Fri, Nov 24th, 2023
Flatpak, OpenVPN, Bash update in Tumbleweed
Snapshot 20231122 is the latest to arrive for openSUSE’s rolling release users. An update of the super-thin layer on the DBus interface, fwupd, arrived in the snapshot; the 1.9.9 version includes a new generic request feature that identifies the device power cable status to enhance devices’ power management capabilities. The package also incorporates support for specific hardware like the Lenovo X1 Yoga Gen 7 530E. The update of git 2.43.0 had a multitude of enhancements, which includes improvements in handling the
--rfc option within
git format-patch and the package enhances maintenance job schedules, updates handling of authentication data in libsecret keyrings and adds flexibility for aliases in command-line completion scripts. The update of transactional-update 4.5.0 improves handling of permissions when creating overlays in libtukit, introduces support for rollback via the library, implements snapshot delete and rollback methods in tukitd and adding checks for missing arguments in tukit commands like
abort. There was also some code cleanup for the software package. A few more packages updated in the snapshot like xen 4.18.0_04 and package installer python-pip 23.3.1, which resolves issues related to error handling, metadata normalization, and handling of removed versions.
An update of openvpn 2.6.8 arrived in snapshot 20231121. The new version fixes issues such as a SIGSEGV crash caused by an unsuccessful TLS handshake that had memory issues leading to sending freed memory to the peer and fixes hard incompatibilities between client and server versions. The update removes certain obsolete features, adds warnings for specific configuration combinations and introduces improvements to the build systems for Windows platforms. A 17.0.5 update of llvm17 made adjustments for testing clang-tools-extra and liker LLD components while maintaining consistency in test adaptations. The Linux Kernel also updates in the snapshot as kernel-source updates to version 6.6.2 and resolves multiple issues within the Wi-Fi subsystem, including RCU usage warnings and other improvements across the kernel codebase. Several other packages updated in the snapshot including ImageMagick 22.214.171.124, yast2-trans and more.
While not having the most packages of the week, snapshot 20231120 was fairly sizable due to an update of libreoffice 126.96.36.199. The updated office suite version fixes crash occurrences, misalignments in document layout, errors in the PDF export and the incorrect display of tables and text frames in .DOCX files. For more in-depth information can be found in the LibreOffice changelog. The update of gnutls 3.8.2 resolves a timing side-channel vulnerability within the RSA-PSK key exchange that was known as CVE-2023-5981. The utility also introduces Application Programming Interfaces functions enabling Elliptic Curve Diffie-Hellman and Diffie–Hellman key protocol agreement. The update of image editor inkscape 1.3.1 addresses more than 30 crashes and freezes, which particularly impacts PDF import and Live Path Effects. The package provides two new features; the first is the ability to split text into individual letters while the other new feature allows for a disablement of snapping to grid lines. Gradient dithering is now also available. More than half a dozen other packages were updated in the snapshot.
Flatpak 1.15.6 and harfbuzz 8.3.0 both updated in snapshot 20231119. The 8.3.0 version of the text shaping engine enhances the memory barrier to prevent potential segfaults and various fixes related to subsetting and instancing. The option name
hb-subset has been renamed to
--variations for consistency among tools. Flatpak mandates a requirement for bubblewrap version 0.8.0 in distributions that compile Flatpak separately.The package enhances security by setting user namespace limits and improves the handling of environment variables for subsandboxes initiated by flatpak-portal. The gnome-bluetooth 42.7 resolves issues related to the Obex Push server’s automatic acceptance of files from paired devices. The bluez-gnome fork tackles bugs causing inconsistencies between the device’s connection switch appearance and the actual connection state. The update of webkit2gtk3 2.42.2 addresses a Content Security Policy regression that previously impacted Unity WebGL applications. The package also resolves CVE-2023-41983 and CVE-2023-42852, which allowed for the processing of web content that may have led to arbitrary code execution. A few other packages updated in the snapshot.
Snapshot 20231117 has several package update. Bash 5.2.21 includes multiple upstream patches to address various issues like resolving an off-by-one error causing command substitutions to fail within a here-document. The package fixes cases where the shell incorrectly attempted to set the terminal’s process group back to the shell’s and also fixes for problems related to returning tokens during syntax errors. An update of AppStream 0.16.4 introduces new features including the allowance of hyphens in the last segment of a component-ID and the implementation of the developer element for unique developer IDs. The update of bind 9.18.20 addresses issues such as incorrect resigning of unsigned inline-signed zones containing DNSSEC records and Service Location Protocol has been disabled by default for openSUSE Factory and ALP due to bsc#1214884. Other packages to update in the snapshot were gstreamer 1.22.7, libcrypt 1.10.3, libstorage-ng 4.5.157, nodejs21 21.2.0, pipewire 0.3.85, poppler 23.11.0 and several more.
Thu, Nov 23rd, 2023
Selecting the New Face of openSUSE is Underway
This competition marks a pivotal moment for openSUSE and the voting goes until Dec. 10.
Before making any selections, people are encouraged to visit en.opensuse.org/Logocontest and view the logos before voting.
The number of submissions speaks volumes about the community’s enthusiasm and engagement with 18 submissions for Kalpa, 24 submissions for Slowroll, 21 submissions for Leap, 32 submissions for Tumbleweed and an impressive 36 submissions for a potential new openSUSE logo.
The submissions symbolizes the collaborative spirit within open-source communities and showcases the diverse set of ideas and creativity from contributors around the world. Brand image can influence user perception and community engagement in open-source projects, and a big THANK YOU goes out to all the people who submitted a logo design.
While the project had several chameleon-inspired designs, the distribution’s submissions varied in concepts and styles. The intent of the competition was to have the submitted logo designs depict a unified brand for the openSUSE Project.
New openSUSE distribution logos like Leap Micro, Aeon, and MicroOS are designed with simple shapes and lines for uniqueness and interest, which were typically empty outlines. Some submissions did fulfill this design concept. It’s important to note that although Leap Micro, Aeon, and MicroOS are mentioned, new logos for these were not part of competition. However, these can be affected by a generalized theme.
The person doing the branding changes and maintenance has a say in any changes. The ultimate brand decision will rest with members of the project doing the implementation, but the results from this logo competition will provide an expressed opinion of the brand identity project wide.
Winners of the contest will be announced following the vote tally and will be sent a “Geeko Mystery Box” as a token of appreciation for their contributions.
Last month the community announced a logo competition for a new openSUSE logo as well as four openSUSE distributions; Tumbleweed, Leap, Slowroll and Kalpa.
Vote now at survey.opensuse.org.
Upgrade a PostgreSQL container to a new major version
Wed, Nov 22nd, 2023
Submit a Presentation for the openSUSE Conference
The time has arrived for people to begin submitting talks for openSUSE Conference 2024.
This year’s conference theme is: Evaluating the Future: Where Are We Going?
The theme sets the stage for exploring the evolving landscape of technology and open-source innovation. We invite those people submitting a talk for this year’s conference to delve into talks that will inspire thought-provoking discussions, analyses and predictions about the future trajectory of open-source development, emerging technologies, the openSUSE project and more.
Until April 15, people can submit proposals for a talk or workshop to share insights and their expertise.
The conference is scheduled to take place June 27 to 29 in Nuremberg, Germany.
Presentations can be submitted for the following length of time:
- Lightning Talk (10 mins)
- Virtual Lightning Talk (10 mins)
- Short Talk (30 mins)
- Virtual Talk (30 mins)
- Long Talk (45 mins)
- Workshop (1 hour)
The following tracks are listed for the conference:
- Cloud and Containers
- Embedded Systems and Edge Computing
- New Technologies
- Open Source
Speakers are encouraged to submit proposals that align with this year’s theme.
Topics under this theme might include:
- Futuristic Trends: Predictions and insights into upcoming technological trends shaping open-source landscapes.
- Ethical Tech: Discussions on the ethical implications of technological advancements and how open-source communities can navigate them.
- Innovation and Disruption: Exploring how innovation drives disruptions and reshapes industries within the open-source ecosystem.
- Sustainability and Accessibility: Evaluating how open-source technologies contribute to sustainable and accessible solutions for the future.
- Emerging Challenges: Addressing challenges and obstacles that might hinder the progress of open-source development in the coming years.
- Collaborative Futures: Assessing the role of collaboration and community-driven efforts in shaping the future of open-source projects.
Conferences need sponsors to support community driven events to keep events free and open to new contributing members and companies can find sponsorship information on the project’s wiki page.
Tue, Nov 21st, 2023
The Road to openSUSE Board Elections is Open
The elections are structured into three distinct phases, each playing a crucial role in selecting dedicated leaders to steer the project’s future.
Phase 0: Setting the Stage
Phase 0, which started Nov. 15, marks the initiation of the Board Election process. This period serves as the Call for Nominations and Applications for Board candidacy. Individuals interested in running for the openSUSE Board are urged to step forward, mindful of the significant two-year commitment required for the role. Candidates must be openSUSE members, and the Election Committee ensures a fair process by prohibiting committee officials from standing for election to avoid conflicts of interest. This process runs until Nov. 30.
Phase 1: Campaign and Awareness
Following the closure of the announcement process, Phase 1 starts on Dec. 1. This stage sparks the campaign period where candidates showcase their vision, plans, and aspirations for openSUSE. The community becomes the focal point of the campaigners.
Phase 2: Voting Time
Transitioning into Phase 2 on Dec. 15, the community takes center stage in influencing the project’s direction. Ballots open, allowing eligible members to cast their votes via a secure electronic system. Each vote is crucial and shapes the leadership that will guide openSUSE in the upcoming years. There are two seats available for this year’s board.
For any inquiries or clarifications, individuals can reach out to the committee at email@example.com.
By actively participating in the openSUSE Board Elections 2023, every member contributes to the shared vision of a stronger, more resilient open-source community.
The countdown has begun and we look forward to reading the announcements from the new candidates on the openSUSE Project mailing list.
Mon, Nov 20th, 2023
openSUSE.Asia Summit 2024: Call for Host
openSUSE.Asia Summit 2024: Call for Host
The openSUSE.Asia Summit is an annual openSUSE conference in Asia and a great opportunity where contributors and enthusiasts from Asia come together and meet face to face. The event focuses primarily on the openSUSE distribution, its applications for personal and enterprise use, and open source culture.
In 2023, we held an offline openSUSE Asia Summit from October 21-22 at Chongqing University of Posts and Telecommunications.
And we ready to call for hosts to you who are interested in hosting the openSUSE.Asia Summit 2024
Here is the date you need take notes:
- March 4: Deadline of application
- March 31: Announcement of the next host
openSUSE:Asia Summit Tips for Organizers at: https://en.opensuse.org/openSUSE:Asia_Summit_Tips_for_Organizers
Please refer to it before writing your proposal.
How to Submit ?
Please send your proposal by email to both firstname.lastname@example.org and email@example.com. Proposal should contain:
- Venue and capacity (we prefer using campus building, but any alternative can be discuss later)
- How to reach your city and venue
- Budget Estimation
- Conference Venue
- Tea break, Lunch, Dinner, Conference Tour, etc.
- Introduction to your community who will organize the summit
Please help to spread the words and we are looking forward to hearing from you soon!
Further information about openSUSE.Asia Summit is available at: https://en.opensuse.org/Portal:Asia_Summit
Fri, Nov 17th, 2023
openSUSE Tumbleweed – Review of the week 2023/46
Dear Tumbleweed users and hackers,
We are slowly but surely reaching the end of the year 2023 with just six more weeks to go. This week we had some minor glitches on the publishing side: snapshot 1109 had been marked for publishing, but the syncing never happened. As this was just over the weekend, nobody noticed this until Monday, when the next snapshot was already pending in the publisher queue (and also not going out). The issue was then swiftly rectified with the help of the build service team. As a consequence, only the four snapshots 1110, 1113, 1114, and 1115 have been published. The changes from 1109 are not lost: they were still present in the subsequently published snapshots.
The most relevant changes to report during this week are:
- Linux kernel 6.6.1
- KDE Gear 23.08.2
- KDE Frameworks 5.112.0
- Binutils 2.41
- gAWK 5.3.0
- PostgreSQL 16.1
- Mozilla Firefox 119.0.1
- libeconf 0.6.0
In the future – near or far – you can count on those changes to reach you:
- GStreamer 1.22.7
- sudo: optional addon configuration for groups wheel or sudo (asking for current user’s password)
- RPM 4.19
- dbus-broker as the default dbus daemon
Thu, Nov 16th, 2023
Gear, Frameworks, Kernel updates in Tumbleweed
Most snapshots came with several new versions for those who used their command line to
While snapshot 20231114 was as enormous as snapshots starting off the week, there were a significant amount of software updates. The open-source client for Enterprise Identity Management sssd updates to version 2.9.3. This update empowers the proxy provider to handle certificate mapping and matching rules. Users managed by the proxy provider can now be configured for local Smartcard authentication, which improves authentication options. An update of xterm 388 enhances the
disallowPasteControls function by adding a category for special characters known to
stty. The new version also includes the updating of
config.sub. Improved messages in the configure script were made with the ncurses 6.4.20231111 update, and it had a patch that modified the reset command to avoid altering
clocal when the terminal employs a modem. Color management package argyllcms updates to 3.0.2 fixes a typo in a module that affected retail i1D3 functionality and fixes crashes with the device link profiles and an update of libstorage-ng 4.5.156 merges a specific GitHub issue and extends the testsuite. Several RubyGems updated in the snapshot. There was an arm image 20231114 snapshot that updates for packages released from earlier in the week. Linux Kernel 6.6.1 and both KDE Frameworks 5.112.0 and KDE Gear 23.08.3 became available for the arm rolling release’s contributors and users.
Frameworks 5.112.0 was released for other architectures in snapshot 20231113. An update of NetworkManagerQt fixed an incorrect signal signature, removed an inaccurate comment and adjusted event listening to accommodate both DBus service registration events and interface added events. There was a replacement of
fsType in naming conventions for KIO and KConfig made adjustments in
kconfigwatcher to avoid asserting absolute paths and had modifications in
dbussanitizer preventing trailing slashes; the update enhances security measures by preventing attempts to send or receive DBus notifications on absolute paths. The ffmpeg-6 6.0.1 version make improvements to AVCodecs, AVformat, and AVfilters a patch was dropped as it was resolved upstream. Mozilla Firefox 119.0.1 had critical bugs affecting HTML elements’ functionality and resolves issues related to color application. The 23.2 version of python311-packaging had changes to parsing markers and improves support for enriched metadata, documentation updates and addressing vulnerabilities by updating the pip. The 41.0.5 version of python-cryptography focuses on enhancements and adjustments related to its integration with OpenSSL. This update has a new function to support an upcoming release of pyOpenSSL. An update of createrepo_c 1.0.2 made changes that prevent building without zstd and removes the dependency on libmagic. An update of the mail transfer agent (MTA) for email handling, postfix, updated to version 3.8.3. The package update addresses a defect in the Postfix SMTP server related to client certificate verification errors in TLS wrapper mode. The update also resolves syntax errors in the
update_postmaps script and adjusts permissions caused by
config.postfix. Several other packages were updated in the snapshot.
While KDE Gear 23.08.3 was later updated in the 20231114 arm image, it was released in snapshot 20231110. The Ark compression/decompression utility n resolves some file format issues and MIME type handling. It also has fixes related to opening AppImage files, checks using outdated ISO mimetypes, and adjusted hardcoded bzip2 mimetypes in tests for greater flexibility. Dolphin made updates reflecting the relocation of KActivities from Frameworks to Plasma. The modifications contribute to improved functionality and alignment within the file manager. There were an enormous amount of changes with Kdenlive in the Gear update. The update fixes timeremap, ensures proper audio handling during clip replacement, addresses project duration inaccuracies, prevents subtitle styling losses, enhances rendering and improves keyframe handling and clip resizing functionalities. Linux Kernel 6.6.1 arrived in the snapshot also before the arm image snapshot and it had bug fixes for several driver modules and compatibility enhancements for specific hardware devices to include adjustments for serial, USB, Advanced Linux Sound Architecture, Bluetooth, and more. An update of gimp 2.10.36 includes support for ASE (Adobe Swatch Exchange) and ACB (Adobe Color Book) palettes and a new gradient option. This is enhanced support for non-square ratio GIFs and an improved text tool formatting behavior. An update of postgresql16 16.1 adds support for LLVM 16 and 17. It also had some security fixes including handling unknown-type arguments and preventing an integer overflow when computing new array dimensions. Update of binutils 2.41, gawk 5.3.0 and more arrived in the snapshot.
Wed, Nov 15th, 2023
Music of the week: the Cello
I love the melodies of Metallica songs. However, I strongly prefer instrumental music. That’s why I was very happy, when someone brought Apocalyptica to my attention: they played Metallica on four cellos. Over the years I discovered that metal or any other music sounds nice on cellos, as I learned about two more bands: 2cellos and Mozart Heroes.
But I should not rush so far ahead. In the year 2000 someone introduced me to Metallica. I loved the melodies, but I’m not a great fan of singing. A few months later another friend introduced me to Apocalyptica, when learned about my problem. The same wonderful melodies, but purely instrumental music. First I bought their first album: “Apocalyptica plays Metallica by Four Cellos” and soon after also the second one: “Inquisition Symphony”.
The next album I heard from Apocalyptica also featured a singer. That’s not something for me. That’s when I learned from a colleague about 2Cellos, a Croatian cellist duo. They played a wide variety of arrangements, everything from classical, through rock to pop. I quickly listened to all of their albums on TIDAL, and watched some of their videos on YouTube. This is my favorite:
I learned about Mozart Heroes from a friend who’s son plays the cello. It is not purely cello music, as the other member of the band plays the guitar. Still, it was instant love. They also play arrangements, often combining a classical piece with something modern in the very same song. Sometimes the transition from one melody to the other is completely seamless. In the video below they combine Mozart and Metallica in a song:
For almost two decades I did not follow Apocalyptica, as the new music I heard from them was not purely instrumental. As Covid broke out, many concert tours were canceled. Some of these were replaced by free on-line streaming. I do not remember how I learned that Apocalyptica would also be performing an online concert, but as I did not have anything better to do, I watched it. It was pure instrumental, and love at first sight, so I bought the new album as soon as it became available in Hungary. Below I link the whole concert, which I watched live 3.5 years ago.
Nobody is perfect, so there is a little twist in my story. The original reason I fell in love with cello arrangements was that they were all instrumental. There was no singing. A good friend mentioned that Apocalyptica is coming in our part of Europe, but unfortunately playing together with another band, and there is singing. I listened to it, and to my greatest surprise, despite the vocals, it was absolutely beautiful. To me, anyway :-)