Nano, VirtualBox update in Tumbleweed

A steady pace of openSUSE Tumbleweed snapshots arrived to users this week and there were tons of conversation on the openSUSE Factory mailing list regarding plans to advance the rolling release’s microarchitecture and discussions about the mitigation plan/call for help.

The changes to x86-64-v2 are expected to take place in the first quarter of the 2023 new year and forthcoming changes will be communicated on both the mailing list and blog.

A single package arrived in snapshot 20221128. The Skype plugin for chat client Pidgin, skype4pidgin, updated to version 1.7. The plugin fixed the loss of admin rights when joining a room, problems with file transfers through the client and issues where people were not appearing as being online.

An update of gawk 5.2.1 arrived in snapshot 20221127. The utility fixed issues with the debugger, dropped a few patches and addressed some subtle issues with untyped array elements being passed to functions. The general purpose cryptographic library package libgcrypt, which is based on code from GnuPG, updated to version 1.10.1 and fixed minor memory leaks. The package was updated to improve support for PowerPC architectures and it added the hardware optimizations configuration file hwf.deny to the /etc/gcrypt/ directory. There was also a git+ update of kdump, an update of heaptrack 1.4.0, iputils 20221126 and libeconf 0.4.9, which added new Application Programming Interface calls and fixed some compiling issues.

Snapshot 20221126 updated five packages. A memory leak and buffer overflow were fixed in the libpng16 1.6.39 update. Some code cleanup was made with the libstorage-ng 4.5.53 update and libzypp 17.31.6 avoids calling getsockopt when info is already known and the patch is expected to fix logging on Windows Subsystem for Linux. An upgrade of macros were made for both the coming Leap 15.5 and Fedora 37 in manpages-l10n 4.16.0. An update of python-setuptools 65.6.3 fixed logging errors and improved the reproducibility of clib builds by sorting the sources.

A major version update of text editor nano updated in snapshot 20221125. Nano 7.0 allows for unicode codes to be entered (via M-V) without leading zeroes and by finishing short codes. The new major version now allows string binds containing bindable function names between braces. The braced function names may be mixed with literal text. Nano was not the only text editor to update in the snapshot. An update of vim 9.0.0924 freed memory when executing mapclear, unmenu and delfunc at the more prompt. The package also fixed Amazon Web Services configuration files that were not recognized. An update of video media player VLC 3.0.18 fixed color regression and some rendering and performance issues with older GPUs. Several more packages were update in the snapshot including apparmor 3.1.2, image processing framework gegl 0.4.40, openvpn 2.5.8 and more.

The email announcement for snapshot 20221124 was not sent due to an error with the preparation of the changelog, but the snapshot did go out.

The 7.0.4 version update of virtualbox arrived in snapshot 20221123. The new major version had multiple Graphical User Interface changes to include fixing a regression in the new virtual machine wizard. Oracles’ VM package also added support for the Secure Boot feature. An update of sudo 1.9.12p1 fixed a Common Vulnerability and Exposure that had the potential out-of-bounds write for passwords smaller than eight characters when the password authentication is enabled. CVE-2022-43995 does not affect configurations that use other authentication methods like PAM, AIX authentication or BSD authentication. An update of mariadb 10.10.2 had InnoDB storage crash recovery fixes and improved optimization of joins with many tables, including eq_ref tables.