Language Selection

English French German Italian Portuguese Spanish

Mesa, VirtualBox, Ceph, NetworkManager Packages Update in Tumbleweed

Filed under
SUSE

Three openSUSE Tumbleweed snapshots have been released in the first four days of June, which bring several minor package updates to the rolling release.

The 20190604 snapshot brought babl 0.1.64, which provided some code consistency, gitlab Continuous Integration (CI), autotools and meson build improvements. An accident in naming caused the 0.3.2 version of bubblewrap to become version 0.3.3. However, bubblewrap 0.3.3. did address a Common Vulnerabilities and Exposures (CVE), provided a few smaller fixes and added the JSON Application Programming Interface (API) that allows reading the inner process exit code. GNU Compiler Collection 8 had some updates that included a couple patches with one that makes builds without profiling reproducible. Generic Graphics Library gegl 0.4.16 also added gitlab CI and uses a custom allocator for tile data, which aligns data and groups allocations in blocks; this was achieved on Linux by using the GNU extension malloc_trim to permit forcing invocation of the glibc malloc/free allocators garbage collection function. Oracle’ virtualbox 6.0.8 had a minor maintenance release that fixed a crash when powering off a Virtual Machine without a graphics controller and xorg-x11-server 1.20.5 fixed some input. The snapshot is currently trending at a 96 rating, according to the snapshot reviewer.

Snapshot 20190603 updated Mesa and Mesa-drivers to version 19.0.5 and took care of some core code and drivers. NetworkManager 1.16.2 fixed some wrong permissions of the /var/lib/NetworkManager/secret_key file. Ceph’s minor version update disabled Link Time Optimisation in spec when being used. GNOME 3.32.2 had several package updates and fixes including the fix of a regression that caused the fonts category to go missing. Tumbleweed skipped over the 1.3.0 series of Flatpak directly to version 1.4.0. The major changes since 1.2.4 is the improved I/O use for system-installed applications, and the new format for pre-configured remotes. Glib2 2.60.3 updated translations and provided various fixes to small key/value support in GHashTable. Scripting language php7 7.3.6 added a missing curl_version and fixed several other bugs. The snapshot is currently trending at a 95 rating, according to the snapshot reviewer.

Read more

More in Tux Machines

today's leftovers

  • Warfork Letting Warsow Live On Under Steam

    Going back a decade one of the interesting open-source FPS games of its time was Warsow. Development on Warsow has seemingly been tremulous over the past few years (edit: though the core developer has recently released a new beta) for this Qfusion (Quake 2 code base) engine powered game that started in 2005, but now there is Warfork as a fork of Warsow that is being developed and also available via Steam.  Hitting Steam this past week was the release of Warfork for Windows, macOS, and Linux. The game is free to play and with it going up on Steam will hopefully attract new gamers to this shooter title who may not be otherwise following the open-source scene. 

  • KDE sprints in summer heat

    It was great to see many new faces at the Plasma sprint. Most of these new contributors were working on the Plasma and KDE Apps Ui and Ux and we definitely need some new blood in these areas. KDE's Visual Design Group, the VDG, thinned out over the last two years because some leading figures left. But now seeing new talented and motivated people joining as designers and Ux experts I am optimistic that there will be a revival of the golden time of the VDG that brought us Breeze and Plasma 5. In regards to technical topics there is always a wide field of different challenges and technologies to combine at a Plasma sprint. From my side I wanted to discuss current topics in KWin but of course not everyone at the sprint is directly working on KWin and some topics require deeper technical knowledge about it. Still there were some fruitful discussions, of course in particular with David, who was the second KWin core contributor present besides me. As a direct product of the sprint my work on dma-buf support in KWin and KWayland can be counted. I started work on that at the sprint mostly because it was a feature requested already for quite a long time by Plasma Mobile developers who need it on some of their devices to get them to work. But this should in general improve in our Wayland session the performance and energy consumption on many devices. Like always such larger features need time so I was not able to finish them at the sprint. But last week I landed them.

  • My Free Software Activities in July 2019

    Welcome to gambaru.de. Here is my monthly report that covers what I have been doing for Debian. If you’re interested in Java, Games and LTS topics, this might be interesting for you.

Proprietary Traps and Failures

  • U.S. Customs System Back Online ... After Massive Failure
                       
                         

    It appears the entire computer system for the U.S. Customs and Border Protection has failed.  

  •                  
  • Arkansas School Safety Efforts Aided by Mobile App [iophk: fraud, waste, abuse]
                       
                         

    Geofencing is the use of GPS or radio-frequency identification technology to create a virtual geographic boundary, enabling software to trigger a response when a mobile device enters or leaves a particular area or, in the case of the Rave Panic Button app, to pinpoint a caller's exact location through a virtual map of the campus.  

                         

    "When there is an incident on campus and (the authorized user) activates one of the five panic buttons," French said, "it immediately sends a text, email, and an in-app notification providing situational awareness to all the other staff members on campus. It then provides a direct dial into the 911 dispatch center."

  • Skype Snap Gets First Update in 6 Months, Plus a New Icon

    The popular VoIP sat unloved, with no stable updates, for six whole months. Fast forward a few weeks from calling them out and I’m pleased to report that whatever blockage was lodged in the build machine pipe-work has been well and truly flushed out. Not only is the Skype Snap app once again up to date on the Snapcraft store — hurrah! — but some freshly prepared ‘insider’ builds are available for the more adventurous to play with — double hurrah!

today's howtos and programming bits

Security: Open Source Security Podcast, Screwed Drivers, and Voting Machines

  • Open Source Security Podcast: Episode 157 - Backdoors and snake oil in our cryptography

    Josh and Kurt talk about snakeoil cryptography at Black Hat and the new backdoored cryptography fight. Both of these problems will be with us for a very long time. These are fights worth fighting because it's the right thing to do.

  • Screwed Drivers – Signed, Sealed, Delivered

    Our analysis found that the problem of insecure drivers is widespread, affecting more than 40 drivers from at least 20 different vendors – including every major BIOS vendor, as well as hardware vendors like ASUS, Toshiba, NVIDIA, and Huawei. However, the widespread nature of these vulnerabilities highlights a more fundamental issue – all the vulnerable drivers we discovered have been certified by Microsoft. Since the presence of a vulnerable driver on a device can provide a user (or attacker) with improperly elevated privileges, we have engaged Microsoft to support solutions to better protect against this class of vulnerabilities, such as blacklisting known bad drivers.

  • Most states still aren’t set to audit paper ballots in 2020

    Despite some progress on voting security since 2016, most states in the US aren’t set to require an audit of paper ballots in the November 2020 election, according to a new report out this week from the Brennan Center for Justice.

    The report notes that experts and government officials have spent years recommending states adopt verifiable paper ballots for elections, but a handful still use electronic methods potentially vulnerable to cyberattacks. In 2016, 14 states used paperless machines, although the number today is 11, and the report estimates that no more than eight will use them in the 2020 election.