Tumbleweed Gets systemd-boot Support

This week openSUSE Tumbleweed snapshots continue to deliver software updates for users wanting to enhance their systems.

Updates in this week’s snapshots brought numerous changes, bug fixes and improved functionality.

With snapshot 20230926, the 2D graphics library cairo had its first stable release in five years with the 1.18.0 version update. The package includes support for Type 3 color fonts in PDF and has several optimizations including enhancing support for the Quartz surface and the removal of the XML surface. The snapshot also updates image editor ImageMagick; the 7.1.1.17 version modifies patches and introduces alternative configuration packages, eliminating a redundant dependency on p7zip. An update of libreoffice 7.6.1.2 resolves a crash issue when editing a date field, fixes animation effects for rectangles and fixes an accuracy problem with SUM() calculations. The new 4.4.0 version of transactional-update has a new setup-fips command and improved cleanup processes for snapshots created through various methods. Previously, only snapshots created by the transactional-update shell script were cleaned up. The update of yast2-bootloader 5.0.2 fixes issues in the testsuite for architectures other than x86_64 and introduces support for systemd-boot on x86_64, which can be enabled/disabled by the enable_systemd_boot flag in the product description file for each product. The update of yast2-installation 5.0.1 accommodates those changes in yast2-bootloader for systemd-boot experimental support. Several other packages were updated in the snapshot.

An update in snapshot 20230925 includes a package to make computer programs run faster; the highway 1.0.7 package introduces new features like LoadNOr, GatherIndexN, and ScatterIndexN. The new version also had fixes for WASM, GNU Compiler Collection 13, GCC 8.2, QEMU 7.2 and more. The GObject library interfacing with system block devices, udisks2, updates to version 2.10.0 and has improvements with changes to partitioning using libfdisk and has support for native NVMe devices. The package also enhances the handling of filesystems and adds new features like setting filesystem and partition UUIDs. The libHX 4.15 update introduces new functions for computing the Least Positive Residue and enhances the HX_strrtrim function to work with strings longer to improve its string manipulation capabilities. An update of the Library for manipulating block devices libblockdev had a major verison update to 3.0.2. The package improvements include using ntfsinfo for faster operations, brings extensive Application Programming Interface changes, removes certain plugins, and has new features like NVMe support. A few other packages updated in the snapshot.

An update of bind 9.18.19 arrived in snapshot 20230922. The update of this DNS protocol package fixes a few Common Vulnerabilities and Exposures. Both CVE-2023-3341 and CVE-2023-4236 were fixed and the latter could occurs when handling DNS-over-TLS queries are under heavy load. This could have caused internal data structures to be incorrectly reused and potentially has an impact on the stability and reliability of the DNS server. The update of gtk4 4.12.2 prevents tooltips from crossing native boundaries in GtkTooltip and improves gradient matching and rendering in GSK. An update of the HP Linux Imaging and Printing package, hplip moved to version 3.23.5 and now supports several new printers and models like the HP Smart Tank series. An update of xwayland 23.2.1 provides a more stable and functional experience while adding a check to verify the existence of a function call. An update of Xen 4.17.2 implements two security fixes. CVE-2023-34322 addresses a security concern where the top-level shadow reference for 64-bit PV guests was dropped prematurely when dealing with memory shortages and may have lead to privilege escalation, Denial of Service (DoS), and information leaks. CVE-2023-20588 was the other vulnerability. Several other packages updated in the snapshot including ncurses 6.4.20230909, nodejs20 20.7.0, python-Pillow 10.0.1 and more.

With snapshot 20230921, ethtool 6.5 adds a feature to check the register dump for a specific driver and fixes a few issues like some problems with certain settings and an empty slot search issue. The iproute2 6.5 package, when using the rdma command will report the device protocol, which can be handy. When using iplink, it doesn’t use all the options provided and can give an error message. The Linux Kernel updates in the snapshot as kernel-source 6.5.4 improves the handling Server Message Block 3 requests after reconnects, has driver fixes and enhancements related to clocks and drivers for various hardware components. The update of lvm2 2.03.22 fixes report field types for better data accuracy and enhancing Virtual Data Optimizer and ensures more efficient data management in Linux storage systems. The audio package pipewire updates to 0.3.80 and improves better synchronization of mixer I/O areas to prevent potential crashes. The update also has Advanced Linux Sound Architecture making smarter period-size selections for batch devices and provides enhancements in audio adapter tag and latency handling. PDF render poppler 23.09.0 improves digital signatures and now provides the key location for certificates to be signed.

Shortly after releasing last week’s review, snapshot 20230920 was released and it brought GNOME users a gift for the weekend. GNOME 45 brings several changes. A new activities button in the top bar has a dynamic workspace indicator, making it more user-friendly and replacing the old app menu. There is faster search performance across various apps and a new camera indicator in the top bar shows when the camera is in use. GNOME 45 introduces a new default image viewer that’s fast, clean and adaptive and the files app is now faster and more seamless with search. The GNOME Display Manager gdm 45.0.1 fixes a critical crash issue. Has numerous code cleanups and adds support for multi-seat configurations in Wayland. An update of Flatpak 1.15.4 was also in the snapshot. The package took care of two CVEs. CVE-2023-28101 has a fix for special characters that are now escaped when displaying permissions and metadata. This prevents malicious apps from manipulating the appearance of the permissions list using crafted metadata. With CVE-2023-28100, Flatpak app is run on a Linux virtual console and ioctl is no longer allowed. This security enhancement protects against potential vulnerabilities when using virtual consoles. There were several other packages updating in the snapshot, but the major version of postgresql 16 optimizes aggregate functions, and enhances sorting that leads to faster queries. The bulk loading performance saw up to a 300 percent improvement, according to its release announcement. The other major version in the snapshot was gedit 46.1, which resolved a build issue, updated its Flatpak and did some code refactorings to improve organization.