The schedule for this year’s openSUSE.Asia Summit is out and features a diverse lineup of talks highlighting advancements in open-source and with the project.

This year’s event takes place in Tokyo, Japan, and is a two-day event running from Nov. 2 to Nov. 3, that includes talks about technologies involving openSUSE, Fedora, Ubuntu, Debian, AlmaLinux, Rocky Linux, and many other open-source projects.

The summit brings together developers, community members and open-source enthusiasts from around the world to Asia for discussions about Linux distribution updates to security and design.

Fuminobu Takeyama will open the event with a welcome address, which will be followed by a keynote from the company providing the venue, SHIFT Inc.. This will be followed by a talk about What is openSUSE? and talks about the future of Leap and an update about the Geeko Foundation. Trustees from the Geeko Foundation will provide an overview of the foundation’s financial and operational progress as well as providing insights about the use of the Travel Support Program, fundraising efforts and more.

A technical keynote about container and virtualization platforms focusing on openSUSE Leap Micro and a talk about language support for LibreOffice based on specific needs of Chinese, Japanese, and Korean (CJK) users will take place toward the beginning of the summit.

A talk related to secure software packaging and and AI/ML edge computing will provide some great content for attendees on the first day of the summit.

The second day is scheduled to have talks covering areas like the future of desktop Linux, free software in healthcare and geographic information systems using open-source technologies.

Find the schedule at events.opensuse.org.

In a blog post last year Simplify GPU Application Development with HMM on Leap we've described how to install CUDA using the NVIDIA open kernel driver built by SUSE. For this, we utilized driver packages from the graphics driver repository for openSUSE Leap hosted by NVIDIA. This happend to work at the time, as at the time the kernel driver version for the graphics driver happened to be the same as the one used by CUDA. This, however, is not usually the case and at present, therefore this method fails.

NVIDIA CUDA Runtime Installation on openSUSE Leap 15.6 Bare Metal

To recap, CUDA will work with the 'legacy' proprietary kernel driver that has existed for a long time as well as the open driver KMP provided with CUDA. There is also a pre-built driver KMP avaiable on openSUSE Leap (starting with version 15.5). The latter provides the additional perks:

• since it is fully pre-build it does not require an additional tool chain to complete the build during installation - which the CUDA provided drivers will install as dependencies.
  This helps to keep an installation foot print small which is desirable for HPC compute nodes or AI clusters.
• It is singed with the same key as the kernel and its components and thus will integrate seamlessly into a secure boot environment without enrolling an additional MOK - which usually requires access to the system console.

The NVIDIA open driver supports all recent GPUs, in fact, it is required for cutting edge platforms such as Grace Hopper or Blackwell, and recommended for all Turing, Ampere, Ada Lovelace, or Hopper architectures. The the proprietary driver is only still required for older GPU architectures.

The versions of the driver stacks for CUDA and for graphics frequently differ. CUDA's higher level libraries will work with any version equal or later to the one these have been released with. This means for instance, that CUDA 12.5 will run with a driver stack version greater or equal to 555.42.06. The components of the lower level stack - ie. those packages with the driver generation in their name (at the time of writing G06) - need to match the kernel driver version.
The component stack for graphics is always tightly version coupled. To accomodate versions difference for CUDA and graphics, openSUSE Leap is now providing two sets of NVIDIA Open Driver KMPs: the version targetting CUDA has the string -cuda prepended before -kmp in the package name. With this, installing CUDA using the open driver becomes quite simple.

CUDA comes with a number of meta-packages which provide an easy way to install certain aspects while still obeying required dependencies. A more detailed list of these meta packages and their purposes will follow in a future blog. To run applications built with CUDA the only components required are the runtime. If we plan to set up a minimal system - such as an HPC compute node - these are the only components to be installed. They consist of the low level driver stack as well as the CUDA libraries. In a containerized system, the libraries would reside inside the application container.

To install the runtime stack for CUDA 12.9, we would simply run:

# zypper ar https://developer.download.nvidia.com/compute/cuda/repos/opensuse15/x86_64/cuda-opensuse15.repo
# zypper --gpg-auto-import-keys refresh
# zypper -n in -y nv-prefer-signed-open-driver
# version=$(rpm -qa --queryformat '%{VERSION}\n' nv-prefer-signed-open-driver | cut -d "_" -f1 | sort -u | tail -n 1)
# zypper -n in -y --auto-agree-with-licenses \
    nvidia-compute-utils-G06 = ${version} cuda-libraries-12-9

The command above will install the SUSE-built and signed driver. Further changes to the module configuration as described in the previous blog are no longer required.

Now we can either reboot or run

# modprobe nvidia

to make sure, the driver is loaded. Once it's loaded, we ought to check if the installation has been successful by running:

nvidia-smi -q

If the driver has loaded successfully, we should see information about the GPU, the driver and CUDA version installed:

==============NVSMI LOG==============

Timestamp                                 : Mon Aug 12 09:31:57 2024
Driver Version                            : 555.42.06
CUDA Version                              : 12.5

Attached GPUs                             : 1
GPU 00000000:81:00.0
    Product Name                          : NVIDIA L4
    Product Brand                         : NVIDIA
    Product Architecture                  : Ada Lovelace
    Display Mode                          : Enabled
    Display Active                        : Disabled
    Persistence Mode                      : Disabled
    Addressing Mode                       : HMM
...

NVIDIA CUDA Runtime Installation for containerized Workloads

Containerized workloads using CUDA have their highlevel CUDA runtime libraries installed inside the container. The low level libraries are made available when the container is run. This allows running containerized workloads relatively independent of the version of the driver stack as long as the CUDA version is not newer than the version of driver stack used. Depending on what container environment we plan to use, there are different ways to achieve this. We've learned in a previous blog, how to do this using the NVIDIA GPU Operator and a driver container. This does not require to install any NVIDIA components on the container host. The kernel drivers will be loaded from within the driver container, they do not need to be installed on the container host. However, there are other container systems and different ways to install CUDA for K8s.

Set up Container Host for podman

For podman, we require a different approach. For this, kernel driver as well as the nvidia-container-toolkit need to be installed on the container host. We need to use the container toolkit to configure podman to set up the GPU device files and the low level driver stack (libraries and tools) inside a container.

# zypper ar https://developer.download.nvidia.com/compute/cuda/repos/opensuse15/x86_64/cuda-opensuse15.repo
# zypper --gpg-auto-import-keys refresh
# zypper -n in -y nv-prefer-signed-open-driver
# version=$(rpm -qa --queryformat '%{VERSION}\n' nv-prefer-signed-open-driver | cut -d "_" -f1 | sort -u | tail -n 1)
# zypper -n in -y --auto-agree-with-licenses \
    nvidia-compute-utils-G06 = ${version} \
    nvidia-container-toolkit

Now, we can configure podman for the devices found in our system:

# nvidia-ctk cdi generate --output=/etc/cdi/nvidia.yaml

This command should show INFO as well as some WARN messages but should not return any lines marked ERROR. To run containers which use NVIDIA GPUs, we need to specify the device using the argument: --device nvidia.com/gpu=<device>. Here, <device> may be on individual GPU or - on GPUs that support Multi-Instance GPU (MIG) - an individual MIG device: ie GPU_ID or GPU_ID:MIG_ID) or all. We are also able to specify multiple devices:

$ podman run --device nvidia.com/gpu=0 \
    --device nvidia.com/gpu=1:0 \
	...

This uses GPU 0 and MIG device 1 on GPU 1.
We may find the available devices by running:

$ nvidia-ctk cdi list

Set up Container Host for K8s (RKE2)

There are different ways to set up the K8s to let containers use NVIDIA devices. One has been described in a separate blog), however the driver stack can also be installed on the container host itself while still using the GPU Operator. The disadvantage of this approach is that the driver stack needs to be installed on each container host.

# zypper ar https://developer.download.nvidia.com/compute/cuda/repos/opensuse15/x86_64/cuda-opensuse15.repo
# zypper --gpg-auto-import-keys refresh
# zypper -n in -y nv-prefer-signed-open-driver
# version=$(rpm -qa --queryformat '%{VERSION}\n' nv-prefer-signed-open-driver | cut -d "_" -f1 | sort -u | tail -n 1)
# zypper -n in -y --auto-agree-with-licenses \
    nvidia-compute-utils-G06 = ${version}

We need to perform above steps on each node (ie, server, agents) which have an NVIDIA GPU installed. How to continue depends whether we perfer to use the NVIDIA GPU Operator (without a driver container) or just use the NVIDIA Device Plugin container.

with the NVIDIA GPU Operator

Once the previous steps have been completed, we can start the GPU Operator:

OPERATOR_VERSION="v24.6.1"
DRIVER_VERSION="555.42.06"
helm repo add nvidia https://helm.ngc.nvidia.com/nvidia
helm repo update
helm install \
  -n gpu-operator --generate-name \
  --wait \
  --create-namespace \
  --version=${OPERATOR_VERSION} \
  nvidia/gpu-operator \
  --set driver.enabled=false \
  --set driver.version=${DRIVER_VERSION} \
  --set operator.defaultRuntime=containerd \
  --set toolkit.env[0].name=CONTAINERD_CONFIG \
  --set toolkit.env[0].value=/var/lib/rancher/rke2/agent/etc/containerd/config.toml \
  --set toolkit.env[1].name=CONTAINERD_SOCKET \
  --set toolkit.env[1].value=/run/k3s/containerd/containerd.sock \
  --set toolkit.env[2].name=CONTAINERD_RUNTIME_CLASS \
  --set toolkit.env[2].value=nvidia \
  --set toolkit.env[3].name=CONTAINERD_SET_AS_DEFAULT \
  --set-string toolkit.env[3].value=true

We need to set OPERATOR_VERSION to the GPU Operator version we whish like to use and DRIVER_VERSION to the driver version we are running. Now, we are able to see the pods starting:

kubectl get pods -n gpu-operator

The final state should either be Running or Completed. Now, we should check the logs of the nvidia-operator-validator whether the driver has been set up successfully

# kubectl logs -n gpu-operator -l app=nvidia-operator-validator

and the nvidia-cuda-validator if CUDA workloads can be run successfully.

# kubectl logs -n gpu-operator -l app=nvidia-cuda-validator

Both commands should return that the validations have been successful.

without the NVIDIA GPU Operator

Alternatively, we can set up NVIDIA support without the help of the GPU Operator. For this, we will need to create a configuration - much like for podman - and use the NVIDIA Device Plugin. If not done already, we need to install the nvidia-container-toolkit package, for this:

# zypper -n in -y nvidia-container-toolkit

and restart RKE2:

# systemctl restart rke2-server

on the K8s server or

# systemctl restart rke2-agent

on each agent with NVIDIA hardware installed. This will make sure, the container runtime is configure appropriately.

Once the server is again up and running, we should find this entry in /var/lib/rancher/rke2/agent/etc/containerd/config.toml:

[plugins."io.containerd.grpc.v1.cri".containerd.runtimes."nvidia"]
  runtime_type = "io.containerd.runc.v2"
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes."nvidia".options]
  BinaryName = "/usr/bin/nvidia-container-runtime"
  SystemdCgroup = true

Which is required to use the correct runtime for workloads requiring NVIDA harware. Next, we need to configure the NVIDIA RuntimeClass as an additional K8s runtime so that any user whose pods need access to the GPU can request them by using the runtime class nvidia:

# kubectl apply -f - <<EOF
apiVersion: node.k8s.io/v1
kind: RuntimeClass
metadata:
  name: nvidia
handler: nvidia
EOF

Since Device Plugin version 0.15 we need to set a hardware feature label telling the DaemonSet that there is a GPU on the node. This is normally set by the Node or GPU Feature Discovery daemons both deployed as part of the GPU Operator chart. Since we don't use this, we will have to set this manually for each node with a GPU:

kubectl label nodes <node_list> nvidia.com/gpu.present="true"

and install the NVIDIA Device Plugin:

# helm repo add nvdp https://nvidia.github.io/k8s-device-plugin
# helm repo update
# helm upgrade -i nvdp nvdp/nvidia-device-plugin \
  --namespace nvidia-device-plugin --create-namespace \
  --set runtimeClassName=nvidia

The pod should start up, complete the detection and tag the nodes with the number of GPUs available. To verify, we run:

# kubectl get pods -n nvidia-device-plugin
NAME                              READY   STATUS    RESTARTS   AGE
nvdp-nvidia-device-plugin-tjfcg   1/1     Running   0          7m23s
# kubectl get node `cat /etc/HOSTNAME` -o json | jq .status.capacity
{
  "cpu": "32",
  "ephemeral-storage": "32647900Ki",
  "hugepages-1Gi": "0",
  "hugepages-2Mi": "0",
  "memory": "65295804Ki",
  "nvidia.com/gpu": "1",
  "pods": "110"
}

Acknowledgements

Many ideas in this post were taken from the documentation NVIDIA GPUs in SLE Micro.

Further Documentation

NVIDIA CUDA Installation Guide for Linux

Installing the NVIDIA Container Toolkit

Support for Container Device Interface

NVIDIA GPU Operator

Installing the NVIDIA GPU Operator

K8s NVIDIA Device Plugin

NVIDIA GPU feature discovery

After a kernel upgrade on my Framework 13, I encountered recurring issues with non-responsive media keys. Initially resolved by rebooting, the problem persisted despite multiple attempts. I discovered a potential fix involving a config file and restarting the embedded controller. Framework's extensive support helped me troubleshoot this frustrating issue.

Kraft (Github) is the desktop app making it easy to create offers and invoices quickly and beautifully in small companies. It is targetted to the free desktop and runs on Linux.

This is the release announcement of the new Kraft version 1.2.2. This is a small service release that fixes a few bugs and CI issues.

Right after this release, the branch with significant changes for Kraft 2.0 will be merged to master. These changes will make Kraft ready for sharing documents across private file clouds and with that enable use cases for distributed use via internet, along with other significant feature updates.

Details about the next big release with version number 2.0 can be read on the Github Discussion page.

Any feedback and contribution is highly appreciated.

El conocido cliente de correo Thunderbird, pronto estará disponible para dispositivos Android y tu puedes ayudar a probar la versión Beta hoy mismo

La versión Beta de Thunderbird para Android ya está disponible y tu puedes ayudar a pulir los posibles problemas encontrados. Las pruebas beta ayudan a encontrar errores críticos y aspectos que queden por corregir que podemos pulir en las próximas semanas.

¡Cuantas más personas prueben la versión beta y se aseguren de que todo lo que figura en la lista de verificación de pruebas funciona correctamente, mejor!

Este artículo es una traducción/adaptación del artículo original en inglés escrito por Monica Ayhens-Madon en la página oficial del proyecto Thunderbird, que puedes leer aquí:

• https://blog.thunderbird.net/2024/09/help-us-test-the-thunderbird-for-android-beta/

Se parte de Thunderbird participando en las pruebas

¡Cualquiera puede ser probar la versión beta! Tanto si ya tienes eperiencia o nunca antes has probado una imagen beta, la comunidad de Thunderbird quiere ponértelo fácil ya que su objetivo es hacer que las pruebas sean rápidas, eficientes y, con suerte, divertidas.

El plan de lanzamiento es el siguiente y ojalá se cumpla y no haya eventos graves que lo obstaculicen:

• 30 de septiembre: primera beta de Thunderbird para Android
• Tercera semana de octubre – primer versión candidata final de lanzamiento
• Cuarta semana de octubre: lanzamiento de Thunderbird para Android

Descarga la imagen Beta

Aquí tienes un par de opciones donde descargarte la versión Beta y empezar tus pruebas:

• Descarga Thunderbird Beta en Google Play Store
• Descarga la última versión preliminar desde nuestra página de lanzamientos de Github

Todavía están trabajando en la preparación de las versiones para F-Droid.

Cosas que probar en la versión Beta

Una vez que hayas descargado la versión beta de Thunderbird para Android, los puntos que habría que comprobar son los siguientes:

• Configuración automática (el usuario solo proporciona la dirección de correo electrónico y tal vez la contraseña)
• Configuración manual (el usuario proporciona la configuración del servidor)
• Leer mensajes
• Obtener mensajes
• Cambiar entre cuentas
• Mover correo electrónico a la carpeta
• Notificar por mensaje nuevo
• Editar borradores
• Escribir un mensaje
• Enviar un mensaje
• Acciones de correo electrónico: responder, reenviar
• Eliminar un correo electrónico
• NO experimentar pérdida de datos en estas acciones

Prueba el cambio de K-9 a Thunderbird para Android

Si ya estás usando K-9 Mail, puedes ayudar a probar una característica importante: transferir tus datos de K-9 Mail a Thunderbird para Android. Para hacer esto, deberás asegurarte de haber actualizado a la última versión beta de K-9 Mail.

Este proceso de transferencia es un paso clave para facilitar que los usuarios de K-9 Mail pasen a Thunderbird. Probar esto ayudará a garantizar una experiencia fluida y confiable para las futuras personas que realicen el cambio.

Las versiones posteriores incluirán además una forma de transferir la información desde Thunderbird Desktop a Thunderbird para Android.

Lo que no se está probando ahora

Sabemos que es tentador comentar todo lo que uno encuentre en la versión beta. Pero por ahora hay que ceñirse en los errores críticos, la lista de verificación anterior y los problemas que podrían impedir que los usuarios interactúen de manera efectiva con la aplicación, para que se pueda publicar una excelente versión final.

Dónde reportar lo encontrado

Puedes compartir tus comentarios en la lista de correo beta de Thunderbird para Android y también ver los comentarios de otras personas. Es fácil registrarse y compartir qué funcionó y, lo que es más importante, qué no funcionó de las tareas anteriores en tus pruebas.

Para los informes de errores, lo ideal es proporcionar tantos detalles como sea posible, incluidos los pasos para reproducir el problema, el modelo de tu dispositivo y la versión del sistema operativo, y cualquier captura de pantalla o mensaje de error que creas que puede ser relevante.

¿Quieres chatear con otros miembros de la comunidad, incluidos otros evaluadores y contribuyentes que trabajan en Thunderbird para Android? ¡Puedes unirte en Matrix!

¿Tiene ideas que te gustaría ver en futuras versiones de Thunderbird para Android? Mozilla Connect, es su sitio oficial para enviar y votar ideas.

Recently I was at EuroBSDCon, where several participants recognized that I am a POWER guy. And they were right, I have been an IBM POWER Champion focusing on open source software on POWER for the past three years.

I got the usual question from people: is there anyone working on an affordable and open source friendly POWER machine? My answer was a definite yes, but also had to admit that I do not know the actual status for any of the projects. I looked around again and did not find any updates for this year. Still, I collected some pointers, as these might be interesting also outside of the BSD community.

• The OpenPOWER foundation has a PowerPI special interest group, which plans to create a small and affordable POWER computer. https://openpowerfoundation.org/
• Raptor Computing announced on Twitter that they are working on new POWER machines, Talos III and Blackbird II: https://x.com/RaptorCompSys/status/1715147706061168822

It is almost the end of the year, so I am not sure if we will see any actual hardware this year, but I hope that we will have at least a couple of announcements before the end of the year.

By the way: if you want an open source friendly POWER machine now Raptor Computing is the place to go. Even if POWER 9 energy efficiency is not the best by today’s standards, they provide fully owner controlled computing using OpenPOWER, which is something completely unique in the world of computers.

Hace ya casi tres años que presenté eXeLearning, un editor de recursos educativos e interactivos de código abierto que te permite llevar tu actividades a otro nivel a la vez que compartirlos sin ningún tipo de restricción en multitud de formatos. Lo cierto es que me interesa mucho esta aplicación y he empezado a aprender mucho sobre ella, y es mi deber pagarlo mediante promoción. Hoy os traigo cómo crear un vídeo interactivo (Videoquext) con eXeLearning, un vídeo de Cedec_Intef .

Cómo crear un vídeo interactivo (Videoquext) con eXeLearning – Vídeo

Seguimos con eXeLearning, y en esta ocasión con un vídeo de Cedec_Intef, que no es más que el Centro Nacional de Desarrollo Curricular en Sistemas no Propietarios (Cedec), un organismo público español que promueve la transformación digital y metodológica de las aulas que pone a disposición de los docentes recursos educativos abiertos (REA) del Proyecto EDIA, elaborados por docentes en activo con la herramienta de software libre eXeLearning.

Pues bien, en el vídeo que os presento hoy se explica en varios pasos cómo crear un vídeo interactivo (Videoquext) con eXeLearning, es decir, un juego de preguntas rápidas con varias respuestas sobre un vídeo.

¿Qué es eXeLearning?

Para los que no lo conozcan, eXeLearning es un editor de recursos educativos e interactivos de código abierto se caracteriza por:

• Permite crear contenidos educativos de una manera sencilla
• Descarga fácil y gratuita desde su web.
• Está disponible para todos los sistemas operativos.
• Nos pemite catalogar los contenidos y publicarlos en diferentes formatos:
  • Sitio web navegable y adaptable a diferentes dispositivos (responsive design).
  • Estándar educativo, para trabajar con Moodle y otros LMS.
  • Página HTML única para imprimir cómodamente tu trabajo.
  • ePub3 (libro electrónico), etc.
• Ofrece diferentes diseños a elegir desde el menú, además de la posibilidad de crear diseños propios.

Con eXelearnig se puede crear todo tipo de actividades entre las que destaco rellenar huecos, pregunta de elección múltiple, pregunta de selección múltiple, pregunta verdadero-falso, cuestionario SCORM o actividad desplegable.

Además, y este es uno de los principales usos que hago de esta aplicación, nos permite crear rúbricas de forma sencilla, así como incluir recursos realizados con otras aplicaciones. Por ejemplo, Jclic, Descartes, Scratch, Geogebra, Physlets…

La entrada Cómo crear un vídeo interactivo (Videoquext) con eXeLearning – Vídeo se publicó primero en KDE Blog.

A baixo as principais novidades da versão 2024.4.0 da tecnologia openVINO.
Mais cobertura para Gen AI e integrações de frameworks para minimizar alterações de código

• Suporte para os modelos GLM-4-9B Chat, MiniCPM-1B, Llama 3 e 3.1, Phi-3-Mini, Phi-3-Medium e YOLOX-s.
• Notebooks de destaque adicionados: Florence-2, Extração de Estrutura NuExtract-tiny, Geração de Imagens Flux.1, PixArt-α: Síntese de Texto para Imagem Fotorrealista, e Phi-3-Vision Assistente Visual de Linguagem.

Maior suporte para modelos LLM e mais técnicas de compressão de modelos

• OpenVINO Runtime otimizado para as matrizes sistólicas Intel® Xe Matrix Extensions (Intel® XMX) em GPUs integradas, proporcionando uma multiplicação de matrizes eficiente, resultando em um aumento significativo de desempenho em LLM com melhorias na latência do 1º e 2º tokens, além de uma menor utilização de memória nos processadores Intel® Core Ultra (Série 2).
• Compartilhamento de memória habilitado para NPUs em processadores Intel® Core Ultra (Série 2) para integração de pipelines eficiente, sem sobrecarga de cópia de memória.
• Adição do recurso PagedAttention para GPUs discretas, permitindo um aumento significativo no throughput para inferência paralela ao servir LLMs nas placas gráficas Intel® Arc ou Intel® Data Center GPU Flex Series.

Mais portabilidade e desempenho para executar IA na borda, na nuvem ou localmente

• Suporte para processadores Intel® Core Ultra Série 2 no Windows.
• O OpenVINO Model Server agora vem com suporte em nível de produção para API compatível com OpenAI, o que possibilita uma taxa de transferência significativamente maior para inferência paralela em processadores Intel® Xeon® ao servir LLMs para muitos usuários simultâneos.
• Desempenho e consumo de memória aprimorados com cache de prefixo, compressão de cache KV e outras otimizações para servir LLMs usando o OpenVINO Model Server.
• Suporte para Python 3.12.
• Suporte para Red Hat* Enterprise Linux* (RHEL) versões 9.3 – 9.4.

Baixar a versão 2024.4
Baixe agora a última versão.

No es ninguna novedad. Nos están robando Internet y debemos hacer algo al respecto. Lo que solía ser un espacio de hacking colaborativo y divertido ahora está gobernado por corporaciones y multimillonarios narcisistas.

Este artículo es una traducción/adaptación de un artículo en inglés escrito por Luis Falcón (creador de GNU Health) y publicado en su web, que puedes leer en este enlace:

• https://my.gnusolidario.org/2024/09/26/time-to-take-back-the-internet/

He querido (con el permiso de su autor) traducir el artículo y publicarlo en mi blog para difundir un mensaje que me parece muy acertado y necesario en el internet que estamos viviendo hoy en día.

Es una crítica a un modelo digital y social, en el que hemos cedido un terreno en la red a un puñado de grandes corporaciones que a día de hoy acaparan todo el pastel. Nos ponemos en sus manos y hemos cedido en derechos digitales, tanto a nivel de software como de hardware.

Espero que disfrutéis de la lectura y sirva de tema de debate sobre los retos a los que estamos enfrentados en nuestra «civilización digital». Tienes la sección de comentarios de blog, para que, con educación compartas, tu punto de vista. Empezamos…

Las redes sociales privativas centralizadas se han convertido en un espacio para el odio, la discriminación y la propaganda. Los mensajes que ves son los que ellos (las personas o persona que es la propietaria de esa red social) quieren que veas. Tus datos ya no son tuyos. Se han convertido en una enorme máquina de control del pensamiento. Lees lo que ellos quieren que leas y, al final, terminarás escribiendo y haciendo lo que ellos quieren que escribas y hagas. Es cuestión de tiempo y dinero, y tienen ambos.

Estas redes sociales impulsadas por grandes corporaciones son engañosas. Nos hacen caer en suposiciones falsas, en una realidad distorsionada. Este engaño afecta tanto a individuos como a organizaciones. Por ejemplo, en GNU Solidario y GNU Health luchamos por la Medicina Social y por los derechos de los animales humanos y no humanos.

Cuando queremos compartir un evento, hacer una campaña de recaudación de fondos o denunciar violaciones de derechos humanos o animales queremos que el mensaje llegue al mayor número de personas posible. Podríamos pensar, ¿por qué no compartirlo con nuestros seguidores en Twitter/X?

La experiencia dice que las redes sociales corporativas realmente no han marcado una diferencia en los resultados. Promocionarán o “prohibirán en la sombra” el mensaje dependiendo de quién lo escribió. Se pueden adivinar los resultados para aquellas personas que luchan contra el capitalismo neoliberal.

La presión social existe y no es fácil superarla. Muchas personas temen que abandonar las redes sociales centralizadas y privativas que han estado utilizando durante años resulte en la pérdida del estatus y los contactos que han construido a lo largo de los años. Una vez más, no es gran cosa. Y tenemos una gran noticia: ¡existen alternativas descentralizadas e impulsadas por la comunidad!

Algunas de esas alternativas son Mastodon, Friendica o Diaspora. No sólo las redes sociales, hoy existe una alternativa de software libre a prácticamente cualquier solución privativa (buscadores, programas científicos, multimedia, paquetes ofimáticos, bases de datos, juegos…)

Existe una correlación entre software libre, libertad y privacidad. Cuanto más software libre, más libertad y privacidad disfrutarás. También se aplica lo contrario: el software privativo es inversamente proporcional a nuestra libertad, tanto a nivel individual como colectiva. No hay transparencia, ni privacidad, ni control, ni derechos en aplicaciones, redes o nubes privativas.

En las últimas décadas, los gigantes tecnológicos han estado ocupados en una campaña para desmantelar la filosofía y la comunidad del software libre. El eufemismo de “código abierto” es uno de ellos. Richard Stallman (creador del proyecto GNU y de la Free Software Foundation) nos viene advirtiendo sobre los peligros del “Open Source”.

Las sociedades libres se construyen con software libre, no con código abierto. Sé que algunos miembros de la comunidad del software libre utilizan ambos términos indistintamente, pero estoy convencido de que utilizar los términos de “software libre” no sólo proporciona software, sino también libertad a nuestra sociedad.

Internet ya no es divertido ni empático. Se ha convertido en un entorno hostil y tóxico, el medio para corporaciones y élites que aumentan la concentración de poder, el gradiente social y crean sociedades muy injustas. Utilizan nuestros datos para controlar a individuos y gobiernos. Ciertamente no queremos ser parte de eso.

Es nuestro deber moral recuperar el espíritu de solidaridad que Stallman entregó a finales de los 80 y que hizo posible el movimiento GNU, los mejores sistemas operativos, lenguajes de programación, servidores web y motores de bases de datos para todos. El proyecto GNU fue la inspiración para proyectos como GNU Health, que ayuda a millones de personas en todo el mundo, brindando libertad y equidad en la atención médica.

Al final, depende de nosotros adoptar redes sociales federadas e impulsadas por la comunidad y aplicaciones de software libre. Millones de individuos, activistas, proyectos de software libre, ONG e incluso la Unión Europea ya se han unido a Fediverse y Mastodon. Sólo hace falta un empujón inicial para romper la presión social y liberarnos a nosotros mismos y a nuestras sociedades.

Citando a las personas de GNUnet: “Rompiste Internet… construiremos uno GNUevo”.

Welcome to the monthly update for Tumbleweed for September 2024! This month, the rolling-release model has kept pace with numerous important updates and bug fixes. PostgreSQL received a major update moving to 17 and text shaping engine harfbuzz had a major update to version 10. Packages like systemd, git, bash and qemu were also updated this month in the rolling release. Various packages saw CVE fixes and desktop components for GNOME and KDE were also updated. As always, remember to roll back using snapper if any issues arise.

Happy updating and tumble on!

Should readers desire more frequent information about snapshot updates, they are encouraged to subscribe to the openSUSE Factory mailing list.

New Features and Enhancements

• Linux Kernel 6.11.0: The latest update brings reversion of the PCI ACS configurability extension to address an issue bsc#1229019. Key updates in the release include a fix to the block subsystem, resolving how the scheduler is handled in elv_iosched_local_module. A correction was made in the AMD GPU display driver to address a mistake from a previous revert related to bsc#1228093. Updates also include refreshed ALSA patches to enhance power management blacklist options. The improvements are expected to provide greater stability and performance for various hardware configurations.
• postgresql17: This major release provides key improvements like a revamped memory management system for vacuum, boosting efficiency by reducing memory usage by up to 20x along with optimized processing for high concurrency workloads. Version 17 also enhances query execution with faster processing using B-tree indexes and parallel BRIN index builds. Developers benefit from the addition of the SQL/JSON JSON_TABLE command and expanded MERGE capabilities, as well as a 2x speed improvement in data exports with the COPY command. Logical replication now simplifies major version upgrades by eliminating the need to drop replication slots, improving ease of use in high availability setups. The software package further enhances database security and operational management, with new TLS options, incremental backups, and detailed monitoring tools.
• harfbuzz 10.0.1: Significant fixes were made for the text shaping engine including support for Unicode 16.0.0. The version has a new Application Programming Interfaces that allows clients to customize glyphs when a Unicode Variation Selector isn’t supported by the font, as well as a callback for getting table tags from hb_face_t. Updates also address pair positioning lookup subtable application for compatibility and ensure subsetting fails if no glyphs are present to prevent silent errors.
• GNOME 46.5: gnome-shell now addresses issues with smartcard logins, fixes glitches when quick settings menu animations are interrupted, and resolves problems with new Wi-Fi connections for restricted users. It also ensures required animations remain enabled, fixes display of pending PAM messages on the login screen and plugs memory leaks. Un update of the gnome-software has a reduction in power usage when the main window is closed, along with translation updates..
• KDE Plasma 6.1.5: In Discover, snapType mapping is corrected, and Flatpak now properly reports extensions without errors. KWin addresses several crash scenarios, such as null dereference and input event handling from removed devices. Plasma Desktop includes fixes for keyboard navigation in Kickoff, task list alignment in RTL mode and it has proper handling of background icons and test windows. Plasma Workspace enhances touchscreen interaction, system tray tooltips and clipboard functionality. Additional fixes included targeted crashes in hotplugging and svg rendering, while SDDM KCM improves state management.
• Frameworks 6.6.0: Attica adds CI jobs for Alpine/musl, while Baloo sets up crash handling for baloo_file. New icons are introduced in Breeze. KCoreAddons improves dbus error handling and licensing, and KDeclarative adjusts rendering for better DPI positioning. KIO resolves issues with restoring trash entries and enhances service menu handling. KTextEditor receives performance optimizations and additional C++ porting for sorting and unique functionalities. Kirigami continues to improve icon handling and toolbars, while KNewStuff and KWalletf ocus on making shared actions more reliable and enhancing crash handling.
• KDE Gear 24.08.1: Akademy 2024 Videos are out, but a lot of efforts went into last month’s conference. Akonadi resolves a crash related to query cache eviction and fixes configuration file handling. Dolphin improves usability with fixes for button functionality and file list resizing, while Elisa enhances its Now Playing view and toolbar layout. Itinerary and Kalarm both receive updates for better dark mode handling and audio alarm functionality. Kdenlive addresses multiple timeline and rendering issues, optimized keyframe handling and fixes several bugs related to effects and transitions. Kate adds support for the Odin language in its formatter and Okular now sets tooltips for forms.

Key Package Updates

• git 2.46.1: A clarification has been made to git checkout --ours to inform users they need to specify paths, avoiding confusion. An issue with git add -p failing for users with diff.suppressBlankEmpty was corrected. Additionally, git notes add -m '' --allow-empty no longer improperly invokes an editor, and unnecessary re-encoding operations for tracing have been removed.
• qemu 9.1.0: The update introduces new migration capabilities, such as compression offload support via Intel In-Memory Analytics Accelerator (IAA) or User Space Accelerator Development Kit (UADK) and improved postcopy failure recovery. RISC-V architecture also sees support for several extensions, while x86 adds KVM support for AMD SEV-SNP guests and emulation for newer Intel CPU models like Ice Llake and Sapphire Rapids.
• systemd 256.6: This version no longer attempts to restart udev socket units, addressing issue bsc#1228809 where safely restarting socket-activated services and their socket units simultaneously was problematic.
• pipewire 1.2.4: The update addresses a crash during the cleanup of globals and enhances the RequestProcess dispatch mechanism. The Simple Plugin API framework now uses systemd-logind to detect new devices. Pulse-Code Modulation device handling is also improved.
• GStreamer 1.24.8: The multimedia framework package improves handling in decodebin3 and encodebin for better media decoding and smart rendering, respectively. Enhancements for proper viewport resizing when video size changes were made and audio stream enhancements were made for better compatibility with Firefox. There were some stability fixes for wayland including crash prevention and Application Binary Interface corrections.
• Mesa 24.1.7: This release continues to support OpenGL 4.6 and Vulkan 1.3, though the version reported depends on the specific driver used. Key bug fixes include resolving issues with smartcard logins, race conditions when generating enums, and artifacts in games such as Black Myth Wukong and DCS World with certain GPUs.
• GTK4 4.16.1: This GTK Scene Graph Kit layer sees speed optimizations for Vulkan operations, reduces startup time by skipping unnecessary GL and Vulkan initialization and fixes a crash related to certain Vulkan drivers. Memory format conversions in GIMP Drawing Kit are now faster. The builder-tool has also been improved for better box conversion.
• bash 5.2.37: This update has key patches to address issues such as an incorrect handling of quoted text during auto-completion and multibyte character handling in readline. The update resolves system compatibility with select and pselect availability and fixes a parsing issue in compound assignments during alias expansion. A typo in the autoconf test affecting strtold availability when compiled with GNU Compiler Collection 14 was corrected.
• vim 9.1.0718: One notable fix in the text editor resolves issues with personal Vim runtime directory recognition. The update also addresses unnecessary NULL checks in parse_command_modifiers() and corrects color name parsing errors introduced in a previous version. Other improvements include updates to syntax highlighting for various file types such as HCL, Terraform, and tmux. Performance improvements were also made to include the more efficient inserting with a count and resolving cursor position crashes.

Bug Fixes

• curl 8.10.0:
  • CVE-2024-8096 may have incorrectly validated certificates using Online Certificate Status Protocol stapling, ignoring certain errors like ‘unauthorized’.
• OpenSSL:
  • CVE-2024-41996 was fixed, which could have allowed remote attackers to trigger costly server-side DHE calculations via public key order validation in Diffie-Hellman.
• postgresql17
  • CVE-2024-7348 fixes a race condition that could allow attackers to execute arbitrary SQL as the user running pg_dump.
• python311: This package fixed a few CVE’s. Here are a couple of fixes
  • CVE-2024-4030 had a fix to ensure Unix “700” permissions are applied to secure the directory.
• tiff 4.7.0:
  • CVE-2023-52356 had a segmentation fault allowing remote attackers to trigger a heap-buffer overflow that could cause a denial of service.
  • CVE-2024-7006 had a null pointer dereference in that could trigger application crashes and cause denial of service.
• LibreOffice 24.8.1.2
  • CVE-2024-5261 was fixed that disabled TLS certificate verification, allowing improper certificate validation during document processing in third-party components.
• Mozilla Firefox 130.0.1:
  • This release fixes several CVEs. One of the most critical fixes involves CVE-2024-8385, where a WASM type confusion issue could lead to exploitable vulnerabilities. Another significant fix is for CVE-2024-8381, which could trigger a type confusion vulnerability when looking up property names within a “with” block. CVE-2024-8388 fixed an issue where fullscreen notifications could be hidden on Android devices, potentially leading to UI spoofing attacks. Two memory safety bugs, CVE-2024-8387 and CVE-2024-8389, were also patched.
• apr 1.7.5:
  • CVE-2023-49582 had shared memory permissions that could expose sensitive data to local users.

Conclusion

September 2024 brings important updates for Tumbleweed users. Security fixes across packages like PostgreSQL, libtiff, and LibreOffice ensure stability and security. Significant improvements were made in tools like systemd, git, and qemu, enhancing performance and compatibility. Noteworthy updates in PostgreSQL 17 and Harfbuzz 10 also bring major enhancements, contributing to a more robust and refined rolling release environment.

Stay updated with the latest snapshots by subscribing to the openSUSE Factory mailing list. For those Tumbleweed users who want to contribute or want to engage with detailed technological discussions, subscribe to the openSUSE Factory mailing list . The openSUSE team encourages users to continue participating through bug reports, feature suggestions and discussions.

Contributing to openSUSE Tumbleweed

Your contributions and feedback make openSUSE Tumbleweed better with every update. Whether reporting bugs, suggesting features, or participating in community discussions, your involvement is highly valued.