1
1
submitted 5 months ago* (last edited 5 months ago) by Archaeopteryx@kbin.social to c/openSUSE@kbin.social

Welcome to the monthly update for openSUSE Tumbleweed for May 2024. This month has seen a significant number of updates, enhancements, and crucial security fixes. Whether you are a developer, a system administrator, or a casual user, these updates are designed to enhance your experience and ensure the highest level of security and performance.

Should readers desire a more frequent amount of information about snapshot updates, readers are encouraged to subscribe to the openSUSE Factory mailing list.

Let’s go!

New Features and Enhancements

  • Linux Kernel 6.9.1: The month of May had a couple updates for the Kernel, but so far remains at version 6.9.1, which addresses various issues and enhancing overall stability. The mt76 driver for wifi saw improvements with the addition of missing chanctx operations for the mt7915 wifi card, enhancing functionality. A critical fix was made to the keys subsystem to prevent overwriting key expiration during instantiation, improving security. Support for system suspend/hibernation was enhanced for the Modem Host Interface subsystem with the addition of the mhi_power_down_keep_dev() Application Programming Interfaces, which is beneficial for maintaining device states during power management operations.
  • LLVM 18.1.6: Subpackages that were updated were clang-tools, clang18, libLLVM18, libclang-cpp18, libclang13, llvm18-gold. Fixed issues with generating incorrect thunks for functions with aligned parameters or incorrect return value passing when StructRet was used. -Xclang -target-feature -Xclang +unaligned-scalar-mem for enabling unaligned scalar memory accesses on CPUs without unaligned vector access support were introduced. Build failures when compiling AVX512 code with -march=native on machines without AVX512 were addressed. Crashes in the AArch64 backend related to fcmp instruction operands being true or false at the IR level were fixed and there was a fix to compiler crashes.
  • KDE Frameworks 5.116.0: Breeze Icons received new icons for audio/ogg and audio/x-vorbis+ogg file types, as well as the audio/vnd.wave MIME type, enhancing support for audio file formats. Extra CMake Modules had notable updates including the dropping of attempts to set IMPORTED on targets with installed configurations in ecm_add_qch. KFileMetaData saw a fix with the handling of attribute namespacing and improved metadata accuracy and processing. KService addressed a warning related to the "mimeType x-scheme-handler/file not found" issue.
  • udisks2 2.10.1: This update features updated Ukrainian and German translations, improvements to testing for LVM2 RAID by wiping used devices, settling down before checking properties and rescanning vdevs after tests. Offline and online filesystem grow tests were added, and documentation for the Filesystem.Size property was clarified. A fix was implemented for Python class invocation in nvme tests, and a --no-partition-scan option was added for the loop-setup command in udisksctl. A --no-partition-scan option for the loop-setup command in udisksctl was added.
  • firewalld 2.1.2: The update to 2.1.2 includes several fixes: the policy now allows forwarding ports with the to-addr for egress-zone=HOST, the range check for large rule limits in rich rules has been corrected, and skip detection in the fw-in-container environment has been fixed during testing.
  • snapper 0.11.0: The update introduces asynchronous cleanup of stale btrfs qgroups and reverts some parts to fix the build in the Open Build Service. The cleanup service is now set to run every hour and qgroups are disabled if they do not exist to avoid failure when creating snapshots. Support for quarterly snapshots has been added, and a table-style selection is now based on codeset.
  • GTK3 3.24.42: Printing is improved by avoiding access to freed printers. Wayland fixes include correct monitor sizes, a crash related to tablet removal, inferred resizable edges for tiled windows, and ensuring commits occur soon after acknowledging a configure.
    GTK4 4.14.4: A crash issue when there is no child was resolved and efficiency improvements were made in loading symbolic SVGs and handling color-free symbolics. Accessibility updates include making the gtk-demo sidebar search more accessible and stopping the emission of focus events. GDK introduced support for XDG_ACTIVATION_TOKEN and made defensive improvements for dmabuf. These improvements include handling unknown formats more carefully and using a narrower range for YUV formats.
  • Mozilla Firefox 126.0. The browser brought had a major update and fixed 16 Common Vulnerabilities and Exposures. There was arbitrary JavaScript execution in PDF.js fixed with CVE-2024-4367. A potential permissions request bypass via clickjacking was fixed for CVE-2024-4764. There were memory safety bug fixes addressing CVE-2024-4778 and CVE-2024-4777; the latter helps with those for Firefox ESR 115.11 and Thunderbird 115.11.
    sssd 2.9.5: The update introduces a new configuration option called failover_primary_timeout. This option allows users to configure how often SSSD tries to reconnect to a primary server after successfully connecting to a backup server. Previously, this interval was hardcoded to 31 seconds, which remains the default value.
  • openldap2 2.6.7: The liblber library fixes a missing newline on long messages and libldap addresses exit handling issues with OpenSSL3, TLS usage with multiple LDAP URIs OpenSSL cipher suite handling and handling of Diffie-Hellman parameter files with OpenSSL 3.0. The slapd service now honors the disclose option in matchedDN handling, improves regex testing in ACLs, and fixes sync replication with glued databases.
  • iproute2 6.9: The update introduces several new features and improvements: The m_mirred module now allows mirroring to block and the tc command adds NLM_F_ECHO support for actions and filters. The ip command has been enhanced with coupled_control support for bonding and a new monitor command for IOAM6.
  • xwayland 24.1.0: The feature release addresses several regressions introduced in previous release candidate versions. The eglstreams support has been dropped.
  • AppStream 1.0.3: Key features include enhanced validator checks to ensure description lists aren't translated, improved translation checks for descriptions and the ability to propagate selected custom entries to catalog output via the CLI compose command. Many other features were added.

Key Package Updates

  • tpm2-0-tss 4.1.0: This updated provided a major security fix for CVE-2024-29040. Various bug fixes were implemented, including correcting the length check on FAPI auth callbacks, fixing the deviation from the CEL specification and resolving json syntax errors in FAPI profiles that were previously ignored by json-c. The update also adds support for new features and enables the usage of external keys for Fapi_Encrypt.
  • postgresql16 16.3: A fix was made for CVE-2024-4317, which could allow for an unprivileged database user to read most common values and other statistics from CREATE STATISTICS commands of other users.
  • Python 3.x versions had a fix for CVE-2023-6597 A vulnerability was discovered in the CPython. It affected versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, 3.8.18, and earlier. This class would incorrectly follow symlinks during cleanup when there were permission errors. As a result, users with the ability to run privileged programs could potentially change the permissions of files pointed to by symlinks under certain conditions.

Bug Fixes

  • glib2 2.80.2:

    • CVE-2024-34397 - An issue in GNOME GLib allows spoofed D-Bus signals, affecting client behavior
  • qt6-base:

    • CVE-2024-33861 - QStringConverter's invalid pointer callback can modify the stack, risking vulnerabilities in applications using QStringDecoder.
  • libxml2 2.12.7

    • CVE-2024-34459 - Buffer over-read in xmllint --htmlout can cause vulnerabilities in libxml2 before 2.12.7.
  • libarchive 3.7.4:

  • krb5 added some patches to fix memory leaks related to:

  • ovmf

    • CVE-2022-36763 - EDK2 vulnerability in Tcg2MeasureGptTable() allows heap buffer overflow via local network
  • python-Jinja2 3.1.4:

    • CVE-2024-34064 - Jinja's xmlattr filter vulnerability allows non-attribute characters in keys, risking XSS attacks.
  • tpm2-0-tss 4.1.0:

Conclusion

The month of May 2024 had a steady flow of crucial security fixes, important updates, and notable enhancements across various packages for openSUSE Tumbleweed. The updates to the Linux Kernel, LLVM, KDE Frameworks and numerous other components ensure that Tumbleweed systems remain feature-rich and keep rolling. Developers and users alike benefit from the improvements, enhancements and new features.

For those Tumbleweed users who want to contribute or want to engage with detailed technological discussions, subscribe to the openSUSE Factory mailing list . The openSUSE team encourages users to continue participating through bug reports, feature suggestions and discussions.

Contributing to openSUSE Tumbleweed

Your contributions and feedback make openSUSE Tumbleweed better with every update. Whether reporting bugs, suggesting features, or participating in community discussions, your involvement is highly valued.

More Information about openSUSE:

Official

Fediverse

2
2
submitted 5 months ago by SFaulken@kbin.social to c/openSUSE@kbin.social

Contributors developing the Aeon Desktop are happy to announce a major milestone with the launch of Release Candidate 2 (RC2) images. Within the last 24 hour...

3
2

The openSUSE Project has an official space on Hugging Face, which is a popular platform offering a range of open-source Artificial Intelligence models, tools and resources.

The new namespace can be found at huggingface.co/openSUSE.

Hugging Face is known for facilitating developers and researchers in working with advanced AI applications that include natural language processing (NLP) and computer vision.

Having the openSUSE namespace provides community-driven development toward creating, sharing and improving AI models and datasets.

One dataset has already been added. The first dataset is openSUSE Cavil, which is a tool designed for license compliance, identification and legal reviews. By leveraging the rich AI models and datasets available through the Hugging Face platform, openSUSE Cavil can offer a more advanced and accurate detection of license issues and compliance.

To get involved with the openSUSE Project on Hugging Face, individuals can sign up for an account. The registration process is straightforward and requires only basic information.

Once registered, users can explore the openSUSE and view a collection of AI models and datasets created and shared by the community.

Contributors are encouraged to share their AI models and datasets. Hugging Face offers tools and tutorials to assist with uploading and managing these contributions. Community members can work together on improving existing models or developing new ones.

High-quality documentation and tutorials are vital for the success of the project. Community members can contribute by writing guides, creating video tutorials, or translating existing resources to broaden their accessibility.

Users gain access to cutting-edge AI models and a collaborative environment where they can learn and expand their skills. Contributions to the project support the advancement of AI research and development within the open-source ecosystem.

For more information and to participate, visit huggingface.co/openSUSE.

More Information about openSUSE:

Official

Fediverse

4
1

The schedule for openSUSE Conference 2024 is out and it is filled with several talks about open-source ecosystem and includes several breaks for networking opportunities.

Open-source enthusiasts, developers and contributors will meet at the Z-Bau from June 27 to June 29 to share, discuss and showcase the latest advancements in open-source technologies, projects and communities.
The conference will feature a series of talks, workshops, meetups and keynote speakers providing valuable insights into current and future directions of open-source software.

Santiago Zarate, Oliver Kurz, and Livdywan are scheduled to kick off with a session on openQA - Current State and Moving Forward. The talk will highlight the evolution of openQA as a crucial tool for ensuring the stability of openSUSE's systems and expanding its impact beyond openSUSE, Fedora and SUSE.

Marcus Meissner and Johannes Segitz will present The XZ Backdoor - Report from Our Side and provide a retrospective on a significant supply chain attack involving the xz compression library. They will discuss the attack's impact, response measures and future security considerations.

Two keynotes will take place on the first day. SUSE’s CEO Dirk-Peter van Leeuwen will speak about the importance of community and fostering collaborative open-source environments.

Luca Di Maio will provide a keynote session on Developing on Aeon with Distrobox. The presentation will introduce Distrobox and demonstrate how it can be used as a development environment within Atomic and Transactional systems like Aeon.

The second day is scheduled to begin with Alfonso Hernandez's Midori is Much More Than a Web Browser talk. Hernandez will explore the features and benefits of Midori, a lightweight, fast and secure browser, and its role in promoting user privacy and security.

Jsrain will provide a SUSE ALP: State of the Matters talk. The session will cover recent developments, upcoming releases and how the openSUSE project can build on SUSE’s ALP development.

Rick Spencer, General Manager at SUSE, will deliver another keynote. His talk Why openSUSE Matters will share his insights on the significance of openSUSE in the broader open-source ecosystem.

The final day will feature Dan Čermák's The Tragedy of Community Enterprise Linux Distributions. Čermák will discuss the challenges faced by community variants of enterprise Linux distributions and propose potential solutions.

Markus Feilner will present Exchange Your Exchange: grommunio - An Open Source Drop-In and So Much More and highlight grommunio as a comprehensive open-source replacement for Microsoft Exchange, which offers groupware, video conferencing, chat, file sync and more.

A Fedora Hatch Meetup, led by Čermák, will provide an informal space for Fedora contributors and enthusiasts to discuss their experiences and network.

Tobias Görgens’ sdbootutil: Mastering the Art of Boot Management talk will introduce a tool designed to simplify bootloader management on openSUSE to make the process more intuitive and robust.

The openSUSE Conference 2024 is expected to be a great informative event for sharing, collaborating, learning and innovating.

For more information and to register, visit events.opensuse.org.

More Information about openSUSE:

Official

Fediverse

5
1

While focused on the openSUSE Innovator initiative as an openSUSE member and Intel Innovator, it was frustrating for me to see that openVINO did not have support on the openSUSE Linux distribution.

In October 2023, I decided to take the personal initiative to start working on compiling and using OpenVINO from the source code for the openSUSE platform. I humbly contributed and published the first adaptations for our distribution on GitHub.

My motivation for this effort stemmed from the potential of OpenVINO to democratize the use of artificial intelligence for those who do not have the resources to invest in expensive GPUs. This library provides multicore programming and the acceleration registers of Intel processors, as well as the resources of ARM processors, allowing the use of AI on processors from the 6th generation onwards.

With the emergence of technologies such as VPU, NPU, and AMX, it is now possible to run LLMs and generative AI without the need for a dedicated GPU. Therefore, I started working on the RPM packaging for openSUSE. This work would not have been successful without the support and assistance of Ilya Lavrenov from Intel and Atri Bhattacharya on the openSUSE Build Service. They not only shared their knowledge with me but also collaborated to ensure compatibility between Intel and openSUSE's technical policies.

As a result of all this collaborative effort, openSUSE became the first Linux distribution to offer [OpenVINO in its native repository, compiled from the source code. It is a great source of pride to have contributed to this project, which will undoubtedly make a difference in future endeavors. As members of an open-source community, it is our duty to strive to democratize emerging technologies and reduce digital exclusion in society.

For more information, visit here or get it at software.opensuse.org!

Contributing to openSUSE Tumbleweed

Your contributions and feedback make openSUSE Tumbleweed better with every update. Whether reporting bugs, suggesting features, or participating in community discussions, your involvement is highly valued.

More Information about openSUSE:

6
1
submitted 7 months ago by SFaulken@kbin.social to c/openSUSE@kbin.social

openSUSE maintainers received notification of a supply chain attack against the “xz” compression tool and “liblzma5” library. Background Security Researcher ...

7
1

March has been an exciting month for openSUSE Tumbleweed users as GNOME 46 made its way into the rolling release like KDE’s Plasma 6 did a few weeks ago.

The GNOME users and developers not only get the upgrade in the rolling release but in the Aeon Desktop derivative. The release in the Slowroll distribution will likely see an update between April 2 and April 14.

GNOME’s version 46 codenamed “Kathmandu” pays homage to the contributions from GNOME.Asia 2023 organizers and has significant improvements and new features. A standout feature in GNOME 46 is the new global search functionality within the files app. This feature enables users to search across all configured locations directly and an addition of filters by file type and modification date further refine the tool.

The files app had a major revamp that allows for instant view switching between list and grid modes. It also had some other minor improvements such as enhanced network discovery and starred favorites in grid view, which amplified file management efficiency.

A new remote login option enhances GNOME’s remote desktop capabilities, which allows for improved configuration and user experience from the remote side.

Accessibility has seen significant advancements, especially with the Orca screen reader, which now includes a new sleep mode and system status reports. Additionally, there’s an increase in high contrast mode consistency and new settings for clearer switch toggling.

Other changes include the settings app, which has been reorganized and was updated for easier navigation. The new touchpad settings is noteworthy and includes configurations for secondary clicks that aims to enhance user interaction and convenience.

System updates include refreshed user avatars, improved notifications, and tap-to-click enabled by default. The Software app now features verified badges for Flathub apps, and both the extensions and calendar apps have been redesigned for better usability and aesthetics.

Beyond user-facing features, GNOME 46 introduces deep technical enhancements. These include performance and resource usage optimizations, security enhancements, rendering improvements and experimental support for variable refresh rates to improve video performance under certain conditions.

With its comprehensive updates and new features of GNOME 46, people should either be doing a zypper dup or transactional-update to get the latest.

8
1

Plasma Arrives in openSUSE’s Releases

22. Mar 2024 | Douglas DeMaio | CC-BY-SA-3.0

A lot of excitement was brewing at the announcement of KDE’s Plasma 6 release and now the MegaRelease has arrived in openSUSE Tumbleweed and Kalpa while plans for Slowroll are progressing.

Rolling release users and the developer community get an upgrade that marks a monumental shift for KDE desktop users. The update will make it into a Slowroll release in April as the distributions steady paced version-bumps are expected between April 2 and April 14.

Almost a decade from the release of Plasma 5, the desktop experience for Plasma 6 begins. The transition not only signifies an advancement in aesthetic and functionality, but also underscores openSUSE’s commitment to providing this highly anticipated technology to its users.

Plasma 6 introduces a ton of improvements and features that cater to a diverse array of users; from the tech-savvy enthusiast to the casual user. The update sees major changes under-the-hood as a transition to the latest Qt application framework and migration to the Wayland display server protocol that is set to be the default graphical session. At this time however, It’s important to note that the Wayland session is not yet the default in Tumbleweed; this decision allows users and developers to discern whether encountered issues stem from Plasma 6 itself or the Wayland session. Tumbleweed’s KDE desktop derivative Kalpa plans switching to Wayland by default.

Developments include enhanced security, performance and improved modern hardware support.

Despite these significant changes, users are expected to find the Plasma 6 environment familiar, retaining the classic KDE look and feel while laying the groundwork for future innovations.

The new release boasts features such as an overview and desktop grid effects; It improves the touchpad gestures, and partial High Dynamic Range (HDR) support on Wayland, which, combined with the new ‘Scarlet Tree’ wallpaper, transforms the desktop into a vibrant and dynamic workspace.

Plasma 6 introduces changes aimed at enhancing user experience, including a shift in default settings. Notably, it adopts a single-click action for selecting files and folders and a double-click action for opening them. While the single-click approach streamlines the opening process, it may be less intuitive for users accustomed to other systems and could complicate the selection of multiple items. The double-click, however, is more familiar to those migrating from different systems and provides known usability when selecting items.

While the transition to Plasma 6 promises an array of benefits, a few minor issues have been identified in the snapshot. None were deemed severe enough to delay its release.

These known topics include:

  • GTK theme setting for new Installations: Some users may find the GTK theme is not set correctly. A workaround involves manually setting it in system settings or running “kded5” once.
  • Launcher icon switch for upgrades: Users upgrading their system may notice the launcher icon defaults to the Plasma icon. This can be adjusted manually by changing the icon to “start-here-branding.”
  • Upgrades from Older Systems: A known issue affects users upgrading from Leap versions 15.3 or older related to a package called “libksysguard5-helper.” The recommended solution is to opt for deinstallation of the problematic package.
  • Plasmashell start delay: Users without Bluetooth hardware may experience a delay in Plasmashell start-up if kdeconnect-kde is installed, which can be mitigated by disabling the KDE Connect system tray icon.

As openSUSE continues to evolve with Plasma 6, Tumbleweed, Kalpa and Slowroll remain dedicated to delivering a fresh, stable and updated systems to the global open-source community.

The openSUSE KDE packaging team encourages users to embrace this new phase, explore the rich features of Plasma 6 and provide feedback to help refine future releases. The adventure is just beginning for Plasma 6 and we invite people to engage with the development of open-source software and to “have a lot of fun” on this journey into a new era of desktop computing.

9
2
submitted 7 months ago by SFaulken@kbin.social to c/openSUSE@kbin.social

Hi, the next TW snapshot 20240311 contains KDE Plasma 6.0.1, Gear 24.02.0 and Frameworks 6.0.0: https://kde.org/announcements/megarelease/6/ Plasma 5 will be replaced, it is no longer part of the ……

10
1

From Dominique Leuenberger at Tumbleweed - Review of the week 2024/10

  • KDE Frameworks and Plasma 6: Lots of progress since last week. By now we reached the QA phase. Optimistic souls bet on next week (no promises though!)
  • KDE Gear 24.02.0 – Requires KDE Frameworks 6 and will land at the same time

Dear Tumbleweed users and hackers,

We have officially reached ‘spring’ (according to some calendars/regions). We cleaned up the staging projects: we accepted all the good things you submitted that passed staging. Neat, eh? That’s what we do all the time anyway, so it’s not that special. The progress on RPM 4.20 fixes in the spec files has been slowing down a bit, but we’re nearing the end. This morning, there were 235 spec files left in Factory that needed touching – and many submit requests are still pending.

In sum, we have released again 6 snapshots this week (0301…0306), containing these changes:

  • ImageMagick 7.1.1.29
  • Python 3.x fixes for CVE-2023-6597 (TmpDir cleaning)
  • Linux kernel 6.7.7
  • kernel-firmware 20240229
  • openblas 0.3.26
  • Tcl 8.6.14
  • RPM: patches to better support reproducible builds. Factory will test-enable this feature on Monday (March 11)
  • Shadow 4.14.6
  • openjpeg 2.5.2
  • GStreamer 1.24.0: We have heard of some users having issues with their local caches.If you experience issues, try “rm ~/.cache/gstreamer-1.0/registry.x86_64.bin”
  • postfix 3.8.6
  • wireplumber 0.4.90

Staging projects are mainly busy with the same things that take some more time to prepare. Luckily, this does not stop progress at all and we have sufficient capacity to test things in parallel. The current list here is:

  • libvirt 10.1.0
  • Mozilla Firefox 123.0.1
  • Poppler 24.03.0
  • KDE Frameworks and Plasma 6: Lots of progress since last week. By now we reached the QA phase. Optimistic souls bet on next week (no promises though!)
  • KDE Gear 24.02.0 – Requires KDE Frameworks 6 and will land at the same time
  • Systemd 255.3: issues with OBS/build and transactional-update were identified. Once addressed, this should move forward soon too.
  • python 3.9 deprecation: we decided to postpone this a little bit due to the still large fallout from Python 3.12 addition. Removing a Python flavor will require us to rebuild all the Python packages for the new builds to drop the python39 flavor. Too many packages fail to build at this moment.
  • dbus-broker: no progress this week
  • libxml 2.12.x: slow/no progress
  • GCC 14: phase 2: use gcc14 as the default compiler

Cheers, Dominique

11
1
12
1
Leap 15.6 Reaches Beta Phase (news.opensuse.org)

The openSUSE Project is thrilled to announce the Beta release phase of Leap 15.6.

Feel free to download Leap 15.6 Beta images from get.opensuse.org and test it out, or upgrade from your existing Leap 15.5 system by running zypper --releasever=15.6 dup. You might want to get familiar with known issues in Leap 15.6.

Show your support by dropping in today at our Thursday Weekly Meeting at 20:00 UTC and participate in the live Leap 15.6 Beta testing event aka “Bug Day”. The event will be live streamed to the openSUSE channel on youtube.

“Let’s make sure that Leap 15.6 runs well on your hardware, and that we can keep it that way for the next 18 months,” said Lubos Kocman, openSUSE Leap release manager. “We cannot address hardware issues, feature requests and other issues without knowledge of these problems. Our openQA is limited. Testing different hardware and reporting these issues are a big help.”

Built on top of SUSE Linux Enterprise 15 Service Pack 6, the Beta, which has full compatibility with the enterprise Linux release will focus on stability and offer an option for those seeking to migrate to an enterprise distribution.

One core aspect of Leap 15.6 is the Linux Kernel 6.4 version, which will have extensive backport updates and the release is expected to gain fresher software and hardware support.

Along with the updated Kernel version, glibc 2.38, systemd 254 and firmware updates with dracut 059+ version are expected to enhance processing power and faster boot times.

The container stack was refresh as podman 4.8 version provides more support. Nextcloud out of box can be easily run in an optimal way with quadlets. The newest versions of distrobox, docker, python-podman and skopeo are available for container use.

The virtualization stack also gains newer versions with Xen 4.18, KVM 8.1.3, libvirt 1.0 and virt-manager 4.1.

Updates software packages related to telecommunications received updates and Leap 15.6 is expected to have DPDK 22.1 and versions 3 and 4 of Open vSwitch will be available.

The Beta introduces substantial updates across the board, starting with the KDE environment. Qt 5 receives an uplift to 5.15.12+kde147 and has security enhancements from KDE developers beyond the standard release. This update brings a move to KDE Frameworks 5.114.0 and marks a leap from the previous 5.90.0 version. Alongside this, Qt6 moves up to version 6.6.1 and ensures that the latest applications can run smoothly with the new libraries. Python bindings for both PyQt5 and PyQt6 are updated and aligns well with the Python 3.11 stack.

GNOME users will be delighted with the GNOME 45 update, which will enhance the user experience with new features and refinements. The desktop environment continues to evolve, providing a sleeker and more intuitive interface.

Audio handling receives a dual upgrade as PulseAudio is updated to version 17.0 and features improved hardware and Bluetooth support, which includes device battery level reporting. Meanwhile, PipeWire steps up to version 1.0.3 and expands its capabilities with new features and enhances compatibile with Pulseaudio and JACK.

Packages related to security were also updated for the beta phase and OpenSSL 3.1.4 is the new default. Other related libraries that are updated are liboqs 0.8.0, python-pycurl, python-uamqp, python3-python3-saml, python-xmlsec, python3-M2Crypto. firewalld 2.0.1, gnutls 3.8.0 and openvpn 2.6.x. The update of AppArmor 3.1.6 could possibly see an upgrade to version 4.

The project’s release engineering team encourages users to download, test, and provide feedback for the Leap 15.6 Beta. This helps to identify and resolve any issues before the final release, which is slated for mid-June, according to the roadmap.

This release marks another milestone in offering a stable, feature-rich platform for workstations, servers and more. Users and developers are encouraged to join the efforts in refining this release by reporting bugs, contributing to the software and sharing experiences. Community efforts with every test, bug report or feedback provides valuable step toward a successful launch of openSUSE Leap 15.6.

Download the Beta

The Leap 15.6 Beta is available on get.opensuse.org. Pick an image fitting your purpose. Install it on a VM like virtualbox, GNOME Boxes or install it on your own hardware, which we prefer.

13
1
submitted 8 months ago* (last edited 8 months ago) by Archaeopteryx@discuss.tchncs.de to c/openSUSE@kbin.social

Welcome to the monthly update for openSUSE Tumbleweed for February 2024. This month we get one more day in February because of Leap year, but here is what we have for the month. This blog aims to provide readers with an overview of the key changes, improvements and issues addressed in openSUSE Tumbleweed snapshots throughout the month. Should readers desire a more frequent amount of information about openSUSE Tumbleweed snapshots, readers are advised to subscribe to the openSUSE Factory mailing list.

New Features and Enhancements

  • Linux Kernel: February brought updates to the Linux kernel, progressing through versions 6.7.2 to 6.7.6. These updates focus on enhancing memory management, addressing some security vulnerabilities, and introducing support for new hardware models, ensuring improved compatibility and performance across various systems.

    • Fixes for various issues, including null-pointer dereference in powerpc/mm, incorrect node setting for arm64 irq, and build errors in powerpc architecture.
    • Correcting the node assignment for VMAP stack in the arm64 irq module.
    • Fix for a null-pointer dereference in pgtable_cache_add in the powerpc/mm module.
    • Fixes for various issues in filesystems like ext4 and JFS.
    • Ensuring proper handling of NMIs during very early boot in the x86/boot module.
    • New hardware support or models:
    • Colorful X15 AT 23 Laptop
  • KDE Frameworks: Update for version 5.115.0.

    • xtra CMake Modules: The ECMUninstallTarget now ports generated code away from deprecated exec_program, enhancing compatibility and maintainability.
    • KHolidays: Adds St Brigid’s Day.
    • KIO: Once again KDirModel, allows expanding network directories in file picker.
    • prison : Enables exceptions for videoscannerworker.cpp.
  • Mesa: Updates to 23.3.6

    • zink: Addresses flickering artifacts in Selaco, broken colors/dual-source blending on PinePhone Pro, and fixes sparse bo placement.
    • panfrost: Resolves graphical artifacts on T604 (T600), fixes intermittent compiler failures when building valhall tests, and pads compute jobs with zeros on v4.
    • radeonsi: Fixes unsynchronized flips/tearing with KMS DRM rendering on 780M and addresses heavy corruption in Amnesia: The Dark Descent.
    • VK: Various fixes for flaky tests, fullscreen “banding” artifacts in Age of Empires IV, and failures in dEQP-VK pipeline tests.
  • systemd: Updates to version 254.9.

    • vconsole-setup: Resolved issue where vconsole-setup would fail if the only found vc is already used by plymouth.
    • systemd-testsuite: Dependency updated to “qemu” instead of “qemu-kvm”, the latter being obsolete.
    • test/test-shutdown.py: Option added to display test I/Os in a dedicated log file.
    • man pages: Documentation update to include ranges for distributions config files and local config files.
    • libbpf: Version of libbpf dlopened by systemd updated (weak dependency).
  • glibc: Updated from version 2.38 to 2.39,

    • PLT Rewrite: Introduction of a new tunable, glibc.cpu.plt_rewrite, allows for enabling PLT rewrite on x86-64 architectures.
    • Sync with Linux Kernel 6.6: Synchronization with Linux kernel 6.6 shadow stack interface.
    • New Functions: Addition of new functions on Linux, including posix_spawnattr_getcgroup_np, posix_spawnattr_setcgroup_np, pidfd_spawn, pidfd_spawp, and pidfd_getpid.
    • scanf-family functions: Support for the wN format length modifiers for arguments pointing to specific types.
    • Memory Allocation Tunable: Introduction of a new tunable, glibc.mem.decorate_maps, for adding additional information on underlying memory allocated by glibc.
    • ISO C2X: Inclusion of the <stdbit.h> header from ISO C2X.
    • AArch64: Addition of new symbols to libmvec on AArch64.
    • ldconfig Enhancements: ldconfig now skips file names containing specific characters and patterns.
    • Dynamic Linker Improvements: The dynamic linker calls the malloc and free functions in more cases during TLS access if a shared object with dynamic TLS is loaded and unloaded.
  • Cups-Filters: Updates to version 1.28.17

    • Improved Printer Capability Discovery: Enhancements to more reliably discover all printer capabilities from driverless printers, particularly borderless printing. This includes preferring Apple Raster over PWG Raster or PCLM formats.
    • PPD Generator Optimization: The PPD generator now creates only one *cupsFilter2 line for raster, utilizing the most desirable/reliable format, usually Apple Raster.
    • Media Database Handling: Enhancements in handling media-col-database and media-col-ready IPP attributes separately if needed, revealing important functionality like borderless printing.
    • Margin Alternatives Consideration: Consideration of all margin alternatives when generating PPD files for driverless printers, ensuring the discovery of borderless functionality for many printers.
    • Image Printing Enhancements: Images are now printed in their original size with “print-scaling=none”, and deprecated data types for reading TIFF images have been replaced with modern equivalents.
  • openvpn: Updates to version 2.6.9

    • Enhanced Logging: SSL alerts are now logged more prominently, improving visibility into SSL-related issues.
    • Documentation Improvements: Clarifications and additions to documentation, including the documentation of the tls-exit option as a primarily test option.
    • Code Cleanup: Removal of unused function prototypes and redundant code, ensuring cleaner codebase and improved maintainability.
    • Error Handling: Addition of missing error checks and enhancements to error messages for better debugging and troubleshooting.
    • Security Enhancements: Implementation of the --tls-export-cert feature and addition of checks for TLS 1.0 PRF availability, improving security measures.
    • Configuration Clarifications: Clarifications regarding the tls-crypt-v2-verify option and removal of redundant options like --tls-export-cert.
    • Library Compatibility: Support added for newer versions of dependencies like mbedtls 3.x.y, with TLS 1.3 support disabled.

Security Updates

This month’s updates include critical security patches and bug fixes for glibc, GStreamer, Salt, Xen and many other packages.

Bug Fixes

Conclusion

February 2024 for openSUSE Tumbleweed showcases a diverse range of updates and improvements across essential components. There were critical security patches for software like glibc, GStreamer and Salt. The kernel updated from 6.7.2 at the beginning of the month to 6.7.6. There were updates for KDE Frameworks, Mesa, systemd, Cups-Filters and other core components. Other significant upgrades during the month included fwupd 1.9.13, PostgreSQL 16.2, Pulseaudio 17.0, GTK 4.12.5, Python 3.11.8, RPM 4.19.1.1, Mozilla Firefox 122.0.1, PHP 8.2.16, Poppler 24.02.0, Shadow 4.14.5, binutils 2.42, Qemu 8.2.1 and, Python 3.12. Next month should see systemd 255.3 arrive in the rolling release as the package is currently in staging.. The openSUSE team encourages users to continue participating through bug reports, feature suggestions and discussions. Contributing to openSUSE Tumbleweed

Your contributions and feedback make openSUSE Tumbleweed better with every update. Whether reporting bugs, suggesting features, or participating in community discussions, your involvement is highly valued.

14
1

Like many open-source projects, the Uyuni Project has a long tradition of fostering community engagement and open dialogue, which is why those who are interested in configuration management should consider joining the Uyuni Community Hours scheduled for Feb. 24 at 15:00 UTC.

Uyuni Community Hours sessions take place on the last Friday of the month. The sessions offer an invaluable opportunity for both the community and the project’s development team to come together.

During these sessions, participants are presented with the latest developments surrounding Uyuni. This open forum allows the community to ask questions, provide feedback and suggest features or enhancements directly to the development team. This proactive approach helps Uyuni to evolve and align with the needs and expectations of its user base.

The session for this Friday addresses the community’s feedback and needs:

  • Meeting Migration Recap: An overview of recent changes to the meeting platform, enhancing accessibility and participation for the community.
  • What’s New in Uyuni: A detailed exploration of the latest features and improvements in the February 2024 release of Uyuni.
  • Containerized Uyuni: Release Strategy: Insights into the future of Uyuni’s deployment and management within containerized environments.
  • Uyuni Health Check: Running on top of a “supportconfig”: Introduction of a new tool designed to simplify and streamline health checks for Uyuni servers.
  • One Shot Execution of Recurring Actions: A discussion on enhancing task management and execution within the Uyuni framework.
  • Testing, Building, and Publishing the Documentation with GitHub Actions: An innovative approach to maintaining and distributing up-to-date documentation for Uyuni users and developers.

This session is accessible with a detailed agenda and is meant to keep the contributing community well-informed of upcoming topics and discussions. Whether a developer, administrator or an open-source software enthusiast, join the Uyuni Community Hours to offer valuable insights into the project’s progress and future initiatives. ___

15
1
submitted 8 months ago* (last edited 8 months ago) by SFaulken@kbin.social to c/openSUSE@kbin.social

For those of you that haven't played with, or find the online documentation for containerizing your workloads to be a bit intimidating, I wrote a blog post/How To on putting together a container, and setting up the systemd services to manage it. Hope it's helpful to folks.

https://sfalken.tech/posts/2024-02-23-quick-and-dirty-podman/

16
1
submitted 8 months ago by SFaulken@kbin.social to c/openSUSE@kbin.social

Explore the fundamentals of RPM packaging in Episode 2 of our openSUSE Community Workshops that starts with a simple 'Hello World' program. Guided by openSUS...

17
1
submitted 8 months ago by SFaulken@kbin.social to c/openSUSE@kbin.social

This week, Jonathan Bennett and Dan Lynch talk with Shawn W Dunn about openSUSE Kalpa, the atomic version of openSUSE Tumbleweed, with a KDE twist. What exactly do we mean by an Atomic desktop? Is …

18
2
19
2
submitted 8 months ago by SFaulken@kbin.social to c/openSUSE@kbin.social

In this session, we will delve into the basics of utilizing the Open Build Service (OBS) and the osc command-line tool, using a practical example of a versio...

20
2
submitted 8 months ago by SFaulken@kbin.social to c/openSUSE@kbin.social

The openSUSE community is pleased to announce that it will have short sessions aimed at encouraging people on how to contribute to the project. A group of vo...

21
2
submitted 9 months ago by SFaulken@kbin.social to c/openSUSE@kbin.social

https://etherpad.opensuse.org/p/weeklymeeting20240206
https://etherpad.opensuse.org/p/weeklymeeting20240208

Community meetings happen most Tuesdays (14:30 UTC) and Thursdays (20:00 UTC) at https://meet-test.opensuse.org/meeting (No requirement to turn on your Microphone or Camera, if you just want to observe, or participate via text.)

22
2
The Year of Agama (yast.opensuse.org)
submitted 9 months ago by SFaulken@kbin.social to c/openSUSE@kbin.social

Take a look to the Agama roadmap for 2024

23
1

Results from a use case survey gave some insightful information about how people perceive openSUSE Slowroll. Some view it as a replacement for openSUSE Leap,...

24
2
submitted 9 months ago by SFaulken@kbin.social to c/openSUSE@kbin.social

Dear openSUSE members, The openSUSE Board Election is now closed. 199 out of 552 eligible members have cast their vote in this election. The election result is as follows: Simon Lees ……

25
2

The openSUSE release team confirms there will be a successor to Leap 15 and it’s a numerical leap forward. As many eagerly await the arrival of Leap 15.6 thi...

view more: next ›

openSUSE

1 readers
1 users here now

The makers’ choice for sysadmins, developers and desktop users. www.opensuse.org openSUSE (IPA: oʊpənˈsuːzə) is a project that serves to promote the use of free and open-source software. openSUSE is well known for its Linux distributions, mainly Tumbleweed, a tested rolling release, and Leap, a distribution with long-term support.

founded 1 year ago