name": "sysadmin-qa"}, {"name": "fedorabugs"}, {"name": "ipausers"}, {"name": "gitmkinitrd"}, {"name": "qa-admin"}, {"name": "aws-qa"}, {"name": "change-wranglers"}, {"name": "fedora-ci-admins"}, {"name": "common-issues-triage"}, {"name": "sysadmin-main"}, {"name": "program-management"}, {"name": "gitfedora-project-schedule"}]}}}, {"karma": 0, "comment_id": 2090241, "bug_id": 1954337, "comment": {"karma": 0, "karma_critpath": 0, "text": "Even if packages in some third party repos are rebuilt, that doesn't really make it not a problem. You are not supposed to bump sonames in stable release updates unless it's unavoidable. Security fixes should be backported. This is in the [updates policy](https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/#stable-releases) : \"ABI changes in general are very strongly discouraged, they force larger update sets on users and they make life difficult for third-party packagers.\"...\"Package maintainers MUST: Avoid Major version updates, AI breakage, or API changes if at all possible\".", "timestamp": "2021-06-16 16:11:44", "update_id": 317273, "user_id": 302, "id": 2090241, "testcase_feedback": [], "user": {"name": "adamwill", "email": "awilliam@redhat.com", "id": 302, "avatar": "https://seccdn.libravatar.org/avatar/51720fbb2ec5dfd2bc005ac374a3bfd3190cb8f45f3bb8d6bdf35fb6a051d03b?s=24&d=retro", "openid": "adamwill.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "qa-tools-sig"}, {"name": "fedora-contributor"}, {"name": "news"}, {"name": "gittriage"}, {"name": "sysadmin"}, {"name": "gitspin-kickstarts"}, {"name": "signed_fpca"}, {"name": "gitgeneric-release"}, {"name": "yak_farmers"}, {"name": "triagers"}, {"name": "qa"}, {"name": "sysadmin-qa"}, {"name": "fedorabugs"}, {"name": "ipausers"}, {"name": "gitmkinitrd"}, {"name": "qa-admin"}, {"name": "aws-qa"}, {"name": "change-wranglers"}, {"name": "fedora-ci-admins"}, {"name": "common-issues-triage"}, {"name": "sysadmin-main"}, {"name": "program-management"}, {"name": "gitfedora-project-schedule"}]}}}, {"karma": 0, "comment_id": 2091304, "bug_id": 1954337, "comment": {"karma": 0, "karma_critpath": 0, "text": "@sergiomb It's been unpushed at rpmfusion, I now consider f33 as EOL and wont be doing the overrides and rebuilds again.", "timestamp": "2021-06-17 10:16:27", "update_id": 317273, "user_id": 153, "id": 2091304, "testcase_feedback": [], "user": {"name": "leigh123linux", "email": "leigh123linux@googlemail.com", "id": 153, "avatar": "https://seccdn.libravatar.org/avatar/bc7e6a3ecec56e135abde432394bdac40420ac92a9bb2e2a9aed5e41cd3aea18?s=24&d=retro", "openid": "leigh123linux.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 2087266, "bug_id": 1954337, "comment": {"karma": 0, "karma_critpath": 0, "text": "Can you either add those dependant pkgs to f33-override too, or remove the aom override?  Otherwise, some koji has a broken dependency currently building f33 targets:\ngstreamer: DEBUG util.py:444: - nothing provides libaom.so.2()(64bit) needed by gstreamer1-plugins-bad-free-1.18.2-1.fc33.x86_64 \n", "timestamp": "2021-06-14 15:57:07", "update_id": 317273, "user_id": 155, "id": 2087266, "testcase_feedback": [], "user": {"name": "rdieter", "email": "rdieter@gmail.com", "id": 155, "avatar": "https://seccdn.libravatar.org/avatar/e00cfde0448d2d8a114d4ec742fd1981de0a23cab380b73bafea35a78bc0c663?s=24&d=retro", "openid": "rdieter.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "kde-sig"}, {"name": "lxqt-sig"}, {"name": "gitthemes"}, {"name": "gitkde"}, {"name": "svnfedora-kde-artwork"}, {"name": "gitfedora-mate"}, {"name": "fedorabugs"}, {"name": "gitspin-kickstarts"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "epel-wranglers"}, {"name": "ambassadors"}, {"name": "scitech_sig"}, {"name": "gitlivecd"}, {"name": "svnkde-settings"}, {"name": "scitech"}, {"name": "ipausers"}, {"name": "designteam"}]}}}, {"karma": 1, "comment_id": 2090057, "bug_id": 1954337, "comment": {"karma": 1, "karma_critpath": 0, "text": "@ppisar  https://mirror.netsite.dk/rpmfusion/free/fedora/updates/testing/33/x86_64/repoview/index.html", "timestamp": "2021-06-16 11:59:42", "update_id": 317273, "user_id": 153, "id": 2090057, "testcase_feedback": [], "user": {"name": "leigh123linux", "email": "leigh123linux@googlemail.com", "id": 153, "avatar": "https://seccdn.libravatar.org/avatar/bc7e6a3ecec56e135abde432394bdac40420ac92a9bb2e2a9aed5e41cd3aea18?s=24&d=retro", "openid": "leigh123linux.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 2090365, "bug_id": 1954337, "comment": {"karma": 0, "karma_critpath": 0, "text": "Sorry about that, I didn't realise that putting it in weak deps would bring the whole Gimp suite during composes,", "timestamp": "2021-06-16 17:52:55", "update_id": 317272, "user_id": 3743, "id": 2090365, "testcase_feedback": [], "user": {"name": "eclipseo", "email": "zebob.m@gmail.com", "id": 3743, "avatar": "https://seccdn.libravatar.org/avatar/d39b265ba4de0763d7a95d149ca7ee52cc5ff3e3a3dc13eecee1652927748f2b?s=24&d=retro", "openid": "eclipseo.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "go-sig"}, {"name": "rust-sig"}]}}}, {"karma": 0, "comment_id": 2091293, "bug_id": 1954337, "comment": {"karma": 0, "karma_critpath": 0, "text": "Now that we rebuilt all, please go forward and push it ", "timestamp": "2021-06-17 10:10:03", "update_id": 317273, "user_id": 271, "id": 2091293, "testcase_feedback": [], "user": {"name": "sergiomb", "email": "sergio@serjux.com", "id": 271, "avatar": "https://seccdn.libravatar.org/avatar/cb1e1c02b91fca7534374ad3e77409014e4c30c6de47356f36099793f08cc1de?s=24&d=retro", "openid": "sergiomb.id.stg.fedoraproject.org", "groups": [{"name": "nodejs-sig"}, {"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "clamav"}, {"name": "multimedia-sig"}]}}}, {"karma": 0, "comment_id": 2102419, "bug_id": 1954337, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works together with xine-lib-1.2.11-3.el7.x86_64", "timestamp": "2021-06-28 12:24:52", "update_id": 317275, "user_id": 172, "id": 2102419, "testcase_feedback": [], "user": {"name": "robert", "email": "redhat@linuxnetz.de", "id": 172, "avatar": "https://seccdn.libravatar.org/avatar/5ce2f7b6de1c95bdf5b1d0f117f568f9955a164c0916ea7552b5db21bf3e689a?s=24&d=retro", "openid": "robert.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "ipausers"}, {"name": "ambassadors"}, {"name": "campusambassadors"}, {"name": "gitfedora-web"}, {"name": "fedora-contributor"}, {"name": "advocates"}, {"name": "fedorabugs"}, {"name": "gitsecurity-spin"}, {"name": "signed_fpca"}, {"name": "gitfama"}, {"name": "epel-packagers-sig"}, {"name": "web"}, {"name": "clamav"}]}}}, {"karma": 0, "comment_id": 2087356, "bug_id": 1954337, "comment": {"karma": 1, "karma_critpath": 0, "text": "no issues", "timestamp": "2021-06-14 17:03:14", "update_id": 317272, "user_id": 316, "id": 2087356, "testcase_feedback": [], "user": {"name": "buc", "email": "dmitry@butskoy.name", "id": 316, "avatar": "https://seccdn.libravatar.org/avatar/2fe8616e456a3cda09f709c1dabbe7ed36c9cb5ce456592ae39b5782132b5fb8?s=24&d=retro", "openid": "buc.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 2088712, "bug_id": 1954337, "comment": {"karma": 0, "karma_critpath": 0, "text": "I expired the override causing broken deps,\nhttps://bodhi.fedoraproject.org/overrides/aom-3.1.1-1.fc33", "timestamp": "2021-06-15 14:31:49", "update_id": 317273, "user_id": 155, "id": 2088712, "testcase_feedback": [], "user": {"name": "rdieter", "email": "rdieter@gmail.com", "id": 155, "avatar": "https://seccdn.libravatar.org/avatar/e00cfde0448d2d8a114d4ec742fd1981de0a23cab380b73bafea35a78bc0c663?s=24&d=retro", "openid": "rdieter.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "kde-sig"}, {"name": "lxqt-sig"}, {"name": "gitthemes"}, {"name": "gitkde"}, {"name": "svnfedora-kde-artwork"}, {"name": "gitfedora-mate"}, {"name": "fedorabugs"}, {"name": "gitspin-kickstarts"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "epel-wranglers"}, {"name": "ambassadors"}, {"name": "scitech_sig"}, {"name": "gitlivecd"}, {"name": "svnkde-settings"}, {"name": "scitech"}, {"name": "ipausers"}, {"name": "designteam"}]}}}, {"karma": 0, "comment_id": 2090242, "bug_id": 1954337, "comment": {"karma": 0, "karma_critpath": 0, "text": "Also, this introduces the problem from https://pagure.io/releng/failed-composes/issue/2568#comment-737981 to stable releases; by adding a dependency on jpegxl it ultimately causes the default desktop package sets to pull in gimp, which pulls in Python 2 and GTK+ 2. That's not good. This ship has already sailed for F34 and Rawhide, but I will edit this update to include a jpegxl build with the offending Recommends: removed to avoid it happening to F33 as well.", "timestamp": "2021-06-16 16:13:11", "update_id": 317273, "user_id": 302, "id": 2090242, "testcase_feedback": [], "user": {"name": "adamwill", "email": "awilliam@redhat.com", "id": 302, "avatar": "https://seccdn.libravatar.org/avatar/51720fbb2ec5dfd2bc005ac374a3bfd3190cb8f45f3bb8d6bdf35fb6a051d03b?s=24&d=retro", "openid": "adamwill.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "qa-tools-sig"}, {"name": "fedora-contributor"}, {"name": "news"}, {"name": "gittriage"}, {"name": "sysadmin"}, {"name": "gitspin-kickstarts"}, {"name": "signed_fpca"}, {"name": "gitgeneric-release"}, {"name": "yak_farmers"}, {"name": "triagers"}, {"name": "qa"}, {"name": "sysadmin-qa"}, {"name": "fedorabugs"}, {"name": "ipausers"}, {"name": "gitmkinitrd"}, {"name": "qa-admin"}, {"name": "aws-qa"}, {"name": "change-wranglers"}, {"name": "fedora-ci-admins"}, {"name": "common-issues-triage"}, {"name": "sysadmin-main"}, {"name": "program-management"}, {"name": "gitfedora-project-schedule"}]}}}, {"karma": 0, "comment_id": 2090364, "bug_id": 1954337, "comment": {"karma": 0, "karma_critpath": 0, "text": "> Security fixes should be backported.\n\nThe code has changed over two major versions, backporting it was not trivial, One of the security issue being considered high made me choose this way.", "timestamp": "2021-06-16 17:46:24", "update_id": 317273, "user_id": 3743, "id": 2090364, "testcase_feedback": [], "user": {"name": "eclipseo", "email": "zebob.m@gmail.com", "id": 3743, "avatar": "https://seccdn.libravatar.org/avatar/d39b265ba4de0763d7a95d149ca7ee52cc5ff3e3a3dc13eecee1652927748f2b?s=24&d=retro", "openid": "eclipseo.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "go-sig"}, {"name": "rust-sig"}]}}}]}, {"bug_id": 1961375, "title": "CVE-2021-30473 libaom: aom_image.c in libaom frees memory that is not located on the heap", "security": true, "parent": true, "feedback": [{"karma": 0, "comment_id": 2088027, "bug_id": 1961375, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2021-06-15 06:03:42", "update_id": 317272, "user_id": 4120, "id": 2088027, "testcase_feedback": [], "user": {"name": "atim", "email": "ego.cordatus@gmail.com", "id": 4120, "avatar": "https://seccdn.libravatar.org/avatar/8c3a317a13d88ca7421098b94cce0501c97ca2283e7139c4992df34f6218fb3b?s=24&d=retro", "openid": "atim.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "rust-sig"}]}}}, {"karma": 0, "comment_id": 2093786, "bug_id": 1961375, "comment": {"karma": 1, "karma_critpath": 0, "text": "No issues.\n\nTested on fedora workstation vm running in gnome box with allocated 20gib hdd and 2.5gib ram. Host OS is Fedora workstation running on 10th gen intel i3 processor, 8gib ram and 1TB hdd(HP 240 G8 laptop).", "timestamp": "2021-06-19 07:13:23", "update_id": 317272, "user_id": 6474, "id": 2093786, "testcase_feedback": [], "user": {"name": "sammy", "email": "samar.vaishampayan@gmail.com", "id": 6474, "avatar": "https://seccdn.libravatar.org/avatar/082345be737266f3418d8dc87292b44ede18e8f9e933bdb2bab4400c653d4adb?s=24&d=retro", "openid": "sammy.id.stg.fedoraproject.org", "groups": []}}}, {"karma": 0, "comment_id": 2090240, "bug_id": 1961375, "comment": {"karma": 0, "karma_critpath": 0, "text": "this will have caused gimp, and hence Python 2.x and GTK+ 2.x, to be installed for quite a lot of people :( See https://pagure.io/releng/failed-composes/issue/2568#comment-737981 . I'll send out a jpegxl update to prevent it, once it goes stable at least.", "timestamp": "2021-06-16 16:07:59", "update_id": 317272, "user_id": 302, "id": 2090240, "testcase_feedback": [], "user": {"name": "adamwill", "email": "awilliam@redhat.com", "id": 302, "avatar": "https://seccdn.libravatar.org/avatar/51720fbb2ec5dfd2bc005ac374a3bfd3190cb8f45f3bb8d6bdf35fb6a051d03b?s=24&d=retro", "openid": "adamwill.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "qa-tools-sig"}, {"name": "fedora-contributor"}, {"name": "news"}, {"name": "gittriage"}, {"name": "sysadmin"}, {"name": "gitspin-kickstarts"}, {"name": "signed_fpca"}, {"name": "gitgeneric-release"}, {"name": "yak_farmers"}, {"name": "triagers"}, {"name": "qa"}, {"name": "sysadmin-qa"}, {"name": "fedorabugs"}, {"name": "ipausers"}, {"name": "gitmkinitrd"}, {"name": "qa-admin"}, {"name": "aws-qa"}, {"name": "change-wranglers"}, {"name": "fedora-ci-admins"}, {"name": "common-issues-triage"}, {"name": "sysadmin-main"}, {"name": "program-management"}, {"name": "gitfedora-project-schedule"}]}}}, {"karma": 0, "comment_id": 2090241, "bug_id": 1961375, "comment": {"karma": 0, "karma_critpath": 0, "text": "Even if packages in some third party repos are rebuilt, that doesn't really make it not a problem. You are not supposed to bump sonames in stable release updates unless it's unavoidable. Security fixes should be backported. This is in the [updates policy](https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/#stable-releases) : \"ABI changes in general are very strongly discouraged, they force larger update sets on users and they make life difficult for third-party packagers.\"...\"Package maintainers MUST: Avoid Major version updates, AI breakage, or API changes if at all possible\".", "timestamp": "2021-06-16 16:11:44", "update_id": 317273, "user_id": 302, "id": 2090241, "testcase_feedback": [], "user": {"name": "adamwill", "email": "awilliam@redhat.com", "id": 302, "avatar": "https://seccdn.libravatar.org/avatar/51720fbb2ec5dfd2bc005ac374a3bfd3190cb8f45f3bb8d6bdf35fb6a051d03b?s=24&d=retro", "openid": "adamwill.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "qa-tools-sig"}, {"name": "fedora-contributor"}, {"name": "news"}, {"name": "gittriage"}, {"name": "sysadmin"}, {"name": "gitspin-kickstarts"}, {"name": "signed_fpca"}, {"name": "gitgeneric-release"}, {"name": "yak_farmers"}, {"name": "triagers"}, {"name": "qa"}, {"name": "sysadmin-qa"}, {"name": "fedorabugs"}, {"name": "ipausers"}, {"name": "gitmkinitrd"}, {"name": "qa-admin"}, {"name": "aws-qa"}, {"name": "change-wranglers"}, {"name": "fedora-ci-admins"}, {"name": "common-issues-triage"}, {"name": "sysadmin-main"}, {"name": "program-management"}, {"name": "gitfedora-project-schedule"}]}}}, {"karma": 0, "comment_id": 2091304, "bug_id": 1961375, "comment": {"karma": 0, "karma_critpath": 0, "text": "@sergiomb It's been unpushed at rpmfusion, I now consider f33 as EOL and wont be doing the overrides and rebuilds again.", "timestamp": "2021-06-17 10:16:27", "update_id": 317273, "user_id": 153, "id": 2091304, "testcase_feedback": [], "user": {"name": "leigh123linux", "email": "leigh123linux@googlemail.com", "id": 153, "avatar": "https://seccdn.libravatar.org/avatar/bc7e6a3ecec56e135abde432394bdac40420ac92a9bb2e2a9aed5e41cd3aea18?s=24&d=retro", "openid": "leigh123linux.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 2087266, "bug_id": 1961375, "comment": {"karma": 0, "karma_critpath": 0, "text": "Can you either add those dependant pkgs to f33-override too, or remove the aom override?  Otherwise, some koji has a broken dependency currently building f33 targets:\ngstreamer: DEBUG util.py:444: - nothing provides libaom.so.2()(64bit) needed by gstreamer1-plugins-bad-free-1.18.2-1.fc33.x86_64 \n", "timestamp": "2021-06-14 15:57:07", "update_id": 317273, "user_id": 155, "id": 2087266, "testcase_feedback": [], "user": {"name": "rdieter", "email": "rdieter@gmail.com", "id": 155, "avatar": "https://seccdn.libravatar.org/avatar/e00cfde0448d2d8a114d4ec742fd1981de0a23cab380b73bafea35a78bc0c663?s=24&d=retro", "openid": "rdieter.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "kde-sig"}, {"name": "lxqt-sig"}, {"name": "gitthemes"}, {"name": "gitkde"}, {"name": "svnfedora-kde-artwork"}, {"name": "gitfedora-mate"}, {"name": "fedorabugs"}, {"name": "gitspin-kickstarts"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "epel-wranglers"}, {"name": "ambassadors"}, {"name": "scitech_sig"}, {"name": "gitlivecd"}, {"name": "svnkde-settings"}, {"name": "scitech"}, {"name": "ipausers"}, {"name": "designteam"}]}}}, {"karma": 1, "comment_id": 2090057, "bug_id": 1961375, "comment": {"karma": 1, "karma_critpath": 0, "text": "@ppisar  https://mirror.netsite.dk/rpmfusion/free/fedora/updates/testing/33/x86_64/repoview/index.html", "timestamp": "2021-06-16 11:59:42", "update_id": 317273, "user_id": 153, "id": 2090057, "testcase_feedback": [], "user": {"name": "leigh123linux", "email": "leigh123linux@googlemail.com", "id": 153, "avatar": "https://seccdn.libravatar.org/avatar/bc7e6a3ecec56e135abde432394bdac40420ac92a9bb2e2a9aed5e41cd3aea18?s=24&d=retro", "openid": "leigh123linux.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 2090365, "bug_id": 1961375, "comment": {"karma": 0, "karma_critpath": 0, "text": "Sorry about that, I didn't realise that putting it in weak deps would bring the whole Gimp suite during composes,", "timestamp": "2021-06-16 17:52:55", "update_id": 317272, "user_id": 3743, "id": 2090365, "testcase_feedback": [], "user": {"name": "eclipseo", "email": "zebob.m@gmail.com", "id": 3743, "avatar": "https://seccdn.libravatar.org/avatar/d39b265ba4de0763d7a95d149ca7ee52cc5ff3e3a3dc13eecee1652927748f2b?s=24&d=retro", "openid": "eclipseo.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "go-sig"}, {"name": "rust-sig"}]}}}, {"karma": 0, "comment_id": 2091293, "bug_id": 1961375, "comment": {"karma": 0, "karma_critpath": 0, "text": "Now that we rebuilt all, please go forward and push it ", "timestamp": "2021-06-17 10:10:03", "update_id": 317273, "user_id": 271, "id": 2091293, "testcase_feedback": [], "user": {"name": "sergiomb", "email": "sergio@serjux.com", "id": 271, "avatar": "https://seccdn.libravatar.org/avatar/cb1e1c02b91fca7534374ad3e77409014e4c30c6de47356f36099793f08cc1de?s=24&d=retro", "openid": "sergiomb.id.stg.fedoraproject.org", "groups": [{"name": "nodejs-sig"}, {"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "clamav"}, {"name": "multimedia-sig"}]}}}, {"karma": 0, "comment_id": 2102419, "bug_id": 1961375, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works together with xine-lib-1.2.11-3.el7.x86_64", "timestamp": "2021-06-28 12:24:52", "update_id": 317275, "user_id": 172, "id": 2102419, "testcase_feedback": [], "user": {"name": "robert", "email": "redhat@linuxnetz.de", "id": 172, "avatar": "https://seccdn.libravatar.org/avatar/5ce2f7b6de1c95bdf5b1d0f117f568f9955a164c0916ea7552b5db21bf3e689a?s=24&d=retro", "openid": "robert.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "ipausers"}, {"name": "ambassadors"}, {"name": "campusambassadors"}, {"name": "gitfedora-web"}, {"name": "fedora-contributor"}, {"name": "advocates"}, {"name": "fedorabugs"}, {"name": "gitsecurity-spin"}, {"name": "signed_fpca"}, {"name": "gitfama"}, {"name": "epel-packagers-sig"}, {"name": "web"}, {"name": "clamav"}]}}}, {"karma": 0, "comment_id": 2087356, "bug_id": 1961375, "comment": {"karma": 1, "karma_critpath": 0, "text": "no issues", "timestamp": "2021-06-14 17:03:14", "update_id": 317272, "user_id": 316, "id": 2087356, "testcase_feedback": [], "user": {"name": "buc", "email": "dmitry@butskoy.name", "id": 316, "avatar": "https://seccdn.libravatar.org/avatar/2fe8616e456a3cda09f709c1dabbe7ed36c9cb5ce456592ae39b5782132b5fb8?s=24&d=retro", "openid": "buc.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 2088712, "bug_id": 1961375, "comment": {"karma": 0, "karma_critpath": 0, "text": "I expired the override causing broken deps,\nhttps://bodhi.fedoraproject.org/overrides/aom-3.1.1-1.fc33", "timestamp": "2021-06-15 14:31:49", "update_id": 317273, "user_id": 155, "id": 2088712, "testcase_feedback": [], "user": {"name": "rdieter", "email": "rdieter@gmail.com", "id": 155, "avatar": "https://seccdn.libravatar.org/avatar/e00cfde0448d2d8a114d4ec742fd1981de0a23cab380b73bafea35a78bc0c663?s=24&d=retro", "openid": "rdieter.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "kde-sig"}, {"name": "lxqt-sig"}, {"name": "gitthemes"}, {"name": "gitkde"}, {"name": "svnfedora-kde-artwork"}, {"name": "gitfedora-mate"}, {"name": "fedorabugs"}, {"name": "gitspin-kickstarts"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "epel-wranglers"}, {"name": "ambassadors"}, {"name": "scitech_sig"}, {"name": "gitlivecd"}, {"name": "svnkde-settings"}, {"name": "scitech"}, {"name": "ipausers"}, {"name": "designteam"}]}}}, {"karma": 0, "comment_id": 2090242, "bug_id": 1961375, "comment": {"karma": 0, "karma_critpath": 0, "text": "Also, this introduces the problem from https://pagure.io/releng/failed-composes/issue/2568#comment-737981 to stable releases; by adding a dependency on jpegxl it ultimately causes the default desktop package sets to pull in gimp, which pulls in Python 2 and GTK+ 2. That's not good. This ship has already sailed for F34 and Rawhide, but I will edit this update to include a jpegxl build with the offending Recommends: removed to avoid it happening to F33 as well.", "timestamp": "2021-06-16 16:13:11", "update_id": 317273, "user_id": 302, "id": 2090242, "testcase_feedback": [], "user": {"name": "adamwill", "email": "awilliam@redhat.com", "id": 302, "avatar": "https://seccdn.libravatar.org/avatar/51720fbb2ec5dfd2bc005ac374a3bfd3190cb8f45f3bb8d6bdf35fb6a051d03b?s=24&d=retro", "openid": "adamwill.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "qa-tools-sig"}, {"name": "fedora-contributor"}, {"name": "news"}, {"name": "gittriage"}, {"name": "sysadmin"}, {"name": "gitspin-kickstarts"}, {"name": "signed_fpca"}, {"name": "gitgeneric-release"}, {"name": "yak_farmers"}, {"name": "triagers"}, {"name": "qa"}, {"name": "sysadmin-qa"}, {"name": "fedorabugs"}, {"name": "ipausers"}, {"name": "gitmkinitrd"}, {"name": "qa-admin"}, {"name": "aws-qa"}, {"name": "change-wranglers"}, {"name": "fedora-ci-admins"}, {"name": "common-issues-triage"}, {"name": "sysadmin-main"}, {"name": "program-management"}, {"name": "gitfedora-project-schedule"}]}}}, {"karma": 0, "comment_id": 2090364, "bug_id": 1961375, "comment": {"karma": 0, "karma_critpath": 0, "text": "> Security fixes should be backported.\n\nThe code has changed over two major versions, backporting it was not trivial, One of the security issue being considered high made me choose this way.", "timestamp": "2021-06-16 17:46:24", "update_id": 317273, "user_id": 3743, "id": 2090364, "testcase_feedback": [], "user": {"name": "eclipseo", "email": "zebob.m@gmail.com", "id": 3743, "avatar": "https://seccdn.libravatar.org/avatar/d39b265ba4de0763d7a95d149ca7ee52cc5ff3e3a3dc13eecee1652927748f2b?s=24&d=retro", "openid": "eclipseo.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "go-sig"}, {"name": "rust-sig"}]}}}]}, {"bug_id": 1961377, "title": "CVE-2021-30473 aom: libaom: aom_image.c in libaom frees memory that is not located on the heap [epel-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 2102419, "bug_id": 1961377, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works together with xine-lib-1.2.11-3.el7.x86_64", "timestamp": "2021-06-28 12:24:52", "update_id": 317275, "user_id": 172, "id": 2102419, "testcase_feedback": [], "user": {"name": "robert", "email": "redhat@linuxnetz.de", "id": 172, "avatar": "https://seccdn.libravatar.org/avatar/5ce2f7b6de1c95bdf5b1d0f117f568f9955a164c0916ea7552b5db21bf3e689a?s=24&d=retro", "openid": "robert.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "ipausers"}, {"name": "ambassadors"}, {"name": "campusambassadors"}, {"name": "gitfedora-web"}, {"name": "fedora-contributor"}, {"name": "advocates"}, {"name": "fedorabugs"}, {"name": "gitsecurity-spin"}, {"name": "signed_fpca"}, {"name": "gitfama"}, {"name": "epel-packagers-sig"}, {"name": "web"}, {"name": "clamav"}]}}}]}, {"bug_id": 1968017, "title": "CVE-2021-30475 libaom: Buffer overflow in aom_dsp/noise_model.c", "security": true, "parent": true, "feedback": [{"karma": 0, "comment_id": 2088027, "bug_id": 1968017, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2021-06-15 06:03:42", "update_id": 317272, "user_id": 4120, "id": 2088027, "testcase_feedback": [], "user": {"name": "atim", "email": "ego.cordatus@gmail.com", "id": 4120, "avatar": "https://seccdn.libravatar.org/avatar/8c3a317a13d88ca7421098b94cce0501c97ca2283e7139c4992df34f6218fb3b?s=24&d=retro", "openid": "atim.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "rust-sig"}]}}}, {"karma": 0, "comment_id": 2093786, "bug_id": 1968017, "comment": {"karma": 1, "karma_critpath": 0, "text": "No issues.\n\nTested on fedora workstation vm running in gnome box with allocated 20gib hdd and 2.5gib ram. Host OS is Fedora workstation running on 10th gen intel i3 processor, 8gib ram and 1TB hdd(HP 240 G8 laptop).", "timestamp": "2021-06-19 07:13:23", "update_id": 317272, "user_id": 6474, "id": 2093786, "testcase_feedback": [], "user": {"name": "sammy", "email": "samar.vaishampayan@gmail.com", "id": 6474, "avatar": "https://seccdn.libravatar.org/avatar/082345be737266f3418d8dc87292b44ede18e8f9e933bdb2bab4400c653d4adb?s=24&d=retro", "openid": "sammy.id.stg.fedoraproject.org", "groups": []}}}, {"karma": 0, "comment_id": 2090240, "bug_id": 1968017, "comment": {"karma": 0, "karma_critpath": 0, "text": "this will have caused gimp, and hence Python 2.x and GTK+ 2.x, to be installed for quite a lot of people :( See https://pagure.io/releng/failed-composes/issue/2568#comment-737981 . I'll send out a jpegxl update to prevent it, once it goes stable at least.", "timestamp": "2021-06-16 16:07:59", "update_id": 317272, "user_id": 302, "id": 2090240, "testcase_feedback": [], "user": {"name": "adamwill", "email": "awilliam@redhat.com", "id": 302, "avatar": "https://seccdn.libravatar.org/avatar/51720fbb2ec5dfd2bc005ac374a3bfd3190cb8f45f3bb8d6bdf35fb6a051d03b?s=24&d=retro", "openid": "adamwill.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "qa-tools-sig"}, {"name": "fedora-contributor"}, {"name": "news"}, {"name": "gittriage"}, {"name": "sysadmin"}, {"name": "gitspin-kickstarts"}, {"name": "signed_fpca"}, {"name": "gitgeneric-release"}, {"name": "yak_farmers"}, {"name": "triagers"}, {"name": "qa"}, {"name": "sysadmin-qa"}, {"name": "fedorabugs"}, {"name": "ipausers"}, {"name": "gitmkinitrd"}, {"name": "qa-admin"}, {"name": "aws-qa"}, {"name": "change-wranglers"}, {"name": "fedora-ci-admins"}, {"name": "common-issues-triage"}, {"name": "sysadmin-main"}, {"name": "program-management"}, {"name": "gitfedora-project-schedule"}]}}}, {"karma": 0, "comment_id": 2090241, "bug_id": 1968017, "comment": {"karma": 0, "karma_critpath": 0, "text": "Even if packages in some third party repos are rebuilt, that doesn't really make it not a problem. You are not supposed to bump sonames in stable release updates unless it's unavoidable. Security fixes should be backported. This is in the [updates policy](https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/#stable-releases) : \"ABI changes in general are very strongly discouraged, they force larger update sets on users and they make life difficult for third-party packagers.\"...\"Package maintainers MUST: Avoid Major version updates, AI breakage, or API changes if at all possible\".", "timestamp": "2021-06-16 16:11:44", "update_id": 317273, "user_id": 302, "id": 2090241, "testcase_feedback": [], "user": {"name": "adamwill", "email": "awilliam@redhat.com", "id": 302, "avatar": "https://seccdn.libravatar.org/avatar/51720fbb2ec5dfd2bc005ac374a3bfd3190cb8f45f3bb8d6bdf35fb6a051d03b?s=24&d=retro", "openid": "adamwill.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "qa-tools-sig"}, {"name": "fedora-contributor"}, {"name": "news"}, {"name": "gittriage"}, {"name": "sysadmin"}, {"name": "gitspin-kickstarts"}, {"name": "signed_fpca"}, {"name": "gitgeneric-release"}, {"name": "yak_farmers"}, {"name": "triagers"}, {"name": "qa"}, {"name": "sysadmin-qa"}, {"name": "fedorabugs"}, {"name": "ipausers"}, {"name": "gitmkinitrd"}, {"name": "qa-admin"}, {"name": "aws-qa"}, {"name": "change-wranglers"}, {"name": "fedora-ci-admins"}, {"name": "common-issues-triage"}, {"name": "sysadmin-main"}, {"name": "program-management"}, {"name": "gitfedora-project-schedule"}]}}}, {"karma": 0, "comment_id": 2091304, "bug_id": 1968017, "comment": {"karma": 0, "karma_critpath": 0, "text": "@sergiomb It's been unpushed at rpmfusion, I now consider f33 as EOL and wont be doing the overrides and rebuilds again.", "timestamp": "2021-06-17 10:16:27", "update_id": 317273, "user_id": 153, "id": 2091304, "testcase_feedback": [], "user": {"name": "leigh123linux", "email": "leigh123linux@googlemail.com", "id": 153, "avatar": "https://seccdn.libravatar.org/avatar/bc7e6a3ecec56e135abde432394bdac40420ac92a9bb2e2a9aed5e41cd3aea18?s=24&d=retro", "openid": "leigh123linux.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 2087266, "bug_id": 1968017, "comment": {"karma": 0, "karma_critpath": 0, "text": "Can you either add those dependant pkgs to f33-override too, or remove the aom override?  Otherwise, some koji has a broken dependency currently building f33 targets:\ngstreamer: DEBUG util.py:444: - nothing provides libaom.so.2()(64bit) needed by gstreamer1-plugins-bad-free-1.18.2-1.fc33.x86_64 \n", "timestamp": "2021-06-14 15:57:07", "update_id": 317273, "user_id": 155, "id": 2087266, "testcase_feedback": [], "user": {"name": "rdieter", "email": "rdieter@gmail.com", "id": 155, "avatar": "https://seccdn.libravatar.org/avatar/e00cfde0448d2d8a114d4ec742fd1981de0a23cab380b73bafea35a78bc0c663?s=24&d=retro", "openid": "rdieter.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "kde-sig"}, {"name": "lxqt-sig"}, {"name": "gitthemes"}, {"name": "gitkde"}, {"name": "svnfedora-kde-artwork"}, {"name": "gitfedora-mate"}, {"name": "fedorabugs"}, {"name": "gitspin-kickstarts"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "epel-wranglers"}, {"name": "ambassadors"}, {"name": "scitech_sig"}, {"name": "gitlivecd"}, {"name": "svnkde-settings"}, {"name": "scitech"}, {"name": "ipausers"}, {"name": "designteam"}]}}}, {"karma": 1, "comment_id": 2090057, "bug_id": 1968017, "comment": {"karma": 1, "karma_critpath": 0, "text": "@ppisar  https://mirror.netsite.dk/rpmfusion/free/fedora/updates/testing/33/x86_64/repoview/index.html", "timestamp": "2021-06-16 11:59:42", "update_id": 317273, "user_id": 153, "id": 2090057, "testcase_feedback": [], "user": {"name": "leigh123linux", "email": "leigh123linux@googlemail.com", "id": 153, "avatar": "https://seccdn.libravatar.org/avatar/bc7e6a3ecec56e135abde432394bdac40420ac92a9bb2e2a9aed5e41cd3aea18?s=24&d=retro", "openid": "leigh123linux.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 2090365, "bug_id": 1968017, "comment": {"karma": 0, "karma_critpath": 0, "text": "Sorry about that, I didn't realise that putting it in weak deps would bring the whole Gimp suite during composes,", "timestamp": "2021-06-16 17:52:55", "update_id": 317272, "user_id": 3743, "id": 2090365, "testcase_feedback": [], "user": {"name": "eclipseo", "email": "zebob.m@gmail.com", "id": 3743, "avatar": "https://seccdn.libravatar.org/avatar/d39b265ba4de0763d7a95d149ca7ee52cc5ff3e3a3dc13eecee1652927748f2b?s=24&d=retro", "openid": "eclipseo.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "go-sig"}, {"name": "rust-sig"}]}}}, {"karma": 0, "comment_id": 2091293, "bug_id": 1968017, "comment": {"karma": 0, "karma_critpath": 0, "text": "Now that we rebuilt all, please go forward and push it ", "timestamp": "2021-06-17 10:10:03", "update_id": 317273, "user_id": 271, "id": 2091293, "testcase_feedback": [], "user": {"name": "sergiomb", "email": "sergio@serjux.com", "id": 271, "avatar": "https://seccdn.libravatar.org/avatar/cb1e1c02b91fca7534374ad3e77409014e4c30c6de47356f36099793f08cc1de?s=24&d=retro", "openid": "sergiomb.id.stg.fedoraproject.org", "groups": [{"name": "nodejs-sig"}, {"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "clamav"}, {"name": "multimedia-sig"}]}}}, {"karma": 0, "comment_id": 2102419, "bug_id": 1968017, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works together with xine-lib-1.2.11-3.el7.x86_64", "timestamp": "2021-06-28 12:24:52", "update_id": 317275, "user_id": 172, "id": 2102419, "testcase_feedback": [], "user": {"name": "robert", "email": "redhat@linuxnetz.de", "id": 172, "avatar": "https://seccdn.libravatar.org/avatar/5ce2f7b6de1c95bdf5b1d0f117f568f9955a164c0916ea7552b5db21bf3e689a?s=24&d=retro", "openid": "robert.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "ipausers"}, {"name": "ambassadors"}, {"name": "campusambassadors"}, {"name": "gitfedora-web"}, {"name": "fedora-contributor"}, {"name": "advocates"}, {"name": "fedorabugs"}, {"name": "gitsecurity-spin"}, {"name": "signed_fpca"}, {"name": "gitfama"}, {"name": "epel-packagers-sig"}, {"name": "web"}, {"name": "clamav"}]}}}, {"karma": 0, "comment_id": 2087356, "bug_id": 1968017, "comment": {"karma": 1, "karma_critpath": 0, "text": "no issues", "timestamp": "2021-06-14 17:03:14", "update_id": 317272, "user_id": 316, "id": 2087356, "testcase_feedback": [], "user": {"name": "buc", "email": "dmitry@butskoy.name", "id": 316, "avatar": "https://seccdn.libravatar.org/avatar/2fe8616e456a3cda09f709c1dabbe7ed36c9cb5ce456592ae39b5782132b5fb8?s=24&d=retro", "openid": "buc.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 2088712, "bug_id": 1968017, "comment": {"karma": 0, "karma_critpath": 0, "text": "I expired the override causing broken deps,\nhttps://bodhi.fedoraproject.org/overrides/aom-3.1.1-1.fc33", "timestamp": "2021-06-15 14:31:49", "update_id": 317273, "user_id": 155, "id": 2088712, "testcase_feedback": [], "user": {"name": "rdieter", "email": "rdieter@gmail.com", "id": 155, "avatar": "https://seccdn.libravatar.org/avatar/e00cfde0448d2d8a114d4ec742fd1981de0a23cab380b73bafea35a78bc0c663?s=24&d=retro", "openid": "rdieter.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "kde-sig"}, {"name": "lxqt-sig"}, {"name": "gitthemes"}, {"name": "gitkde"}, {"name": "svnfedora-kde-artwork"}, {"name": "gitfedora-mate"}, {"name": "fedorabugs"}, {"name": "gitspin-kickstarts"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "epel-wranglers"}, {"name": "ambassadors"}, {"name": "scitech_sig"}, {"name": "gitlivecd"}, {"name": "svnkde-settings"}, {"name": "scitech"}, {"name": "ipausers"}, {"name": "designteam"}]}}}, {"karma": 0, "comment_id": 2090242, "bug_id": 1968017, "comment": {"karma": 0, "karma_critpath": 0, "text": "Also, this introduces the problem from https://pagure.io/releng/failed-composes/issue/2568#comment-737981 to stable releases; by adding a dependency on jpegxl it ultimately causes the default desktop package sets to pull in gimp, which pulls in Python 2 and GTK+ 2. That's not good. This ship has already sailed for F34 and Rawhide, but I will edit this update to include a jpegxl build with the offending Recommends: removed to avoid it happening to F33 as well.", "timestamp": "2021-06-16 16:13:11", "update_id": 317273, "user_id": 302, "id": 2090242, "testcase_feedback": [], "user": {"name": "adamwill", "email": "awilliam@redhat.com", "id": 302, "avatar": "https://seccdn.libravatar.org/avatar/51720fbb2ec5dfd2bc005ac374a3bfd3190cb8f45f3bb8d6bdf35fb6a051d03b?s=24&d=retro", "openid": "adamwill.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "qa-tools-sig"}, {"name": "fedora-contributor"}, {"name": "news"}, {"name": "gittriage"}, {"name": "sysadmin"}, {"name": "gitspin-kickstarts"}, {"name": "signed_fpca"}, {"name": "gitgeneric-release"}, {"name": "yak_farmers"}, {"name": "triagers"}, {"name": "qa"}, {"name": "sysadmin-qa"}, {"name": "fedorabugs"}, {"name": "ipausers"}, {"name": "gitmkinitrd"}, {"name": "qa-admin"}, {"name": "aws-qa"}, {"name": "change-wranglers"}, {"name": "fedora-ci-admins"}, {"name": "common-issues-triage"}, {"name": "sysadmin-main"}, {"name": "program-management"}, {"name": "gitfedora-project-schedule"}]}}}, {"karma": 0, "comment_id": 2090364, "bug_id": 1968017, "comment": {"karma": 0, "karma_critpath": 0, "text": "> Security fixes should be backported.\n\nThe code has changed over two major versions, backporting it was not trivial, One of the security issue being considered high made me choose this way.", "timestamp": "2021-06-16 17:46:24", "update_id": 317273, "user_id": 3743, "id": 2090364, "testcase_feedback": [], "user": {"name": "eclipseo", "email": "zebob.m@gmail.com", "id": 3743, "avatar": "https://seccdn.libravatar.org/avatar/d39b265ba4de0763d7a95d149ca7ee52cc5ff3e3a3dc13eecee1652927748f2b?s=24&d=retro", "openid": "eclipseo.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "go-sig"}, {"name": "rust-sig"}]}}}]}, {"bug_id": 1968020, "title": "CVE-2021-30475 aom: libaom: Buffer overflow in aom_dsp/noise_model.c [epel-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 2102419, "bug_id": 1968020, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works together with xine-lib-1.2.11-3.el7.x86_64", "timestamp": "2021-06-28 12:24:52", "update_id": 317275, "user_id": 172, "id": 2102419, "testcase_feedback": [], "user": {"name": "robert", "email": "redhat@linuxnetz.de", "id": 172, "avatar": "https://seccdn.libravatar.org/avatar/5ce2f7b6de1c95bdf5b1d0f117f568f9955a164c0916ea7552b5db21bf3e689a?s=24&d=retro", "openid": "robert.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "ipausers"}, {"name": "ambassadors"}, {"name": "campusambassadors"}, {"name": "gitfedora-web"}, {"name": "fedora-contributor"}, {"name": "advocates"}, {"name": "fedorabugs"}, {"name": "gitsecurity-spin"}, {"name": "signed_fpca"}, {"name": "gitfama"}, {"name": "epel-packagers-sig"}, {"name": "web"}, {"name": "clamav"}]}}}]}], "updateid": "FEDORA-EPEL-2021-49226a1ff0", "karma": 1, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}