Security fix for CVE-2024-1048
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2024-097eb22907
Please login to add feedback.
This update has been submitted for testing by nfrayer.
This update's test gating status has been changed to 'waiting'.
This update's test gating status has been changed to 'waiting'.
This update's test gating status has been changed to 'failed'.
So, the reason this failed tests is a bit unique. They're failing on a sanity check in the openQA tests: it checks whether the test actually has a newer version of the package installed than is present in the update under test, and if so, it flags that as a problem. Usually what that means is that, somehow, a newer package already got pushed stable, and pushing the update-under-test stable would move the package backwards, but that's not how it is in this case.
In this case, the openQA server base image is actually hacked up to use a grub2 build from a side repo (https://adamwill.fedorapeople.org/grubxfs-repo/ ), which I rather arbitrarily versioned grub2-2.06-118.fc39. So it's higher-versioned than the one in this update, so it triggers the failure.
The reason why I'm doing that is https://bugzilla.redhat.com/show_bug.cgi?id=2259266 (which current affects F39). If I let the openQA server base image use the current stable grub2 package, it doesn't boot because of that bug.
So...it would make things much easier if this update fixed that bug, is what I'm saying. :P Otherwise I'll have to do a hack like disabling the check just for this update so it can go through.
I thought that bug was supposed to be getting fixed last week; what's the current status, @nfrayer ?
This update has been pushed to testing.
works
ok here
Working here OK.
Works.
my UEFI Workstation boots fine on Thinkpad P1 gen3
@nfrayer said he would add a fix for the XFS issue, but I don't see it yet.
Given that this is a security fix and doesn't make things worse than they are at present, let's waive the failures and get it pushed stable.
This update's test gating status has been changed to 'waiting'.
This update's test gating status has been changed to 'passed'.
This update can be pushed to stable now if the maintainer wishes
adamwill edited this update.
New build(s):
Removed build(s):
Karma has been reset.
This update has been submitted for testing by adamwill.
This update's test gating status has been changed to 'waiting'.
adamwill edited this update.
adamwill edited this update.
This update's test gating status has been changed to 'passed'.
OK, the "XFS-/boot-always-fails-on-BIOS" bug should be fixed with -118, nfrayer put the patch back. This does mean the bug it was intended to cause (which breaks boot for a different, less common set of circumstances) is back.
This update has been pushed to testing.
Working fine here.
Intel NUC NUC13ANHi7 (NUC13ANHi7000) (rev N11225-207) 1 x 13th Gen Intel(R) Core(TM) i7-1360P Intel Corporation Raptor Lake-P [Iris Xe Graphics] (rev 04)
This update can be pushed to stable now if the maintainer wishes
This update's test gating status has been changed to 'waiting'.
This update's test gating status has been changed to 'passed'.
This update has been submitted for stable by bodhi.
This update has been pushed to stable.
As @adamwill metioned, this update reintroduced an issue that was fixed by removing one of the XFS patch. A fix is being reviewed upstream and will be merged in Fedora as soon as it'll accepted.