Fedora 36: FEDORA-2022-42ea499a7d Critical Annobin Security Update

This package contains the tools needed to annotate binary files created by

compilers, and also the tools needed to examine those annotations.

One of the tools is a plugin for GCC that records information about the

security options that were in effect when the binary was compiled.

Note - the plugin is automatically enabled in gcc builds via flags

provided by the redhat-rpm-macros package.

One of the tools is a plugin for Clang that records information about the

security options that were in effect when the binary was compiled.

One of the tools is a plugin for LLVM that records information about the

security options that were in effect when the binary was compiled.

One of the tools is a security checker which analyses the notes present in

annotated files and reports on any missing security options.

This update provides the latest release of Firefox, with many bug fixes

including critical security issues. It also includes updates to gcc and annobin

which were necessary to build Firefox, with the following fixes: * fix up

promoted SUBREG handling (#2045160, PR rtl-optimization/104839) * fix up check

for asm goto (PR rtl-optimization/104777) * Upstream bugs

() fixed: 70077, 79493, 80270, 84519, 87496, 88134,

90148, 91384, 96526, 99297, 99555, 99585, 100400, 100407, 100541, 100757,

101325, 101636, 101983, 102276, 102429, 103037, 103302, 103443, 103521, 103836,

103845, 103856, 103984, 104061, 104121, 104131, 104132, 104133, 104154, 104208,

104381, 104430, 104434, 104489, 104529, 104533, 104540, 104550, 104552, 104558,

104573, 104589, 104601, 104602, 104618, 104619, 104627, 104633, 104637, 104644,

104648, 104656, 104659, 104664, 104667, 104674, 104675, 104676, 104677, 104679,

104681, 104682, 104686, 104687, 104698, 104700, 104704, 104715, 104716, 104721,

104724, 104725, 104726, 104727, 104728, 104730, 104732, 104736, 104748, 104757,

104758, 104761, 104775, 104779, 104781, 104782, 104784, 104791, 104794, 104797,

104807, 104825, 104838

* Wed Mar 9 2022 Jakub Jelinek - 10.57-3

- NVR bump to allow rebuild for new GCC.

* Wed Mar 9 2022 Jakub Jelinek - 10.57-2

- NVR bump to allow rebuild for new GCC.

* Mon Mar 7 2022 Nick Clifton - 10.57-1

- Annocheck: Update documentation and fix typo in annocheck. (#2061291)

* Fri Mar 4 2022 Nick Clifton - 10.56-1

- Annocheck: Add option to enable/disable following symbolic links.

* Mon Feb 28 2022 Nick Clifton - 10.55-1

- Always identify Rust binaries, even if built on a host that does not know about Rust. (#2057737)

[ 1 ] Bug #2045160 - Cython: FTBFS in Fedora rawhide/f36 ppc64le

https://bugzilla.redhat.com/show_bug.cgi?id=2045160

[ 2 ] Bug #2045380 - firefox: FTBFS in Fedora rawhide/f36

https://bugzilla.redhat.com/show_bug.cgi?id=2045380

[ 3 ] Bug #2045404 - game-music-emu: FTBFS in Fedora rawhide/f36

https://bugzilla.redhat.com/show_bug.cgi?id=2045404

[ 4 ] Bug #2056613 - gcc-12.0.1-0.8.fc36 gives wrong -Wdangling-pointer warnings related to `for(;;)`

https://bugzilla.redhat.com/show_bug.cgi?id=2056613

[ 5 ] Bug #2057193 - f36 composes still have firefox 96, f34 f35 have firefox 97

https://bugzilla.redhat.com/show_bug.cgi?id=2057193

[ 6 ] Bug #2057492 - internal compiler error by kstars build with gcc-12.0.1-0.8.fc37.ppc64le

https://bugzilla.redhat.com/show_bug.cgi?id=2057492

[ 7 ] Bug #2060755 - Firefox: GCC 12 linking error

https://bugzilla.redhat.com/show_bug.cgi?id=2060755

[ 8 ] Bug #2063961 - Fedora ARM - Firefox fails to open on aarch64 Workstation

https://bugzilla.redhat.com/show_bug.cgi?id=2063961

su -c 'dnf upgrade --advisory FEDORA-2022-42ea499a7d' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure