MariaDB, VLC, Plopper, Apache Packages Update in Tumbleweed
29. Aug 2019 | Douglas DeMaio | No License
There have been three openSUSE Tumbleweed snapshots released this week.
The snapshots brought new versions of VLC, Apache, Plopper and an update of the Linux Kernel.
Snapshot 20190824 delivered a fix that was made to the swirl option, which produced an unexpected result, with the update of ImageMagick’s 126.96.36.199 version. Improved adaptive streaming and a fix for stuttering for low framerate videos became available in VLC 3.0.8; 13 issues, including 5 buffer overflows we fixed and 11 Common Vulnerabilities and Exposures were assigned and addressed in the media player version. More than a handful of CVEs were addressed with the apache2 2.4.41 update. One of the CVEs addressed was that of a malicious client that could perform a Denial of Services attack by flooding a connection with requests and basically never reading responses on the TCP connection. The new version also improves the balancer-manager protection against XSS/XSRF attacks from trusted users. The x86 emulation library fixed a compiler warning in the 2.4 version and the X11 RandR utility updated the geometry text file configure.ac for gitlab migration with the xrandr 1.5.1 version. The snapshot is trending at a rating of 86, according to the Tumbleweed snapshot reviewer.
The HP Linux Imaging and Printing package hplip 3.19.6 added support for several new color and enterprise printer, which was released in snapshot 20190823. The Linux Kernel was updated to version 5.2.9 and offered more than a handful of commits for the Direct Rendering Manager for AMD hardware and offered some memory leak bugs related to the Advanced Linux Sound Architecture. The utility library for rendering PDFs, poppler, also fixed some memory allocation in the PostScriptFunction with version 0.79.0; the version also fixed regressions on TextSelectionPainter. Minor updates were also made in the snapshot for xfce4-settings 4.14.1 and yast2-fonts 4.2.1, yast2-instserver 4.2.3 and yast2-support 4.2.2 all had changes related to a newer Ruby version. The snapshot is trending at a rating of 84, according to the Tumbleweed snapshot reviewer.
The first snapshot of the week, 20190822, updated five packages. MariaDB’s 10.3.17 package had the most changes in the snapshot and provided merge relevant storage engine changes from MySQL 5.7.27 as well as five CVE fixes. Small bug fixes and fuzzer fixes were made to libetonyek 0.1.9. GNOME’s photo manager shotwell 0.30.7 fix compatibility with programming language Vala 0.46. The other two package updates were libsrtp2 2.2.0 and rubygem-sassc 2.1.0. The snapshot recorded a rating of 78, according to the Tumbleweed snapshot reviewer.
Categories: Announcements Tumbleweed Weekly News
Tags: AMD Apache CVE DoS gitlab GNOME hplip imagemagick kernel Linux mariadb mysql openSUSE Tumbleweed pdf plopper storage engine vala VLC xrandr yast