Fedora Linux 8814 Published by

An annobin security update has been released for Fedora 36.



SECURITY: Fedora 36 Update: annobin-10.57-3.fc36


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-42ea499a7d
2022-03-17 18:37:10.061250
--------------------------------------------------------------------------------

Name : annobin
Product : Fedora 36
Version : 10.57
Release : 3.fc36
URL : None
Summary : Annotate and examine compiled binary files
Description :
This package contains the tools needed to annotate binary files created by
compilers, and also the tools needed to examine those annotations.

One of the tools is a plugin for GCC that records information about the
security options that were in effect when the binary was compiled.

Note - the plugin is automatically enabled in gcc builds via flags
provided by the redhat-rpm-macros package.


One of the tools is a plugin for Clang that records information about the
security options that were in effect when the binary was compiled.


One of the tools is a plugin for LLVM that records information about the
security options that were in effect when the binary was compiled.


One of the tools is a security checker which analyses the notes present in
annotated files and reports on any missing security options.

--------------------------------------------------------------------------------
Update Information:

This update provides the latest release of Firefox, with many bug fixes
including critical security issues. It also includes updates to gcc and annobin
which were necessary to build Firefox, with the following fixes: * fix up
promoted SUBREG handling (#2045160, PR rtl-optimization/104839) * fix up check
for asm goto (PR rtl-optimization/104777) * Upstream bugs
(  http://gcc.gnu.org/PRNNNNN) fixed: 70077, 79493, 80270, 84519, 87496, 88134,
90148, 91384, 96526, 99297, 99555, 99585, 100400, 100407, 100541, 100757,
101325, 101636, 101983, 102276, 102429, 103037, 103302, 103443, 103521, 103836,
103845, 103856, 103984, 104061, 104121, 104131, 104132, 104133, 104154, 104208,
104381, 104430, 104434, 104489, 104529, 104533, 104540, 104550, 104552, 104558,
104573, 104589, 104601, 104602, 104618, 104619, 104627, 104633, 104637, 104644,
104648, 104656, 104659, 104664, 104667, 104674, 104675, 104676, 104677, 104679,
104681, 104682, 104686, 104687, 104698, 104700, 104704, 104715, 104716, 104721,
104724, 104725, 104726, 104727, 104728, 104730, 104732, 104736, 104748, 104757,
104758, 104761, 104775, 104779, 104781, 104782, 104784, 104791, 104794, 104797,
104807, 104825, 104838
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 9 2022 Jakub Jelinek - 10.57-3
- NVR bump to allow rebuild for new GCC.
* Wed Mar 9 2022 Jakub Jelinek - 10.57-2
- NVR bump to allow rebuild for new GCC.
* Mon Mar 7 2022 Nick Clifton - 10.57-1
- Annocheck: Update documentation and fix typo in annocheck. (#2061291)
* Fri Mar 4 2022 Nick Clifton - 10.56-1
- Annocheck: Add option to enable/disable following symbolic links.
* Mon Feb 28 2022 Nick Clifton - 10.55-1
- Always identify Rust binaries, even if built on a host that does not know about Rust. (#2057737)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2045160 - Cython: FTBFS in Fedora rawhide/f36 ppc64le
  https://bugzilla.redhat.com/show_bug.cgi?id=2045160
[ 2 ] Bug #2045380 - firefox: FTBFS in Fedora rawhide/f36
  https://bugzilla.redhat.com/show_bug.cgi?id=2045380
[ 3 ] Bug #2045404 - game-music-emu: FTBFS in Fedora rawhide/f36
  https://bugzilla.redhat.com/show_bug.cgi?id=2045404
[ 4 ] Bug #2056613 - gcc-12.0.1-0.8.fc36 gives wrong -Wdangling-pointer warnings related to `for(;;)`
  https://bugzilla.redhat.com/show_bug.cgi?id=2056613
[ 5 ] Bug #2057193 - f36 composes still have firefox 96, f34 f35 have firefox 97
  https://bugzilla.redhat.com/show_bug.cgi?id=2057193
[ 6 ] Bug #2057492 - internal compiler error by kstars build with gcc-12.0.1-0.8.fc37.ppc64le
  https://bugzilla.redhat.com/show_bug.cgi?id=2057492
[ 7 ] Bug #2060755 - Firefox: GCC 12 linking error
  https://bugzilla.redhat.com/show_bug.cgi?id=2060755
[ 8 ] Bug #2063961 - Fedora ARM - Firefox fails to open on aarch64 Workstation
  https://bugzilla.redhat.com/show_bug.cgi?id=2063961
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-42ea499a7d' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________