Our first distro exploration for 2023 was GeckoLinux, a series of spins of openSUSE that makes an easy on-ramp to get into openSUSE with the desktop of your choice. You have the option of going with the static core of openSUSE Leap or the rolling Tumbleweed with these desktops: There is also an option to […]

The XRechnung format is a E-Government standard for electronic invoicing. At some point it will be mandatory for every company dealing with German governmental partners to send the invoices in this XML format.

Many commercial vendors have already caught up and provide ways to generate XRechnung formatted documents with their software. However, to my knowledge, the availability of open source end user software is very limited. Since the standard itself is at least very open and transparently documented, so I think it is worthwhile to also support it with free software on the desktop.

Kraft, the desktop software for invoicing and efficient office work in the small enterprise, supports export of XRechnung documents since a while.

Over the weekend I created a new little project that adds a viewer for XRechnung documents called xrview.

A german city was looking for something to evaluate processes in a Linux- and KDE based productivity work environment.

Technically it is not very sophisticated: It renders the provided XML file using XSL styles officially provided by the Koordinierungsstelle für IT-Standards in a two step process to HTML, which is displayed in a web view. Some values of interest are extracted from the XML and displayed in a detail pane on the left side.

This is just a POC and has to be continued, but the time was good to kickstart this project.

Maybe anybody is interested to create a PR to help to improve digitalization in Germany?

Dear Tumbleweed users and hackers,

This week, we had to hold back two snapshots again after a long time. 0120 and 0121 were tested but considered too risky to send out (issues with transactional-updates and microos-tools detected). So, instead, you only got five snapshots this week (0119, 0122, 0123, 0124, and 0125).

The main changes delivered during this week were:

• Linux kernel 6.1.7 & 6.1.8
• GCC 13.0.1
• Mozilla Firefox 109.0
• IceWM 3.3.0 & 3.3.1
• LLVM 15.0.7
• LibreOffice 7.4.4.2
• libxmlb: the first lib in the repo with hwcaps enabled subpackage: libxmlb2-x86-64-v3, Nothing triggers auto-installation of those packages yet. That is a feature to be worked out yet.
• GNOME now identifies as 43.1 in its control center
• Dracut 059
• Libvirt 9.0.0
• Wine 8.0 final release

The following week is difficult to predict. As you might have heard, Hackweek is going on. Some resources thus deviate and there might be fewer submissions – or more if things go nicely and new stuff appears sooner. In any case, the Staging projects currently hold these items:

• KDE Plasma 5.27 beta (5.26.90)
• GStreamer 1.22.0
• Staging:H still tests ruby 3.2 as the new default (some yast modules failing to build)
• Staging:L holds some packages breaking others stuff taking more time, like boost, gpg2, and ant
• Staging:Gcc7 tests the impact of using GCC 13 as the default compiler

In a previous article I have shown how to handle the D-Bus resources provided in general and in particular by the Konsole and Yakuake D-Bus services, and take advantage of them in a Bash script. This time we will explore more services that provide useful features to embed in our Bash scripts.

The openqa-revtui tool is a neat CLI utility for helping you review openQA jobs and job groups. It is part of the openqa-mon project, which has grown in the last years and now consists on more than the job monitoring tool itself.

This week in openSUSE Tumbleweed there was a change from a 2048 bit RSA to a 4096 bit RSA key and four snapshots were released so far.

The larger bit key was a security recommendation and can be found in /usr/lib/rpm/gnupg/keys. The key can be viewed with rpm -qi and the key name. More info about the topic can be found on the Facotry email thread.

The latest snapshot to arrive was 20230124. This snapshot updated apache2 2.4.55 and took care of a few Common Vulnerability and Exposures. CVE-2022-37436 describes a flaw where a malicious backend can cause the response headers to be truncated because they are not cleaned when an error is found while reading them. This could result in some headers being incorporated into the response body and not being interpreted by a client. CVE-2006-20001, which could result in a Denial of Service attack, was fixed. An update of gedit 44.2 fixed a plugin bug and updated translations. The gnome-desktop 43.1 version fixed a thumbnails issue and made the default es-US keyboard more sensible. Meanwhile, glib2 2.74.5 also updated translations and the package dropped a patch that was fixed by upstream. An update of dracut fixed missing entries from version 058 that were added in the 059+suse update; It also adds execute permissions for chore scripts. An update of sudo 1.9.12p2 fixes compilations errors, a potential crash and CVE-2023-22809, which had affected how sudoedit handles user-provided environment variables. The package for atomic updates for Linux operating systems, transactional-update, had some cleanup and small code optimizations in the 4.1.2 version. It also had a fix where previously internal mounts would potentially overwrite user bind mounts. Portuguese and Macedonian languages were updated in yast2-trans. Text editor vim 9.0.1234 and a few other packages were updated in the snapshot.

A few RubyGems and Python Package Index packages were updated in snapshot 20230123. The rubygem-rack updates to 2.2.6.2 and 3.0.4.1 fixes three CVEs all related to regular expression denial of service attacks. An update of python-future, which is a missing compatibility layer between Python 2 and Python 3, updated to version 0.18.3 and added a docker push to optimize continuous integration. The package also dropped a CVE-2022-40899 patch, which could have allowed a remote attack to cause a denial of service via a crafted Set-Cookie. Several other packages were updated in the snapshot including CoreFreq 1.95.1, which is CPU monitoring software designed for 64-bits processors; it adds support for AMD and Intel hardware.

A new major version of Mozilla Firefox arrived in snapshot 20230122. Firefox 109.0! The new version has changes to the WebExtensions Application Programming Interface that is termed Manifest V3 (MV3). The extension support is now enabled by default; it ushers an user interface changes in the form of the new extensions button that looks like a puzzle piece. Linux specific CVE-2023-23598, which was related to a GTK wrapper, was fixed and Spanish users got some changes. The browser builds for es-ES and es-AR locales now come with a built-in dictionary for the Firefox spellchecker. The update of git 2.39.1 took care of a log format and a parsing integer overflow. The update of iptables 1.8.9 supports more chunk types in the Stream Control Transmission Protocol extension; its administration space tool arptables also supports an --exac flag. An update of LibreOffice 7.4.4.2 fixes more than 110 bugs. Bugs like tdf#152495, which crashes Writer when dismissing a guide dialog with the escape button. A fix was also made that deletes paragraph breaks while moving text in ”track changes” mode. Several other packages updated in the snapshot like yast2 4.5.22, xfsprogs 6.1.1, icewm 3.3.0, llvm15 15.0.7 and more.

GNU Compiler Collection 13.0.1 was update in snapshot 20230119 and its added a patch to fix unwinding on AArch64 with pointer signing. The kernel-sourcel 6.1.7 update had less than a handful of Advanced Linux Sound Architecture fixes and Direct Rendering Manager optimizations. Line-oriented text editor ed 1.19 changed the long name of option -s to --script; the option -s now only suppresses byte counts. The adwaita-xfce-icon-theme 0.0.3 package also updated in the snapshot.

The first computer “love” is the Commodore 64 and I get real excited about new developments and uses of modern tech to allow the 40 year old computer to persist. it’s really quite amazing what is now an obscure, old, 8-bit machine has what is arguably a more flourishing existence than it ever has. I […]

This is the fifth part of my syslog-ng tutorial. Last time we had an overview of the syslog-ng configuration and had our first steps working with syslog-ng. Today we learn about syslog-ng source definitions and how to check the syslog-ng version and its enabled features.

You can watch the video on YouTube:

Or you can read the rest the tutorial as a blog at: https://www.syslog-ng.com/community/b/blog/posts/syslog-ng-101-part-5-sources

Originally I was going to make a video of applying a screen protector to the SteamDeck but… why? It’s not like it would be all that interesting and would probably be another turd of a video so just a blathering is just as well. The production time for writing something out is far, far less […]

Collaboration is the heart of the OBS project. Therefore, we have been working on the request page redesign for a while, the page where most of the collaboration happens. This time, we have focused on improving the handling of requests with multiple actions, facilitating the review process by enhancing the code changes and helping out with decision-making, among others. The request redesign is part of the beta program. We started the redesign of the request...