Language Selection

English French German Italian Portuguese Spanish

Tumbleweed Rolls with Package Updates of Git, Virtualbox, OpenSSH

Filed under
SUSE

openSUSE’s rolling release Tumbleweed had a total of five snapshots this week and is preparing for an update to the KDE Plasma 5.14.4 packages in forthcoming snapshots.

The five Tumbleweed snapshots this week brought the 5.19.5 Linux Kernel, which was the only package updated in the 20181130 snapshot. The kernel-source 4.19.5 package added a force option for the pciserial device for x86 architecture and fixed HiperSockets sniffer for s390 architecture.

The most recently released snapshot, 20181204, had more than a dozen packages updated. GNOME’s application for manage their Flickr image hosting accounts, frogr 1.5, fixed issues with the content and installation of the AppData file and moved the functionality menu. GNOME’s goffice had a version bump to 0.10.44. Various rubygem packages were updated and the most significant change was of the packages was that rubygem-pry 0.12.2 dropped support for Rubinius. Both python-boto3 1.9.57 and python-botocore 1.12.57 had multiple application programming interface (API) changes. The obs-service-set_version 0.5.11 package needed “python suff” and now allow running tests with python3.

The first snapshot to arrive in December was snapshot 20181203. Among the package changes were an update to checkmedia 4.1, which fixed digest calculation in tagmedia, GNOME’s framework for media discovery grilo 0.3.7, and distributed compiler icecream 1.2, which made load calculations better and also cleaned up the general code. A python-docutils build dependency was added with cifs-utils 6.8 and elfutils 0.175 fixed three Common Vulnerabilities and Exposures issues. Major changes came with the man 2.8.4 package. One of the changes relies on decompressors reading from their standard input rather than redundantly passing them the input file on their command line; this works better with downstream AppArmor confinement of decompressors. Virtualbox 5.2.22 fixed a regression in the Core Audio backend causing a hang when returning from host sleep when processing input buffers and webkit2gtk3 2.22.4 fixed serval crashes and rendering issues and Fix a crash when using graphics library Cairo versions between 1.15 and 1.16.0.

Read more

"Five openSUSE Tumbleweed Snapshots"

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

today's howtos

Get started with Roland, a random selection tool for the command line

There seems to be a mad rush at the beginning of every year to find ways to be more productive. New Year's resolutions, the itch to start the year off right, and of course, an "out with the old, in with the new" attitude all contribute to this. And the usual round of recommendations is heavily biased towards closed source and proprietary software. It doesn't have to be that way. Here's the seventh of my picks for 19 new (or new-to-you) open source tools to help you be more productive in 2019. Read more

Nginx vs Apache: Which Serves You Best in 2019?

For two decades Apache held sway over the web server market which is shrinking by the day. Not only has Nginx caught up with the oldest kid on the block, but it is currently the toast of many high traffic websites. Apache users might disagree here. That is why one should not jump to conclusions about which web server is better. The truth is that both form the core of complete web stacks (LAMP and LEMP), and the final choice boils down to individual needs. For instance, people running Drupal websites often call on Apache, whereas WordPress users seem to favor Nginx as much if not more. Accordingly, our goal is to help you understand your own requirements better rather than providing a one-size recommendation. Having said that, the following comparison between the two gives an accurate picture. Read more

Security: Updates, 'Smart' Things, Android Proprietary Software and Firefox Woes on Windows

  • Security updates for Friday
  • How Do You Handle Security in Your Smart Devices?
    Look around your daily life and that of your friends and family, and you’ll see that smart devices are beginning to take over our lives. But this also means an increase in a need for security, though not everyone realizes it, as discussed in a recent article on our IoT-related site. Are you aware of the need for security even when it’s IoT-related? How do you handle security in your smart devices?
  • A Vulnerability in ES File Explorer Exposes All of Your Files to Anyone on the Same Network
  • 2018 Roundup: Q1
    One of our major pain points over the years of dealing with injected DLLs has been that the vendor of the DLL is not always apparent to us. In general, our crash reports and telemetry pings only include the leaf name of the various DLLs on a user’s system. This is intentional on our part: we want to preserve user privacy. On the other hand, this severely limits our ability to determine which party is responsible for a particular DLL. One avenue for obtaining this information is to look at any digital signature that is embedded in the DLL. By examining the certificate that was used to sign the binary, we can extract the organization of the cert’s owner and include that with our crash reports and telemetry. In bug 1430857 I wrote a bunch of code that enables us to extract that information from signed binaries using the Windows Authenticode APIs. Originally, in that bug, all of that signature extraction work happened from within the browser itself, while it was running: It would gather the cert information on a background thread while the browser was running, and include those annotations in a subsequent crash dump, should such a thing occur.